Privacy Policy for BypassHire

BypassHire ("we", "our", "us") is committed to protecting your personal data and ensuring compliance with the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws. This Privacy Policy explains how we collect, store, use, and protect your personal information when you use our website and services.

1. Who We Are

BypassHire is an AI-driven recruitment platform that connects job seekers and employers through AI-generated candidate assessments. We operate as a UK-based data controller for the personal data we collect.

Contact Us: Email: [email protected]

2. Data We Collect

We collect and process the following types of personal data:

When You Register or Subscribe to Our Newsletter:

• Email address (Candidates, Companies, and Other Users)

When Companies Register for the Platform:

• Company Name
• Company Number
• Email Address
• Transaction Details (via Stripe, no card details stored)

When Candidates Apply for Jobs:

• First and Last Name
• Email Address
• CV (stored until the job ad and/or associated application is removed)
• Job Applications and Responses
• Assessment Data (processed via AI, OpenAI GPT models)

When Companies Post Job Ads:

• Job Ad Content (text and descriptions)

Automated and Technical Data (For Security and Session Management):

• IP Address
• Browser Type and Version
• Device Information
• Cookies (see Cookie Policy for details)

3. How We Use Your Data

• Provide and improve our services, including AI-powered job assessments.
• Process job applications and enable employers to access candidate details.
• Allow candidates to see company names when applying for jobs.
• Send service communications (application updates, account changes, security alerts).
• Send newsletters and relevant updates (if opted-in).
• Process payments for one-off payment packs (credits and processing units).
• Comply with legal and regulatory obligations.

We never sell or rent your data. However, we use OpenAI GPT models to process job applications, which involves sharing data with OpenAI for processing.

4. Legal Basis for Processing

• Performance of a contract – To provide recruitment services.
• Legitimate interest – To improve our services and ensure security.
• Consent – For newsletters and marketing communications (opt-out anytime).
• Legal obligation – To comply with applicable laws.

5. Data Retention

• CVs and job applications – Stored until the job ad and/or associated application is removed.
• Company data – Stored as long as the company account remains active.
• Email addresses (newsletters and communications) – Until you unsubscribe.
• Billing records and invoices – Stored for legal and tax purposes (usually 6 years).

Once the retention period expires, we securely delete or anonymize your data.

6. Where Your Data Is Stored

We store personal data securely within the UK and EU:

• Cloud Services – Secure providers for platform data and CV storage.
• Data Protection Measures – Encryption, access controls, and authentication.

7. Who We Share Your Data With

We share data only when necessary:

• Companies – Can view anonymized assessments and, upon purchase, access full candidate details and download CVs. Candidates can see company names when applying.
• OpenAI (GPT models) – For AI-powered job application assessments.
• Stripe (Payment Processor) – We do not store payment details, but transaction data is handled via Stripe.
• SendGrid (Email Service Provider) – Used for sending transactional and notification emails; we do not store email content beyond delivery records.
• Legal or Regulatory Authorities – If required by law.

We do not sell or share data for advertising purposes.

8. Google Workspace API Use Disclosure

BypassHire does not use any data obtained from Google Workspace APIs to develop, improve, or train generalized AI and/or machine learning models.

BypassHire does not store any data retrieved from Google Workspace APIs.

9. Your Data Protection Rights

Under UK GDPR, you have the right to:

• Access – Request a copy of your personal data.
• Rectification – Request corrections to inaccurate or incomplete data.
• Erasure (“right to be forgotten”) – Request deletion of your data (this will result in account termination and no refund for purchased services).
• Restriction – Request limitation on processing your data.
• Data portability – Request data transfer to another provider.
• Objection – Object to data processing based on legitimate interests.
• Withdraw consent – If processing is based on consent.

To exercise any of these rights, email: [email protected]

10. How We Protect Your Data

• SSL Encryption – Ensures secure data transmission.
• Cloudflare Protection – Protects against cyber threats.
• Hashed Passwords – Stored securely in our database.
• Access Controls and Authentication – Limits access to sensitive data.
• Continuous Security Updates – We actively maintain and improve our software to ensure security.

11. Cookies and Tracking

We use cookies to enhance your experience. For details, see our Cookie Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy. The latest version will always be available on our website. We will notify users of significant changes when required by law.

13. Contact Us

If you have any questions about this Privacy Policy or your data rights, contact us at: 📧 Email: [email protected]

By using our platform, you agree to this Privacy Policy.