Back to Hireverse

Privacy Policy

Last updated: June 11, 2026

This Privacy Policy describes how Hireverse, Inc. ("Hireverse," "we," "us," or "our") collects, uses, discloses, and protects personal information when you visit hireverse.ai, use the Hireverse marketplace, engage our recruiting services, or otherwise interact with us (collectively, the "Service").

We comply with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA / CPRA), and other applicable data protection laws. If you are located in the European Economic Area, the United Kingdom, Switzerland, or California, you have specific rights described below.

1. Who we are and how to contact us

Hireverse, Inc. is the data controller for personal data collected through the Service.

  • Postal address: Hireverse, Inc., United States
  • General privacy contact: privacy@hireverse.ai
  • Data Protection inquiries (EU/UK): dpo@hireverse.ai
  • EU representative: Available on request — contact privacy@hireverse.ai

2. The personal data we collect

We collect personal data in three ways: information you provide to us, information collected automatically, and information from third parties.

2.1 Information you provide

  • Account information: name, email address, password, role (client / freelancer / recruiting client), profile photo, professional background.
  • Recruiting candidate data: resume / CV, work history, skills, references, compensation expectations, interview notes, candidate-provided answers, and any documents you upload.
  • Recruiting client data: hiring manager contact details, role specs, internal interview feedback, scorecards.
  • Marketplace project data: project briefs, attachments, messages with other users, work product submitted.
  • Payment data: billing address and partial card details. Full card numbers are handled by our payment processor (Stripe) and never stored on Hireverse servers.
  • Communications: emails, chat messages, and form submissions sent to us.

2.2 Information collected automatically

  • Device and connection data: IP address, browser type, operating system, device identifiers, language preference.
  • Usage data: pages visited, features used, time spent, referring URL, search queries, click events, and other diagnostic information.
  • Cookies and similar technologies: see our Cookie Policy for the full list and how to manage them.

2.3 Information from third parties

  • Public sources: publicly available professional profiles (e.g., LinkedIn) when we source candidates for recruiting clients.
  • Identity / OAuth providers: if you sign in with Google, GitHub, or similar, the limited profile data those providers share with us.
  • Integration partners: Nango, GitHub, Slack, Notion, Google Drive, Trello, and similar tools you choose to connect to your workspace.
  • Referral sources: name and contact details when someone refers you to us.

3. Why we use your data and the legal basis

We process personal data only when we have a lawful basis under GDPR Article 6 (and Article 9 for any special-category data). The bases we rely on:

  • Performance of a contract (Art. 6(1)(b)): to provide the Service, deliver placements, process payments, and manage your account.
  • Legitimate interests (Art. 6(1)(f)): to operate, secure, and improve the Service; prevent fraud; conduct candidate sourcing for recruiting clients; and run analytics and product research. We have balanced these interests against your rights and freedoms.
  • Consent (Art. 6(1)(a)): for marketing emails, non-essential cookies, and any other processing where consent is required. You can withdraw consent at any time.
  • Legal obligation (Art. 6(1)(c)): to comply with tax, employment, anti-fraud, and other laws.

4. Who we share your data with

We share personal data only as described below. We do not sell personal data.

  • Recruiting clients: when we represent you as a candidate, we share your CV, application materials, and screening notes with the hiring company. We tell you which company before we share.
  • Hireverse freelancers / clients: when you use the marketplace, limited profile and project information is shared with matched counterparties.
  • Service providers: infrastructure (Google Cloud / Firebase), payments (Stripe), AI processing (Google Vertex AI, Anthropic, OpenAI), integrations (Nango), analytics (Google Analytics), email delivery, and support tools. They process data on our behalf under written agreements.
  • Legal and safety: we may disclose data when required by law, court order, or to protect rights, property, or safety.
  • Business transfers: in connection with a merger, acquisition, or asset sale, with continued protection of your data.

5. International data transfers

Hireverse is based in the United States. When we transfer personal data from the EEA, UK, or Switzerland to the US or other countries that do not have an adequacy decision, we rely on the European Commission's Standard Contractual Clauses (SCCs) and, where applicable, the UK Addendum or Swiss SCCs, together with supplementary measures (e.g., encryption in transit and at rest). Copies of the SCCs are available on request.

6. How long we keep your data

We retain personal data only as long as needed for the purposes described above, then we delete or anonymize it. Typical retention periods:

  • Active account data: for as long as your account is open, plus 24 months after closure for legal and dispute resolution purposes.
  • Recruiting candidate data: 24 months from last interaction, unless you ask us to retain it longer for future opportunities or to delete it sooner.
  • Payment records: 7 years to meet tax and accounting requirements.
  • Marketing data: until you withdraw consent.
  • AI memory records: session memory is summarized and retained per the user-controlled retention settings (with a default 30-day TTL on "recent" records).

7. Your rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Delete your data (the "right to be forgotten").
  • Restrict or object to certain processing, including direct marketing.
  • Receive a portable copy of data you provided to us.
  • Withdraw consent at any time for processing based on consent.
  • Lodge a complaint with a supervisory authority (e.g., your local Data Protection Authority in the EEA / UK, or the California Privacy Protection Agency).
  • Not be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects.

To exercise any of these rights, email privacy@hireverse.ai from the address associated with your account. We will respond within 30 days (extendable by up to 60 days for complex requests).

California residents (CCPA / CPRA)

California residents have additional rights, including the right to know what personal information we collect, the right to delete personal information, the right to correct inaccurate information, and the right to opt out of the "sale" or "sharing" of personal information. We do not sell personal information as defined by the CCPA.

8. Security

We use industry-standard technical and organizational measures to protect personal data, including encryption in transit (TLS) and at rest, MFA for sensitive operations, strict access controls, security headers (HSTS, CSP), regular dependency audits, and the principle of least privilege. No system is perfectly secure; if we ever discover a personal data breach affecting you, we will notify the appropriate supervisory authority within 72 hours and you without undue delay where required by law.

9. Children

The Service is not directed to children under 18 (or under 16 in the EEA / UK). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

10. AI features and automated processing

Some Hireverse features rely on AI to match candidates to roles, summarize conversations, and recall context across sessions. These features are designed to assist human decision-making, not replace it. We do not make hiring, payment, or eligibility decisions based solely on automated processing. If you have concerns about an AI-driven recommendation that affected you, contact us and we will review it.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the new effective date at the top of this page and, if changes are material, notify you by email or through the Service before they take effect.

12. Contact

Questions, requests, or concerns? Reach us at privacy@hireverse.ai. Data protection inquiries from the EEA / UK: dpo@hireverse.ai.

    Privacy Policy | Hireverse AI