✶ Legal
Privacy Policy
We believe privacy is a right, not a feature. This policy explains exactly what data we collect, why we collect it, and what control you have over it.
Last updated: April 2026
1. What we collect and why
Candidate data
When a candidate applies through HiringScout, we collect the information they provide: name, contact details, resume, work history, skills, and responses to screening questions. We also collect AI-generated evaluation data produced during resume screening, call screening, and interview screening. This data is collected solely to facilitate the hiring process the candidate has chosen to participate in.
Company and recruiter data
When a company registers on HiringScout, we collect business information, account credentials, job posting content, and usage data necessary to operate the platform. We may also collect billing information, which is processed exclusively by our payment provider (Stripe) and never stored on our servers.
Usage and technical data
We collect standard technical data when you use our platform: IP addresses, browser type, pages visited, session duration, and feature interactions. This is used for security monitoring, performance optimization, and product improvement. We do not sell this data.
2. How we use your data
To deliver the service
Candidate data is used to power AI screening, generate evaluation reports, and connect candidates with hiring teams who have open roles. Company data is used to manage accounts, process job postings, and deliver analytics. Neither is used for purposes outside the hiring workflow without explicit consent.
To improve our AI
We use aggregated, anonymized evaluation data to improve the accuracy of our AI models. Individual candidate data is never used for model training without explicit opt-in consent, and that consent can be withdrawn at any time.
To communicate with you
We send transactional emails (application updates, interview schedules, account notifications) and, where you have opted in, product updates and hiring insights. You can unsubscribe from marketing communications at any time via a single click.
3. Who we share data with
Hiring companies you apply to
When you apply to a role, your profile and AI evaluation are shared with the hiring company for that role only. We do not share your data with any other company without your explicit consent.
Service providers
We work with a small set of trusted sub-processors: cloud infrastructure (AWS), payment processing (Stripe), transactional email, and analytics. All sub-processors are bound by data processing agreements that prohibit them from using your data for their own purposes.
Legal requirements
We may disclose data when required by valid legal process — court orders, law enforcement requests, or regulatory obligations. We will notify affected users when legally permitted to do so.
4. Your rights
Access and portability
You have the right to request a complete export of the personal data we hold about you, in a machine-readable format, at any time.
Correction and deletion
You can update your profile information directly in your account. You can request deletion of your account and all associated data. We will complete deletion within 30 days, except where we are required to retain data by law (e.g., billing records for tax purposes).
Objection and restriction
You have the right to object to certain processing activities and to request that we restrict processing of your data in specific circumstances. Contact us at privacy@hiringscout.com and we will respond within 30 days.
GDPR and CCPA
For EU residents, the above rights are guaranteed under GDPR. For California residents, equivalent rights are guaranteed under CCPA. We honor these rights regardless of your geographic location.
5. How long we keep data
Active accounts
We retain data as long as your account is active and for a period of 90 days after account closure to allow for account recovery.
Candidate evaluation data
AI evaluation reports associated with a completed hiring process are retained for 12 months by default and then deleted unless the hiring company has a legal obligation to retain them longer. Candidates can request earlier deletion at any time.
Billing records
Financial records are retained for 7 years in compliance with applicable tax regulations. Personal data within those records is minimized to the legally required fields only.
6. How we protect your data
Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access keys and credentials are stored in dedicated secrets management infrastructure and are never embedded in application code.
Access controls
Access to production data is restricted to a minimum set of personnel on a need-to-know basis, protected by multi-factor authentication, and logged with a full audit trail.
Incident response
In the event of a data breach, we will notify affected users and relevant regulatory authorities within 72 hours of discovery, as required by GDPR. We maintain a documented incident response plan that is tested annually.
8. Contact and complaints
Data controller
HiringScout, Inc. is the data controller for personal data processed through our platform. Our registered address is 105 North 1st Street, #28, San Jose, CA 94748.
Privacy inquiries
For any privacy-related questions, access requests, or complaints, contact our privacy team at privacy@hiringscout.com. We aim to respond to all inquiries within 5 business days.
Regulatory complaints
If you believe we have not handled your data correctly, you have the right to lodge a complaint with the relevant supervisory authority — the Information Commissioner's Office (ICO) in the UK, the relevant EU Data Protection Authority, or the California Attorney General's office for CCPA matters.