Last updated: 1 March 2026
RecruitSafe is a recruitment management platform designed for education settings in the United Kingdom. We are committed to protecting the privacy and security of personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Each organisation using RecruitSafe acts as the Data Controller for the personal data they process through the platform. RecruitSafe operates as a Data Processor on behalf of these organisations.
We process personal data under the following lawful bases: Legal obligation (statutory requirements for safer recruitment), Legitimate interests (safeguarding children), Contract (employment-related processing), and Consent (optional features such as Google Calendar integration).
Categories include: candidate personal details, pre-employment check data (DBS, references, online search, right to work, qualifications, prohibition and Section 128 checks, overseas checks), interview data, employment data, documents, user account data, audit data, and calendar data.
RecruitSafe may process special category data including data relating to criminal convictions and offences (DBS check outcomes), processed under Schedule 1 of the Data Protection Act 2018.
Personal data is retained in accordance with retention periods configured by each organisation. Organisations can set retention timeframes for candidates at each recruitment stage.
Measures include: TLS/HTTPS encryption, bcrypt password hashing, role-based access controls, session-based authentication, comprehensive audit logging, account locking, and secure file storage.
Personal data is not shared with third parties except where required by law, with Google (for calendar integration), or with infrastructure providers under data processing agreements.
Under UK GDPR: right of access (with SAR export feature), right to rectification, right to erasure, right to restrict processing, right to data portability, right to object, and rights related to automated decision-making.
RecruitSafe includes a built-in SAR export function for downloading comprehensive candidate data records.
RecruitSafe uses essential session cookies only. No analytics, tracking, or advertising cookies are used.
RecruitSafe does not directly process personal data of children. The platform processes data relating to adults applying for positions in education settings.
The Data Controller is responsible for ICO notification within 72 hours where applicable. RecruitSafe will notify the Data Controller without undue delay.
Contact the Data Protection Officer at your organisation, or the Information Commissioner's Office (ICO): Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Telephone: 0303 123 1113.
We may update this Privacy Policy from time to time. Material changes will be communicated through the platform.