Send Us A Client Enquiry

If your enquiry is not client related, then please contact one of our offices directly with your enquiry or

GDPR Recruitment

​​The General Data Protection Regulation (GDPR) will replace the UK’s Data Protection Act 1998 (DPA) (and other laws enacted across all Member States to implement the EU Data Protection Directive 1995)

Who does GDPR apply to? To quote the ICO:

  • The GDPR applies to ‘controllers’ and ‘processors’. The definitions are broadly the same as under the DPA – ie the controller says how and why personal data is processed and the processor acts on the controller’s behalf. If you are currently subject to the DPA, it is likely that you will also be subject to the GDPR.


  • If you are a processor, the GDPR places specific legal obligations on you; for example, you are required to maintain records of personal data and processing activities. You will have significantly more legal liability if you are responsible for a breach. These obligations for processors are a new requirement under the GDPR.


  • However, if you are a controller, you are not relieved of your obligations where a processor is involved – the GDPR places further obligations on you to ensure your contracts with processors comply with the GDPR The GDPR applies to processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals in the EU.


For further detailed information we recommend the ICO overview: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/introduction/

Why You Need To Comply

The maximum fine for non-compliance is €20,000,000 or 4% of global annual turnover, whichever is higher. However equally important for organisations to consider is reputational damage. We believe the ICO will agree a period of up to 6 months however if the organisation is unable to address this within this period there is a real risk of withdrawal of permissions.

The deadline is 25 May 2018.

We believe many organisations have yet to consider the full implications of GDPR, and the resources required to comply. We believe that there will be a shortage of GDPR expertise as organisations wake up to the fast approaching deadline and commence the project. There is a limited amount of resource in the marketplace to deal with these issues.

Our Approach To GDPR Recruitment

EO Executives takes a global and enterprise view of how data should be fashioned to meet all known current and future business objectives within the evolving regulatory framework. Our team understands the detail and how it comes together as a top level strategy. Maximises value from information by applying due diligence to the management of the quality of data. GDPR impacts most areas of the business, IT, HR, admin, marketing, we look at the impact across the organisation .

How We Can Help You

EO Executives has built a talent bank of Data Governance, Protection & Privacy Specialists and highly experienced project managers. Our people have excellent communication skills, including: dealing directly with the Regulators.

Programme Managers: Defining and implementing Data Governance

Subject matter Experts in Governance, Risk and Compliance (GRC), Data Protection and Privacy (EU GDPR)


Recent Roles

Commercial Real Estate
IT and Services
Consumer Goods