What We Solve Search Benchpark Roles We Cover How it Works Use Cases Team About Work at Force Insights Sign In Get Started →
Legal

GDPR Statement

Last updated: 17 March 2026  ·  Force Hiring Inc., Amsterdam

Overview

Force Hiring Inc. is committed to the responsible handling of personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. As an Amsterdam-based company operating across the European Economic Area, GDPR compliance is central to how we operate — not a box-ticking exercise.

This statement supplements our Privacy Policy with specific detail on how we fulfil our GDPR obligations, particularly as an executive search firm that processes personal data about candidates who may not have directly contacted us.

Data controller

Force Hiring Inc. is the data controller for personal data processed through the Site and in connection with our services. We are registered in the Netherlands.

Contact: hello@useforce.ai

Candidate data and the legitimate interests basis

Executive search involves identifying and approaching individuals who have not directly reached out to us. Under GDPR, we rely on the legitimate interests lawful basis (Article 6(1)(f)) to process publicly available professional information — such as LinkedIn profiles, published work, or speaking engagements — for the purpose of assessing suitability for a specific executive role.

We apply a legitimate interests assessment (LIA) before processing candidate data on this basis. Our conclusion is that the legitimate interest of our clients in finding qualified leaders is balanced against the reasonable expectation of senior professionals that their publicly available professional profile may be used for career-relevant outreach.

When we contact a candidate about a specific opportunity, we identify ourselves and the purpose of the contact clearly in that first communication. We also provide the candidate with information about their rights and how to object to further processing.

Your rights under GDPR

If Force holds personal data about you — whether as an enquiry contact, a candidate we have approached, or a client contact — you have the following rights:

  • Right of access (Article 15) — you may request confirmation of whether we hold data about you and, if so, a copy of that data.
  • Right to rectification (Article 16) — you may ask us to correct inaccurate data or complete incomplete data.
  • Right to erasure (Article 17) — you may request deletion of your data where the legal basis for processing no longer applies or where you object and we have no overriding legitimate grounds.
  • Right to restriction (Article 18) — you may ask us to restrict processing in certain circumstances, for example while we verify the accuracy of data you have disputed.
  • Right to data portability (Article 20) — where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, machine-readable format.
  • Right to object (Article 21) — you have the right to object at any time to processing based on legitimate interests, including processing for candidate outreach purposes. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
  • Right to withdraw consent — where we process data based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at hello@useforce.ai. We will respond within one calendar month. In complex cases we may extend this by a further two months, and will notify you if we do.

How to object to candidate outreach

If you have been contacted by Force as a candidate and do not wish to be contacted again, you can:

  • Reply directly to the outreach message stating your objection.
  • Email hello@useforce.ai with the subject line 'Do Not Contact'.

We will remove your details from our active candidate pool within 5 business days and will not contact you again unless you initiate contact yourself. We retain a minimal suppression record to ensure your objection is respected in future.

International data transfers

Force operates primarily within the EEA. Where we engage service providers that process data outside the EEA (for example, cloud infrastructure providers), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or transfers to countries with an adequacy decision.

Data processing agreements

Where Force processes personal data on behalf of a client (for example, processing candidate data to fill a client's role), Force acts as a data processor and the client acts as a data controller. In these cases, we enter into a Data Processing Agreement (DPA) with the client that sets out the terms under which we process data on their behalf, consistent with Article 28 GDPR.

To request a copy of our standard DPA, contact hello@useforce.ai.

Complaints

If you believe Force has not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with the supervisory authority in the EU member state of your habitual residence, place of work, or the place of the alleged infringement.

In the Netherlands, the supervisory authority is:

Autoriteit Persoonsgegevens
Prins Clauslaan 60, 2595 AJ Den Haag
autoriteitpersoonsgegevens.nl

We would welcome the opportunity to resolve any concern directly before you contact the supervisory authority. Please reach out to us first at hello@useforce.ai.

Updates to this statement

We review this GDPR Statement at least annually and following any significant changes to our data processing activities or applicable law. The 'last updated' date at the top of this page reflects the most recent review.

Contents Overview Data controller Candidate data Your rights How to object International transfers Data processing agreements Complaints Updates