28 March 2020

Exercising my Right to be Forgotten Part 4: The Second Case of the Headhunter

Once upon a time, or rather, once back in November 2016, I sent my CV as part of an application to a particular role. This was during the last months I was an academic, and I was already testing the waters so to speak, seeing how the industry would look like. I was rebranding myself from an academic to a data analyst, and was looking at data analyst roles all over the place. I found this one position, which turned out to be a position advertised by a headhunter. I sent my CV, and later on, received a phone interview with the headhunter. That was more than 3 years ago.

Of course nothing came to fruition with that job. In the meantime, I applied for other jobs, and one of them got successful. A couple of years later, I am still in this company, though with a different role now from when I first applied.

And then, I received an email, asking me whether I would be interested in a new role. I recognised the company who sent the email. It happened to be the headhunting company that I shared my CV with back in November 2016. Several years have passed by then, and I definitely am not correctly represented by that CV anymore. Heck, I update my CV yearly because plenty of things could change in one year.

And since I didn't want to be bothered anymore by this headhunter, I decided to exercise my GDPR Article 17 Right to Erasure. I didn't want to be part of the headhunter's database anymore, and therefore I wanted them to delete all traces of me and my CV in their systems.

Thankfully this was easy. I sent them a short but firm email asking them to erase all of my data, and less than an hour later they responded back saying they have already done so. Let's hope that is indeed the case, and that I don't get any more emails from them asking if I am interested in a data science position.


  1. Every time I read you exerciced your right I wonder how many database I'm in... kind of depressing.

    1. Zhu,

      There's plenty of databases that have your information out there. Most of the time they link your information with either your phone number or email address, and this is common enough that security analysts recommend you have a burner phone or email address. Just imagine all of these databases who know your phone number or email address suddenly talk to each other, and all of a sudden someone can build a profile of you, just by looking at all the information they can connect.