The General Data Protection Regulation


The GDPR: an overview

From May 2018, all organisations that handle the data of EU citizens will be required to comply with a single set of rules in relation to data governance, regardless of where the organisation is located. The introduction of the General Data Protection Regulation (GDPR) will dramatically change the way in which data is stored, shared and moved. The legislation will give individuals greater rights and control over their data by way of consent as well as the power to access, rectify or erase information held and the right to be informed.

With severe non-compliance penalties of up to the greater of EUR20 million or 4% of worldwide turnover, the GDPR will make organisations more accountable for their approach to data and the changes must be given appropriate consideration.

Complimentary breakfast briefing:
How to Prepare for the GDPR

Thursday, 21st September 2017 – 8am, Reading – Register your place.

Join us at our executive breakfast briefing events for C-level search professionals and hear from three specialist speakers on the latest developments to the GDPR. The events will cover the latest developments to the GDPR, the key areas for consideration and the steps you can take to minimise risk of non-compliance.



Exclusive Customer Event

Wednesday, 18th October 2017 – 8am, Reading – Register your place.

Invenias’ Andy Warren, Chief Information Security Officer and CFO, and Richard Harrison, CTO at Invenias, offer practical advice and guidance on how to prepare for the GDPR. The event will also cover the latest developments to the Invenias Platform and its dedicated features and functionality to assist with meeting the new requirements.


Latest blog – The Age of Consent: a GDPR Perspective

At our recent GDPR Breakfast Briefing in London, the legal basis for the processing of data appeared to be one of the more controversial elements of the new legislation. In his latest blog, ‘The Age of Consent: a GDPR Perspective’ Andy Warren, Invenias CFO and Chief Information Security Officer, directly addresses this hot topic and explores the relevance of consent and legitimate interest in satisfying the requirements of the GDPR.

The GDPR: What Does it Mean for Executive Search?

Download your guide, for an overview of changes, how they will impact the executive search profession and a checklist of things to consider to ensure you are compliant with the new legislation.



This guide should not be taken as a substitute for legal advice, but instead should provide a useful point of reference when preparing for the May 2018 deadline. More detailed information regarding the new regulations can be found at

A cautionary note

The foregoing provides only an overview and does not constitute legal advice. Readers are cautioned against making any decisions based on this material alone. Rather, specific legal advice should be obtained.

Countdown to the GDPR



Whilst the formal date for the legislation has been set as 25 May 2018, it is critical that we invest time in developing an awareness and understanding of the GDPR, so that we can plan and implement changes and ensure compliance with the new legislation.


Watch the on-demand webinar for an overview of the changes and some key areas for consideration prior to the May 2018 deadline.

Will the GDPR apply to organisations based outside the EU? And what steps can you take to prepare for the new legislation? Watch the on-demand webinar.

Most read

Constantine Karbaliotis, VP of Privacy Office Solutions at Nymity, encourages you to consider how your organisation would react to a difficult subject access request under the GDPR. Read his article:  The nightmare letter: a subject access request under GDPR 

Consent is not the silver bullet

GDPR – sorting the fact from the fiction

The GDPR, is it a game changer for executive search?

Privacy Shield – well this is awkward!

The GDPR: a hidden opportunity for executive search?

The latest guidance on consent from the ICO.

Click here for a list of frequently asked questions relating to the GDPR.