Privacy Policy

Last updated: 7/19/2026

What we collect

  • Account data: name, email, organization, and authentication identifiers.
  • Audit content: job postings and URLs you submit for analysis.
  • Usage data: pages visited, actions taken, and basic device/browser metadata.
  • Billing data: handled by our payment processor; we don't store full card numbers.

How we use it

To provide and improve audits, manage your subscription, communicate about your account, and keep the platform secure.

Lawful basis (GDPR)

  • Contract performance — to deliver the service you signed up for.
  • Legitimate interest — for product analytics, security monitoring, and fraud prevention.
  • Consent — for optional marketing communications.
  • Legal obligation — to comply with tax, accounting, and lawful information requests.

Sharing

We share data only with the sub-processors required to operate HireScope. A complete, named list lives on our Security page. We do not sell your data and we do not share it with advertisers.

Data retention

Audit history is retained while your account is active. You can delete individual audits from your dashboard at any time. When you delete your account, your personal data and audit history are removed within 30 days, except where retention is required by law (e.g. tax records, typically 7 years).

Data location

HireScope's primary database is hosted in the United States. EU data residency is available on Enterprise plans on request — contact us to discuss.

Your rights

Depending on your jurisdiction (GDPR / UK GDPR / CCPA), you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion ("right to be forgotten")
  • Receive a portable copy of your data
  • Object to certain processing or restrict it
  • Lodge a complaint with your local supervisory authority

To exercise any of these rights, email privacy@hire-scope.io. We respond within 30 days.

Data Processing Agreement

Customers processing personal data under GDPR can review our standard Data Processing Agreement. Enterprise customers requiring a counter-signed copy should contact us.

Security

We use encryption in transit and at rest, row-level security at the database layer, role-based access controls, and a documented incident response process. Read more on our Security page.

Contact

Questions about privacy? Reach us via the contact page.