GDPR Explained


The Data Protection Act 2018 controls how your personal information is used by organisations, businesses, or the government.

The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR).

Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’, making sure the information is:

There is stronger legal protection for more sensitive information, such as:

Your rights

Under the Data Protection Act 2018, you have the right to find out what information the government and other organisations store about you.

These include the right to:

You also have rights when an organisation is using your personal data for:

Lotus regularly performs comprehensive data audits and data cleansing as well as updating internal procedures and policies to ensure we are fully compliant with GDPR.

Below you will find links to these reformed policies and these will continue to be updated accordingly. 

For our clients and candidates, we guide you towards our Data Protection Procedure which details how we will now be handling your personal data. We will be operating a procedure of data minimalisation meaning we will not keep hold of any data beyond our legal obligation to do so.

We invite you to contact your consultant directly should you have any questions about the information contained within.


CALL US ON 0203 838 8400.
Fill out the form and we'll be in touch soon!
Note: We can support doc,docx,pdf files. All file sizes must be 2MB or less.