Privacy Policy
Effective: February 27, 2025
Introduction
Talendary AB ("Talendary", "we", "us", or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, share, and protect information in relation to our AI recruitment platform, website, and any software provided on or in connection with Talendary services (collectively, "Services"), and your choices about the collection and use of your information. This Privacy Policy is aligned with our Data Processing Agreement (DPA), which is incorporated into our Terms of Service and available at Data Processing Agreement.
1. Data Controller & Data Processor Roles
- Talendary AB, with its registered office in Sweden, acts as a Data Controller for certain processing activities as described in this Privacy Policy.
- When processing personal data on behalf of customers using our platform, Talendary acts as a Data Processor in accordance with our DPA.
2. Information Collection and Use
2.1 Information You Provide
- Account Registration: Email address, password, and if applicable, third-party sign-on information (e.g., Google SSO)
- Profile Information: Data related to recruitment activities, such as job descriptions and candidate information (CVs), you input into our platform
2.2 Information We Collect Automatically
- Usage Information: We collect information about your interactions with our Service
- Log Data: Includes details about how you've used our Service, IP address, access times, hardware and software information
- Cookies and Similar Technologies: We use cookies and similar technologies to provide, improve, protect, and promote our Service
2.3 Use of Google Workspace APIs
Talendary AB does not use data obtained through Google Workspace APIs to develop, improve, or train generalized AI or machine learning models.
3. Use and Sharing of Personal Data
We will not rent or sell your information to third parties outside Talendary without your consent, except as noted in this Policy.
3.1 Parties with whom we may share your information
- Service providers and business partners: We may share data with sub-processors that assist us in operating our Services, including:
- Law Enforcement and Legal Obligations: We may disclose personal data if required by law, subpoena, or when necessary to protect users, prevent fraud, or comply with legal obligations.
| Sub-Processor | Service Provided | Location | Safeguards (if outside EU/EEA) |
|---|---|---|---|
| Render | Data storage and infrastructure | EU/EEA | Compliant with GDPR and SCCs |
| Supabase | Database storage | EU/EEA | Compliant with GDPR and SCCs |
| Microsoft Azure | Cloud infrastructure and AI model hosting | EU/EEA | Compliant with GDPR and SCCs |
| Google Cloud (GCP) | Cloud infrastructure and AI model hosting | EU/EEA | Compliant with GDPR and SCCs |
| OpenAI | AI-based text generation | EU/US | Standard Contractual Clauses (SCCs) |
3.2 How we store and protect your information
Your information may be stored and processed in any country in which we maintain facilities. Specifically, data is stored in Germany via the Render service, and processed using Microsoft Azure and Google Cloud Platform. We use commercially reasonable safeguards to preserve the integrity and security of all information collected through the Service.
Keeping your information safe: We care about the security of your information and use industry-standard security measures such as encryption, access controls, and security audits to protect your data.
4. Data Retention & Deletion
- We retain Personal Data only for as long as necessary to provide our Services and fulfill legal, accounting, or regulatory requirements.
- Candidate data is deleted within one (1) year unless required otherwise by law or contractual obligation.
- Upon termination of services, data will be deleted within 30 days unless the customer requests retrieval.
5. Your Data Protection Rights
You have the following statutory rights in relation to your Personal Data:
- Access: Request access to your Personal Data and how it is processed.
- Deletion: Request erasure of your personal data.
- Correction: Request correction of inaccurate data.
- Portability: Request transfer of your personal data.
- Restriction: Request to limit data processing.
- Withdraw Consent: If processing is based on consent, withdraw it at any time.
Requests can be made directly through our platform or by contacting contact@talendary.com.
6. Children's Privacy
Our Services are not directed to, or intended for, children under 13. We do not knowingly collect Personal Data from children under 13. If you have reason to believe that a child under 13 has provided Personal Data to Talendary through the Services, please email us at contact@talendary.com. We will investigate and delete the data if necessary.
7. Legal Bases for Processing
We process your Personal Data based on:
- Consent (where applicable).
- Contractual necessity (to provide our Services).
- Legal obligations (to comply with regulatory requirements).
- Legitimate interests (business operations, security, and service improvement).
8. International Data Transfers
- Personal Data processed by us is stored and processed within the EU.
- Any transfers outside the EU/EEA comply with GDPR using Standard Contractual Clauses (SCCs).
9. Data Breach Response
- We have procedures in place to detect, report, and investigate data breaches.
- In the event of a breach, we will notify affected users and authorities within 72 hours, as required by GDPR.
10. Updates to This Privacy Policy
We may update this Privacy Policy periodically. Any significant changes will be communicated via email or within our platform.
11. Contact Us
For any questions about this Privacy Policy or data practices, please contact us at: contact@talendary.com