GDPR and Executive Search

What our clients say

“As soon as I learned of GatedTalent, I knew it would be a tool that would add immediate value! With pre-written, compliant templates, I was ready to send and track batches of consent requests and legitimate interest privacy notes to people in our database within a couple of hours. GatedTalent has allowed me to manage the legitimising of my data without even leaving our FileFinder Anywhere CRM. It has made becoming GDPR-compliant infinitely easier, and is a massive time saver!”

Charlotte Robinson, Farrell Associates


Is your CRM GDPR Compliant?

Below, we’ve summarised some of the key criteria that your CRM needs to support and briefly explained how our unique combination of the FileFinder CRM and GatedTalent will help support your compliancy.

Legal Requirements

  • Any supplier who Processes Data must be compliant. You must have a compliant contract.

  • Your data must be stored in a secure manner.



  • Your solution must support data minimisation.

  • You require a legal basis to Process (this is the Consent versus Legitimate Interest discussion).


  • You need to notify candidates.

  • You need to keep records.

  • You need to keep data up to date.

  • You need to make it easy for a candidate to update privacy decisions.

  • You need to manage information requests.

  • You need to manage deletion requests.

GDPR Rule

  • Art. 17 (2)-(3)



  • Art 5-9; Recitals 38-56




  • The 3rd Principle


  • Principle 1




  • Principle 1 art 13 and 14

  • Art 30

  • Principle 4

  • Recital 64



  • Art 12,15 recital 63 & 64


  • Art 17 recital 65

FileFinder and GatedTalent

  • ✔ Our contracts have been rewritten and are compliant.


  • ✔ All data hosted by us is encrypted and benefits from intrusion detection systems and regular penetration testing.

  • ✔ Standard functionality.


  • ✔ The “legal basis” is not a systems issue per se; however, your system will need to support your chosen strategy. We support both options.

  • ✔ Automated via GatedTalent.

  • ✔ Automated via GatedTalent.

  • ✔ Automated via GatedTalent.

  • ✔ Online privacy dashboard via GatedTalent.


  • ✔ Semi-automated via GatedTalent.


  • ✔ Semi-automated via GatedTalent.

What our clients say

“Given the upcoming changes to data protection regulations – and our focus on ensuring our candidates and clients the security of their personal data, we trust that we have chosen the most suitable search software provider. GatedTalent brings added value to FileFinder and us, their clients, providing a solution that streamlines the compliance process with GDPR regulations. I strongly recommend FileFinder Anywhere and GatedTalent to any other executive search firm”.

Ana Ber, Dr. Pendl & Dr. Piswanger Romania

Introducing GatedTalent – Where Executive Recruiters find Senior-level Executives

Since October 2017, Executive Search firms from 30+ countries and senior-level Executives from more than 90 countries have signed up to GatedTalent – the new, private platform that allows to recruiters to connect and engage with Executives. Join us in this session to learn how the platform works from a recruiter perspective – and why GatedTalent has become probably the fastest growing Executive Search technology in history!

On-Demand Video Series:
GDPR & Executive Search

Episode 1:
It’s Not All About Your Database

Watch video

The GDPR is not just about your database or IT security, it’s a change management project. In this episode, Helen Haddon, founder of ComplyGDPR, explains how data breaches are most likely to occur in an executive search or recruitment context through the actions of consultants and staff.

Episode 2:
Consent & Legitimate Interest

Watch video

The closer we are getting to May 2018, the clearer the specifics of the new legislation are becoming including greater clarity on some of the grounds for processing personal data: obtaining consent vs legitimate interest. This episode covers in detail the pros and cons of both approaches.

Episode 3:
What You Need To Know & What You Can Ignore

Watch video

As the leading technology supplier to Executive Search firms, Dillistone Systems is uniquely positioned to help Executive Search firms through the new privacy policy minefield. In this episode, CEO Jason Starr and CTO Alex James discuss the new rules and your action plan to compliance.

Episode 4:
The Policies That You Need & How To Audit Your Data

Watch video

For any Executive Search firm planning for GDPR, a vital first step is understanding the scale of your problem. That’s where a data audit comes in. In this episode, CEO Jason Starr and CTO Alex James explain everything you need to know about auditing your data for GDPR compliance!

Episode 5:
GDPR Is Coming: Are You Prepared?

Watch video

Enforcement of the GDPR is now a little more than 4 months away. Time is running out. Executive search firms must be ready in time for May 2018. In this episode, Alex James and Jason Starr discuss the steps that executive search firms need to take to achieve compliance – and answer many of your questions!

Episode 6:
Data Breach Notifications Under The GDPR

Watch video

In this episode, Paul Mather and Jason Starr look at the requirements and your obligations under the GDPR surrounding personal data breaches. We also look at some real life examples which highlight the different types of breaches and the differences between their reporting requirements.

Episode 7:
Cybersecurity – How Can I Protect My Business?

Watch video

Cyber attacks are in the news regularly. Under the GDPR, it’s even more important that you take steps to protect your business. Francis West, CEO of Westtek, a specialist infosec company, shares many facts and figures, true stories and tips on how to protect your staff, data and company against potential cyber attacks.

Episode 8:
GDPR – It’s Imminent!

Watch video

With the GDPR regulations being enforced from May 25th, Alex James and Jason Starr will recap the rules as they apply to executive search and answer any questions you still have.

Episode 9:
GDPR & Executive Search: Last chance to ask your burning GDPR questions!

Watch video

With only a couple of weeks to go until the GDPR comes into force, Alex James and Jason Starr recaped the rules as they apply to executive search and answered many questions you still had.

Episode 10:
GDPR & Executive Search: What the industry is doing right now

Watch video

FileFinder & GatedTalent clients are in the process of sending 3,000,000 GDPR privacy notices to senior executives across the world. Want to know the results and what over 190 Executive Search firms in 28 countries are doing right now? Watch to find out.

GDPR and Executive Search – Preparing for the tidal wave of inbound regulation!

Get our free White Paper

On Jan 6, 2017, Dillistone Systems announced that it had become the first executive search specialist technology supplier to become accredited under the EU-US Privacy Shield Framework. This is the new framework which replaced “Safe Harbor” and it’s a pretty big deal in terms of storing information on candidates.

But it’s also nothing compared to what is coming. In May 2018, the new “General Data Protection Regulations” (GDPR) came into force. If your executive search firm stores electronic information on European citizens – even if your firm is not in Europe – you will be impacted… the rules are tough and the fines draconian – up to 20 Million Euros (potentially more for very large firms). Companies that break the rules and suffer a breach could be wiped out. We’ve written a whitepaper that explains why GDPR should be the highest priority for Executive Search firms in 2018.

Download GDPR White Paper

FileFinder Anywhere is the latest generation of browser-based FileFinder Executive Search Software, a powerful, and yet easy to use, combination of database, project management, web research and CRM tools, designed specifically for executive search firms and in-house strategic recruitment teams.

FileFinder Anywhere and GatedTalent Integration

FileFinder Anywhere is the only executive search management platform to be fully integrated with GatedTalent, the GDPR compliance platform connecting executive recruiters with the world’s leading executives, populated primarily by invitations from our search firm partners, but with information curated by the executives themselves. Our tight integration allows FileFinder users to search the platform, manage compliancy (with full support for the GDPR concepts of “Consent” and “Legitimate Interest”) and receive executive updates in an entirely seamless manner.

Available as a Browser-based, Cloud-hosted App or via a variety of alternative deployment models, search firms and corporate clients have been relying for years on FileFinder technology to better manage the process of executive search.

If you choose to implement our FileFinder cloud solution, your data is stored securely. Unlike other vendors, we never cache data on local machines/devices, ensuring you are not risking data breaches via a lost laptop or phone. We became the first specialist vendor to be accredited to the US / EU Privacy Shield and are thought leaders in terms of GDPR and data privacy, with our complimentary on-demand webinar recording and white papers accessed worldwide.

AR Resourcing legitimised its data in no time with GatedTalent!

Want to book a 1:1 online FileFinder Anywhere and GatedTalent demonstration?Book a demo TODAY