Fines up to €20,000,000 or 4% of global turnover

EU representative for HR & recruiting software

ATS and HR platforms hold some of the most sensitive personal data there is — and rejected candidates are the most frequent DSAR senders in practice. EU candidates bring non-EU HR SaaS under Article 27; Usantis is your EU representative.

Why HR software companies need an EU representative

Article 27 GDPR applies based on what you do, not where you are based. If your HR software business offers services to, or monitors, people in the EU, you need a representative established in the EU. The full rules are in our EU GDPR representative guide.

Usantis gives you that representative — a real EU address, a named representative and DSAR handling — without opening an EU entity.

Compliance challenges for HR software

  • Rejected candidates are the single most common source of access and erasure requests
  • CVs contain sensitive data (health, union membership) often without you asking for it
  • Retention is contested: keeping candidate data “for future roles” needs consent and a clock
  • Your customers are controllers, you are the processor — but Article 27 can apply to both

Where the risk usually hides

  • Talent pools kept after rejection
  • Background-check and reference data
  • AI-assisted screening and ranking (EU AI Act exposure on top)

Typical setups we cover

  • Applicant-tracking systems
  • HRIS and payroll platforms
  • Recruiting agencies with EU candidates
  • Background-screening providers

Works with your stack

We slot in alongside the tools HR software teams already use:

GreenhouseLeverWorkday integrationsLinkedIn TalentCheckr

Recommended plan

Standard

$99/month

Typical DSAR volume fits Standard — but rejected candidates are the most frequent DSAR senders, so clean handling matters.

Compare plans →

Frequently asked questions

Related industries

Last updated 2026-05-23.

Get your HR software business EU-compliant in about ten minutes

$99/month, fully self-service, with DSAR handling and a hosted compliance page included.