Press "Enter" to skip to content

The Recruitment Junction SAR Non Compliance

By Kieron JH on August 11, 2025 5:32 pm
When a Subject Access Request Gets Ignored – The Recruitment Junction SAR Non Compliance

When a Subject Access Request Gets Ignored: The Recruitment Junction SAR Non Compliance

Written by Kieron JH • Published 11 August 2025 • Category: Data Rights, Governance

Summary: This article documents The Recruitment Junction SAR non compliance. It sets out a dated timeline with screenshots, shows that trustee level awareness existed, and explains why the response fails UK GDPR and the Data Protection Act 2018. It also records email blocks after the SAR and a letter claiming the SAR “case file” is closed, which is not a legal concept.

Context and keyphrase

On 11 July 2025 I made a lawful Subject Access Request to The Recruitment Junction. This post focuses on The Recruitment Junction SAR non compliance and explains how the organisation handled the request. The focus is practical. Readers and regulators can verify each step using the screenshots below.

Timeline with evidence

Step 1 – SAR submitted

Screenshot confirming Subject Access Request submission to The Recruitment Junction on 11 July 2025
SAR submission confirmation. Scope included all personal data where I am named or discussed, plus internal correspondence and records created after the SAR. I used a secondary email address because my original address had already been blocked after I raised a formal complaint.

Step 2 – CEO responds to a complaint outside her remit, which prompts a follow up

CEO letter responding to a complaint addressed to the Chair of Trustees
The CEO replied to a complaint that was clearly addressed to the Chair of Trustees. That reply had no board mandate, which prompted a follow up clarifying the SAR scope and the separate Right to Erasure request.
Continuation of follow up email clarifying SAR scope and the independence of the Right to Erasure request
Follow up email continuation. I restated that my 7 July Right to Erasure covered a limited subset of data and does not cancel a Subject Access Request. Submitting an SAR after an erasure request is lawful and commonly used to verify compliance.

Step 3 – Letter claims the SAR “case file” is closed

Letter stating the SAR case file is closed
Letter asserting the SAR “case file” is closed. That phrase is not a recognised legal term under UK GDPR or the Data Protection Act 2018. Closing a case file does not close a statutory obligation. It signals non compliance.

Step 4 – Email blocks after the SAR

Evidence of blocked email addresses after the Subject Access Request
Multiple email addresses used for lawful correspondence were blocked. Any internal discussion about blocking me is itself personal data and should be disclosed in response to the SAR.

Step 5 – Trustees are informed, yet no corrective action is taken

Email indicating trustee was copied on SAR correspondence without action taken
Trustee level awareness existed for weeks. No lawful extension reason was provided. No remedial action was taken. This shifts the issue from operational oversight to governance failure.

Why this matters for UK GDPR and governance

Under UK GDPR, organisations must respond to a Subject Access Request within one month unless a lawful extension applies. Failure to respond is unlawful. Prolonged delay without a valid basis looks like obstruction. If trustees know and do nothing, that is a governance problem, not just a processing error.

The Recruitment Junction SAR non compliance raises two obvious risks: civil breach under UK GDPR, and a potential criminal offence under Section 173 of the Data Protection Act 2018 if deliberate concealment or destruction of data is proven. Even without criminal intent, the pattern is poor practice that undermines trust.

Documents and further reading

If The Recruitment Junction provides a full and lawful response, I will update this page to reflect that outcome. Transparency cuts both ways.

Conclusion

The Recruitment Junction SAR non compliance is now a matter of record. The screenshots show the request, the off remit CEO response, the claim that the SAR “case file” is closed, the email blocks, and trustee awareness. Each day without a lawful response strengthens the case. If an organisation wants to claim transparency and integrity, it should start with compliance.

Published in Accountability and Articles

More from AccountabilityMore posts in Accountability »
More from ArticlesMore posts in Articles »

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *