Broadbean is committed to continuous improvement, ensuring we hold ourselves in compliance with all necessary regulatory standards including GDPR.

As data processors, Broadbean often hold Personal Data on behalf of our clients but we also recognise that different customers will have different requirements from our products in this regard.

We provide a range of configurations, tools and features to accommodate these different requirements in order to allow our clients to manage their data and compliance measures and effectively implement their own policies and compliance standards.

For example, we allow customers to define their own data retention periods appropriate to their business purpose and provide automated methods to remove expired data; provide extra ways to capture candidate consent or distribute privacy policies; and provide candidate detail retrieval, export and delete facilities for clients to manage their Data Subject Access Requests, Data Portability and Data Erasure rights.

Further information is available in our Data Processing Agreements and associated schedules and policies, listed below.

Data processing agreement: Direct Employers and RPO

What’s in it?

Obligations of Broadbean as a data processor

Obligations of data controllers we’re working with

The procedure in the case of a security breach

 Deletion/return of data and data retention procedures

Data processing agreement: Recruitment Agency

What’s in it?

Obligations of Broadbean as a data processor
Obligations of data controllers we’re working with
The procedure in the case of a security breach
Deletion/return of data and data retention procedures