Privacy policy

At Workcraft, we are committed to protecting the privacy and confidentiality of all data we handle, whether it belongs to job candidates or the organizations we work with.

This policy outlines how we collect, use, share, and protect the data on our platform, with a focus on maintaining transparency and security for both candidates and our client organizations.

1. Data Collection

From Candidates:

  • Full Name
  • Email Address
  • Phone Number, optional
  • Resume

From Organizations:

  • Organization Name
  • Industry
  • Headquarters Location
  • Biographical Information (e.g., company values, culture, perks)
  • Job Information (e.g., job descriptions)

We collect candidate data only when they apply for a job through our platform.

2. Data Usage

Candidates' Data: We use candidate data to analyze and rank them against job specifications provided by the hiring organization. However, all final decisions on hiring are made by human recruiters within the organization, not by the AI.

Organizations' Data: We use organization data to support job postings and recruitment functions. The data collected is essential for creating and maintaining job listings on the platform.

3. Data Sharing

We do not share personal data with external third-party providers unless necessary for platform functionality. Our trusted third-party providers include:

  • OpenAI: For generative AI capability.
  • Clerk: For authentication and session management.
  • Nylas: For calendar syncing services.

While these providers support our services, no sensitive personal data, beyond what is necessary for platform operation, is shared with them.

4. Data Transfers

Workcraft is headquartered in Dubai, United Arab Emirates. Our servers and data stores are located in Germany. Some of our providers, such as Clerk and OpenAI, are based in the United States. As such, personal data may be transferred outside the European Economic Area (EEA). We ensure that all data transferred is protected according to applicable data protection laws, and we implement appropriate safeguards to maintain its security.

5. Data Retention

Candidate and organization data is retained indefinitely unless a deletion request is made. If a candidate wishes to have their data removed, they can email us with the subject line “Data Deletion” and include the job posting and organization name they applied for. Upon receiving the request, we will delete the candidate's data. A similar process follows for organizations.

6. Security Measures

We take data security seriously. Our platform employs encryption to protect personal data during transmission. Additionally, we implement strict access control measures to ensure that only authorized members of Workcraft and designated employees within the hiring organization can access data.

7. Data Breach Notification

In the event of a data breach, we will notify affected users within 24 hours of discovering the breach. We aim to provide further updates and remediation steps within three to five working days to ensure transparency and swift action.

8. User Rights

Candidates have the right to:

  • View Their Data: Upon application, candidates receive an email with their stored information.
  • Request Data Deletion: Candidates can request data deletion by responding to the email they received.

In the future, we plan to implement more extensive processes for users to access, correct, or delete their personal data.

9. Cookies

We use cookies for:

  • Authentication: To manage user sessions and ensure a secure experience.
  • Analytics: To assess platform performance without collecting personally identifiable information.

Users can manage their cookie preferences and opt out of tracking by adjusting their browser settings.

© 2024 Workcraft. All rights reserved.