Privacy Policy

    Last Updated: November 17, 2025 | Contact: privacy@verahire.ai

    1. Purpose of This Policy

    This policy explains how we collect, use, store, transfer, and protect your data when you participate in an automated audio/video interview as part of our hiring process. This policy combines global privacy standards and complies with:

    • GDPR (EU/UK)
    • CPRA/CCPA (USA – California)
    • Other U.S. state privacy laws (Virginia, Colorado, etc.)
    • PIPEDA (Canada)
    • APPs under the Australian Privacy Act
    • Singapore PDPA
    • Hong Kong PDPO
    • Taiwan PDPA
    • Common APAC recruitment and labor regulations

    2. What Data We Collect

    During the automated interview, we collect:

    Interview Data

    • Audio/video recording of your responses
    • Automatically generated transcript
    • AI-assisted analysis (e.g., summaries, keyword extraction, skill indicators)
    • Interview metadata (time, duration, technical logs)

    Profile Data

    • Name, email, phone number
    • Resume/CV and application details
    • Any information you voluntarily provide during the interview

    No biometric identification

    We do not perform facial recognition, voiceprint identity matching, or other biometric identification.

    3. Why We Collect Your Data

    We process your data for:

    • Evaluating your suitability for the position applied for
    • Ensuring fair and consistent hiring
    • Maintaining legally required recruitment records
    • Audit, compliance, and dispute-resolution purposes
    • Considering you for future roles for up to 3 years
    • Ensuring the functionality and security of our interview platform

    We do not use your data for marketing or advertising.

    4. Legal Basis for Processing

    Depending on your jurisdiction, we rely on:

    EU/UK (GDPR & UK GDPR)

    • Consent — for recording, analysis, and 3-year retention
    • Legitimate interest — fair evaluation, record keeping, security
    • Legal obligation — required retention (e.g., Anti-discrimination laws)

    United States (CPRA/CCPA + Other States)

    • Notice at collection
    • Legitimate business purpose
    • Consent for recording where required (e.g., two-party consent states)

    Canada (PIPEDA)

    • Meaningful consent
    • Reasonable business purpose

    Australia (APPs)

    • Consent for audio recording
    • As required for recruitment and reasonable business purposes

    Singapore / Hong Kong / Taiwan (PDPA/PDPO)

    • Notified purpose + consent
    • Reasonable necessity for recruitment

    5. How Long We Keep Your Data

    Default Retention: 3 Years

    Your audio, transcript, and AI-generated analysis are stored for up to three (3) years to support:

    • future opportunities
    • compliance and audit needs
    • defending against potential discrimination claims

    Early Deletion

    You may request deletion at any time. We will delete your data unless legally required to retain it (e.g., ongoing investigation, regulatory requirement).

    6. Your Rights

    Your rights depend on your location but generally include:

    Access

    Request a copy of your audio, transcript, or report.

    Correction

    Fix errors in your transcript or personal information.

    Deletion (Right to Erasure)

    Request your data be deleted.

    Withdraw Consent

    Stop the use of your data for extended retention or future-role matching.

    Data Portability

    Receive your data in a downloadable, machine-readable format.

    Right to Object (GDPR / UK GDPR)

    Object to legitimate-interest processing.

    Do Not Sell or Share (CPRA)

    We do not sell or share your data for advertising.

    To exercise your rights:
    Contact: privacy@verahire.ai

    7. Who We Share Data With

    We share your data only with:

    Internal teams at Verahire and at the hiring company

    • HR and recruiting teams
    • Hiring managers
    • Authorized internal personnel

    Service providers (processors)

    • Cloud hosting providers (e.g., AWS, Google Cloud, Azure)
    • AI transcript/analysis providers (e.g., OpenAI or equivalent)
    • ATS systems (e.g., Greenhouse, Lever, Workday)
    • Security and audit vendors

    All processors operate under a binding, compliant Data Processing Agreement. We do not sell or monetize your personal data.

    8. International Transfers of Data

    Where data is transferred outside your home jurisdiction:

    EU/UK

    • Standard Contractual Clauses (SCCs)
    • Adequacy decisions
    • Supplementary security measures

    Other regions

    • Transfers comply with local data transfer rules
    • Only to jurisdictions with appropriate safeguards
    • You may request details of applicable safeguards.

    9. Automated Decision-Making

    Our automated systems help with:

    • transcription
    • summarizing
    • highlighting skills or keywords
    • generating structured reports

    Automated tools do not make hiring decisions. All decisions include human review.

    10. Security Measures

    We use industry-standard security practices, including:

    • Encrypted transmission (TLS)
    • Encrypted storage
    • Access controls and role-based permissions
    • Audit logs
    • Data minimization
    • Regular security reviews
    • Vendor risk management

    11. Your Choices

    You may choose to:

    • Participate in the automated interview
    • Request an alternative interview format
    • Withdraw extended retention consent
    • Request deletion at any time

    Withdrawing consent will not affect your application.

    12. How to Contact Us

    For questions, concerns, or rights requests:

    Email: privacy@verahire.ai

    You may also contact your local data protection authority.