Fair data and record retention policy

Recruitment and candidate CVs

We are committed to providing the highest level of service to our clients and candidates. This includes how we store and use candidate and employer information at all stages – from applying for a vacancy through us to placing a candidate in that job position.

Under the General Data Protection Regulation (GDPR), you have rights to know how your personal information is handled. This includes the collection, storage, processing and disposal of personal information.

We use software to manage your CV and registration details, communication and the interview, selection and offer process. This system is only accessible by authorised staff. We will never pass your details to a client or any third party without your consent.


We have an appropriate retention policy. We will archive certain candidate and client records held in our in our system after periods outlined below. These records are not deleted, but kept in a secure server storage where we will be able to retrieve them, if required.

Length of time records will be available live before being archived (having had no refreshed contact/request for work seeking activity):

  • Client records (inactive) – 5 years
  • Permanent vacancy records – 5 years
  • Temporary vacancy records – 5 years after assignment ending
  • Contractor company registration and VAT certificates – 7 years after assignment ending

In addition to our regular archiving process, you can have your record archived earlier, if you wish. To do this, email us with the following information:

  • Full name
  • Address
  • Reason for the archive request

Cherryleaf will continue to review the effectiveness of this policy on at least an annual basis, and more frequently if required, taking into account changes in the law and organisational or security changes.

Data Processors

We use data processors to carry out some tasks in accordance with our instructions. For example, we use an email software provider, an electronic newsletter automation platform, accountancy software, Stripe, and an e-learning platform. This information is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. We regularly review these data processors to check they comply/conform with the GDPR requirements.

You can un-subscribe from our newsletter at any time. To do this, use the unsubscribe link at the bottom of the newsletter, or email us.


We use cookies on this Web site. We use Google Analytics and WordPress JetPack to record general information. We also use cookies on polls and surveys, in order to prevent people voting more than once.