Title

Autem vel eum iriure dolor in hendrerit in vulputate velit esse molestie consequat, vel illum dolore eu feugiat nulla facilisis at vero eros et dolore feugait

Tag Archive

The top 10 landmark employment law changes over the past 10 years

We’re continuing our theme of top 10s to celebrate our 10 years in business.  This time we’ve come up with a top 10 of notable employment law changes.  As we all know, employment law is constantly changing and when we looked back, we found that there have been some quite ‘iconic’ changes in recent years.   

Read More

Subject access requests and what you need to know

A DSAR is a right that individuals have under the Data Protection Act 2018 to request a copy of the data that an organisation holds about them.  The individual can request to see a copy of such data, as well as ask:

  • Why the data is being processed;
  • What type of data it is;
  • The recipients of that data;
  • How long it is stored;
  • How the data has been collected; and
  • Evidence to show that the data is being appropriately safeguarded.
Read More

GDPR – The Consent Trap

Having got past 25 May 2018, the day the GDPR came into effect, the flood of GDPR emails is beginning to diminish. But were all these emails necessary, and in particular, was it actually necessary to seek consent? In many cases it was not necessary to seek consent to “stay in touch”.

Under GDPR consent is one of 6 legal bases for processing data. In most cases, organisations will be able to rely on the “legitimate interests” ground to remain in contact with their contact list.

Read More

GDPR and Data Relating to Former Employees

The principles relevant to the retention of employee data under the General Data Protection Regulation (“GDPR”), which comes into effect on 25th May 2018, do not differ greatly from those under the current data protection regime.  

Under both the GDPR and the Data Protection Act 1998, personal data must be kept for no longer than is necessary for the purposes for which it is processed. However, the GDPR requires employers to be more transparent about their retention policies and includes additional rights for employees and greater penalties for non-compliance. 

Read More

GDPR seminar with guest speaker E_Radar

On Tuesday 13th March SCE Solicitors, with guest speaker Will Roebuck from E_Radar, held a full day workshop at our offices in Leeds, to explain the GDPR obligations for Employers.  The sell-out session was a huge success and received outstanding feedback. 

From the completed surveys –

• 80% said that the seminar met their expectations and the other 20% said that their expectations were met over and beyond.

• When asked about the style and content of the speakers 60% said that it was good and the other 40% said that it was excellent.

• All the attendees said that the workshop was relevant to their needs, with 60% of them saying it was very relevant.

• All the attendees said that they would recommend the workshop to colleagues.

When asked what they most enjoyed, one attendee said the “Guest Speakers – cleared up a number of questions”.  Other comments received included – 

“Simply delivered and comfortable group. Structured. Feel much less scared. Great day! Thankyou!”

 “Very informative. Good information, easy to understand – good handouts”

“Structured way forward in how to deal with employees for GDPR”

“Understanding my obligations and legal basis – start an action plan”

We also received numerous positive comments about the lunch and refreshments provided for the delegates.  We do like to look after clients.

Our top takeaway from the seminar was that – ‘Consent’ is only one lawful basis for processing, but there are alternatives. 

Consent is not inherently better or more important than these alternatives. Consent is appropriate if you can offer people real choice and control over how you use their data. But if you cannot offer a genuine choice, you should consider using an alternative, such as ‘Legitimate Interest’ or ‘Contract’.

‘Contract’ will particularly apply for businesses in relation to processing employee’s data, as there is a contractual obligation to process that data.

SCE Solicitors has also produced a Data Protection Impact Assessment (DPIA) template and shared it with our MyHR clients.  If you would like to receive a copy of the DPIA template or would like help and advice regarding GDPR, please do not hesitate to contact me or the employment team on 0113 350 4030 or at Richard.Newstead@scesolicitors.co.uk.  


SCE Solicitors is a boutique employment law practice based in Leeds which advises clients nationwide.  Please note that the information in this blog is to provide information of general interest in a summary manner and should not be construed as individual legal advice. Readers should consult with SCE Solicitors or other professional counsel before acting on the information contained here.

Our top 8 tips to prepare for the GDPR

If you run a business, the GDPR will probably be on your radar by now. Although preparing for the new rules may seem like a daunting task, it doesn’t have to be. 

When it’s introduced on 25 May 2018, the GDPR will apply to all UK businesses that handle personal data. As a result, every organisation that collects, processes or stores personal data should be taking steps now to ensure it can achieve compliance. 

Here are our top 8 practical tips to get ready for the GDPR

Read More

How will GDPR impact your recruitment process?

The General Data Protection Regulations (“GDPR”) is a new set of European regulations that will overhaul existing Data Protection laws and come into force on 25th May 2018

The regulations are going to have far reaching consequences for how business look after their personal data, and to enforce these new regulations GDPR will also allow for significant fines for companies who breach these new rules.

Recruiters especially should make sure that they are transparent when processing candidate data during hiring. They should also ensure candidates can exercise their rights under GDPR.

When sourcing CVs

When asking candidates to send in CVs, you’re asking for personal information. Whether this is via a job board, an employment website, or directly via an email, you need to provide information on how the data will be processed (or used), how long it will be retained for, and if the data they shared with you will be transferred overseas (if, for example, you have multiple offices).

You will also be required to provide more information around how an individual can determine if you hold data on them, how they can check what this, how they can rectify the data it if is incomplete or wrong, and how they can enact their ‘right to be forgotten’. 

Security for CVs

Once you have received the CV, you will need to ensure you have a secure process that covers the storage of electronic documents with personal information. This may be in the form of recruitment or HR software, or in password protected files. You will also want to review who is able to access these, and for how long they are kept.

You should also be reviewing your document management systems. Agencies may make you agree to destroy copies of CVs or personal data, but the individual who sent in the CV may also make requests to find out what data you hold on them and amend or remove their data from your system. 

Erased, rectified, restricted or not processed

Under GDPR workers will have extended rights so, in addition to a right to inspect personal data held about them, workers may be able to insist their data is erased, rectified, restricted or not processed at all. Combined with a much tougher enforcement and penalty regime for non-compliance, businesses who ignore GDPR tread a very thin line. 

By understanding more about how GDPR will impact your business, you can negate any negative impact, and help potential employees reap the benefits of feeling more secure when they give their personal data to your company.

If you need help and advice regarding GDPR, please do not hesitate to contact me or the employment team on 0113 350 4030 or at hello@scesolicitors.co.uk.

If you would like to be kept up to date with employment law and dispute resolution updates, please subscribe to our monthly newsletter.


SCE Solicitors is a boutique employment law and dispute resolution practice based in Leeds which advises clients nationwide.  Please note that the information in this blog is to provide information of general interest in a summary manner and should not be construed as individual legal advice. Readers should consult with SCE Solicitors or other professional counsel before acting on the information contained here.

Background Screening and GDPR

Before General Data Protection Regulation (“GDPR”), carrying out criminal record checks on prospective employees was something many companies did as a matter of routine. But under the new GDPR, which is enforceable from 25th May 2018, background screening can only occur under very specific conditions.  

Under these regulations only two types of organisations are permitted to process personal data relating to criminal convictions and offences. Namely: 

Read More

Employers and your GDPR obligation

On Tuesday 13 March 2018 SCE Solicitors are holding a one day GDPR training course.

The course has been divided up into two parts to provide benefit to both those who wish to receive a quick overview and those who want to understand the impact for dealing with employee details.

The morning session will be run by Dai Davies, a technology lawyer and a well-known speaker, and will provide a general overview of GDPR and how it will impact all businesses.  The afternoon session will be run by our Richard Newstead and will focus on the implications of employers.  

Data Protection has recently undergone a fundamental reappraisal with the enactment of the new European Union GDPR. GDPR will come fully into force on 25 May 2018 and businesses which do not plan for it will be severely disadvantaged. 

The new legislation is radically different from what is currently in place. Instead of a notional transparency through registration and consent under the existing legislation; real transparency under the GDPR is achieved through a series of rights given to individuals. Examples of such individual rights are: the right to object to data collection and the right to be forgotten. This is backed up by much more extensive obligations on data controllers to provide information on request and sometimes even before a request is made. 

If GDPR is already causing you headaches and you need some clarity on what the legislation says and how that may impact on you, your business and your employees, then join us on this one-day training course. 

Please book your tickets on Eventbrite

The GDPR is a complex piece of legislation, so to get you started before the course we have picked eight issues which businesses should start considering:  Click here to read more

Here at SCE Solicitors, we have a wealth of experience in assisting employers on all issues relating to the GDPR.  If you would like to discuss compliance or have any questions in relation to the course, please contact us on 01133 50 40 30 or at samira.cakali@scesolicitors.co.uk.