Privacy Policy

Last updated: January 26, 2025

1. Introduction

RecruitHorizon.ai ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, password
  • Profile Information: Job title, phone number, profile picture
  • Candidate Data: Resumes, contact information, employment history, skills
  • Job Data: Job postings, requirements, salary information
  • Payment Information: Processed securely through Stripe

2.2 Automatically Collected Information

  • Usage Data: Features used, time spent, clicks, and interactions
  • Device Information: IP address, browser type, operating system
  • Cookies: Session cookies, preference cookies, analytics cookies
  • Log Data: Access times, pages viewed, errors encountered

3. Legal Basis for Processing (GDPR)

We process personal data based on the following legal grounds:

  • Contract Performance: To provide our services and fulfill our contractual obligations
  • Legitimate Interests: For business operations, security, and service improvement
  • Legal Compliance: To comply with applicable laws and regulations
  • Consent: For marketing communications and optional features
  • Vital Interests: To protect health and safety in emergency situations

4. How We Use Your Information

We use the collected information to:

  • Provide and maintain our Service
  • Process transactions and send billing information
  • Send administrative information and updates
  • Respond to inquiries and provide customer support
  • Improve our Service through analytics
  • Detect and prevent fraud or abuse
  • Comply with legal obligations
  • Train AI models (with anonymized data only)

5. Data Sharing and Disclosure

We may share your information with:

  • Service Providers: Third-party vendors who assist in operating our Service
  • Integration Partners: When you connect third-party services (e.g., BambooHR, Google Calendar)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • With Consent: When you explicitly agree to sharing

We do NOT sell your personal information to third parties.

6. Data Security

We implement appropriate technical and organizational measures:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security audits and penetration testing
  • Access controls and authentication requirements
  • Employee training on data protection
  • Incident response procedures

7. Your Rights (GDPR & CCPA)

You have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a portable format
  • Restriction: Limit processing of your data
  • Object: Opt-out of certain data processing
  • Non-discrimination: Not be discriminated against for exercising rights

To exercise these rights, contact privacy@recruithorizon.ai

8. Data Retention

We retain data for as long as necessary to provide our Service and comply with legal obligations:

  • Active Account Data: Retained while account is active
  • Candidate Data: According to your retention settings (default 2 years)
  • Deleted Account Data: Anonymized or deleted within 90 days
  • Legal Hold Data: As required by law

9. International Data Transfers

Your information may be transferred to servers located outside your country. We ensure appropriate safeguards are in place through:

  • Standard Contractual Clauses (SCCs): EU-approved contractual terms for data transfers
  • Adequacy Decisions: Transfers to countries deemed adequate by the EU Commission
  • Binding Corporate Rules: For intra-group transfers
  • Your Explicit Consent: When other safeguards are not available

You may request a copy of the safeguards in place by contacting our Data Protection Officer.

10. Children's Privacy

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16.

11. Third-Party Services

Our Service integrates with third-party services that have their own privacy policies:

  • OpenAI (AI processing)
  • Stripe (payments)
  • Google (calendar, SSO)
  • Microsoft (SSO)
  • MongoDB Atlas (database)
  • Vercel (hosting)

12. Cookies and Tracking

We use cookies for:

  • Essential Cookies: Required for Service functionality
  • Analytics Cookies: To understand usage patterns
  • Preference Cookies: To remember your settings

You can control cookies through your browser settings.

13. AI and Machine Learning

We use AI to:

  • Parse resumes and extract information
  • Match candidates to job requirements
  • Provide intelligent recommendations

AI processing uses anonymized data and follows ethical AI principles.

14. Marketing Communications

With your consent, we may send promotional emails about new features, special offers, or other information. You can opt-out at any time using the unsubscribe link in emails.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

16. Data Controller Information

RecruitHorizon.ai acts as the data controller for personal data processed through our services:

  • Company: RecruitHorizon.ai LLC
  • Address: [Your Company Address]
  • Registration: [Your Company Registration Number]
  • VAT Number: [If applicable]

17. Supervisory Authority

EU residents have the right to lodge a complaint with their local data protection authority:

18. Contact Us

For privacy-related questions or concerns:

  • Email: privacy@recruithorizon.ai
  • Data Protection Officer: dpo@recruithorizon.ai
  • Address: RecruitHorizon.ai, Privacy Department
  • Response Time: We aim to respond within 30 days

19. California Privacy Rights

California residents have additional rights under CCPA:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale of personal information
  • Right to equal service and non-discrimination

20. EU Privacy Rights

EU residents have additional rights under GDPR:

  • Right to lodge a complaint with supervisory authority
  • Right to withdraw consent at any time
  • Right to object to automated decision-making
  • Right to data portability in machine-readable format
  • Right to restriction of processing
  • Right to be informed about data breaches

21. Cookie Policy

We use the following types of cookies:

  • Strictly Necessary: Required for site functionality (no consent needed)
  • Performance: Help us understand site usage (consent required)
  • Functional: Remember your preferences (consent required)
  • Targeting: Used for marketing purposes (explicit consent required)

You can manage cookie preferences through our cookie banner or your browser settings. Note that disabling certain cookies may affect site functionality.

22. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify relevant supervisory authorities within 72 hours
  • Inform affected individuals without undue delay
  • Document the breach and actions taken
  • Implement measures to prevent future breaches