Privacy Policy

Last updated: September 2025

Introduction

At Recruta, operated by Faez Labs, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our recruitment platform.

By using our Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us, including:

Account Information

• Name and Contact Details: Full name, email address, phone number
• Professional Information: Job title, company name, work experience
• Account Credentials: Username, password (encrypted), authentication data

Recruitment Data

• Job Descriptions: Job postings, requirements, and descriptions you create
• Candidate Information: Resumes, CVs, personal details, and professional profiles
• Interview Data: Interview questions, responses, and evaluation notes
• Matching Data: Preferences, skills, and compatibility information

Communication Data

• Support Communications: Messages, feedback, and support requests
• Marketing Communications: Preferences for newsletters and promotional content
• User-Generated Content: Comments, reviews, and other content you create

Automatically Collected Information

Technical Data

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, features used, time spent, click patterns
• Log Data: Server logs, error reports, performance metrics
• Cookies and Tracking: Session cookies, persistent cookies, analytics data

Location Data

• General Location: Country, region, city (based on IP address)
• Precise Location: Only if you explicitly grant permission

How We Use Your Information

Service Provision

• Account Management: Create and maintain your user account
• Core Features: Provide job matching, interview generation, and recruitment tools
• Communication: Send service-related notifications and updates
• Support: Provide customer support and technical assistance

Platform Improvement

• Analytics: Analyze usage patterns to improve our services
• Research: Conduct research to enhance platform functionality
• Testing: Perform A/B testing and feature optimization
• Security: Monitor for security threats and prevent fraud

Personalization

• Recommendations: Suggest relevant jobs and candidates
• Customization: Tailor the user experience to your preferences
• Content: Provide personalized content and features
• Notifications: Send relevant alerts and updates

Legal Compliance

• Legal Requirements: Comply with applicable laws and regulations
• Dispute Resolution: Resolve disputes and enforce our terms
• Protection: Protect our rights and the rights of our users
• Reporting: Report to authorities when legally required

Information Sharing and Disclosure

Third-Party Service Providers

We may share your information with trusted third-party service providers who assist us in operating our platform:

Essential Services

• Cloud Storage: Secure data storage and backup services
• Email Services: Transactional and marketing email delivery
• Analytics: Website and application analytics providers
• Payment Processing: Secure payment processing services

Business Partners

• Integration Partners: Third-party tools and services you choose to integrate
• Marketing Partners: Co-marketing and promotional activities
• Technology Partners: Software and infrastructure providers

Legal Requirements

We may disclose your information when required by law or to:

• Comply with Legal Process: Respond to subpoenas, court orders, or legal requests
• Protect Rights: Protect our rights, property, or safety
• Prevent Harm: Prevent fraud, abuse, or illegal activities
• Enforce Terms: Enforce our Terms of Service and other agreements

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will ensure appropriate safeguards are in place.

With Your Consent

We may share your information with your explicit consent for specific purposes not covered in this policy.

Data Security

Security Measures

We implement comprehensive security measures to protect your information:

Technical Safeguards

• Encryption: Data encrypted in transit and at rest using industry-standard protocols
• Access Controls: Strict access controls and authentication requirements
• Monitoring: Continuous monitoring for security threats and vulnerabilities
• Updates: Regular security updates and patches

Administrative Safeguards

• Staff Training: Regular security training for all employees
• Access Policies: Strict policies on who can access your data
• Incident Response: Comprehensive incident response procedures
• Audits: Regular security audits and assessments

Data Breach Response

In the unlikely event of a data breach, we will:

• Notify Affected Users: Inform you within 72 hours of discovery
• Report to Authorities: Comply with applicable breach notification laws
• Investigate: Conduct thorough investigation and remediation
• Prevent Recurrence: Implement additional safeguards to prevent future breaches

Your Privacy Rights

Access and Control

You have the right to:

Access Your Data

• View Information: Request a copy of your personal information
• Data Portability: Export your data in a machine-readable format
• Account Information: Access your account settings and preferences

Control Your Data

• Update Information: Correct or update your personal information
• Delete Data: Request deletion of your personal information
• Restrict Processing: Limit how we use your information
• Object to Processing: Object to certain uses of your information

Communication Preferences

You can control:

• Email Notifications: Opt in or out of marketing emails
• Push Notifications: Manage mobile and web notifications
• Data Sharing: Control sharing with third parties
• Account Deletion: Request complete account deletion

Exercising Your Rights

To exercise your privacy rights:

• Contact Us: Email us at privacy@recruta.xyz
• Account Settings: Use the privacy settings in your account
• Support: Contact our support team for assistance

Data Retention

Retention Periods

We retain your information for different periods depending on the type of data:

Account Data

• Active Accounts: Retained while your account is active
• Inactive Accounts: Deleted after 3 years of inactivity
• Deleted Accounts: Permanently deleted within 30 days

Recruitment Data

• Job Postings: Retained for 2 years after job closure
• Candidate Profiles: Retained for 3 years after last activity
• Interview Data: Retained for 1 year after completion

Legal Requirements

• Financial Records: Retained for 7 years as required by law
• Legal Disputes: Retained until resolution plus 1 year
• Compliance: Retained as required by applicable regulations

Deletion Process

When data is deleted:

• Secure Deletion: Data is securely overwritten and removed
• Backup Cleanup: Data is removed from all backup systems
• Third-Party Cleanup: Data is removed from third-party services
• Verification: Deletion is verified and documented

International Data Transfers

Cross-Border Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

Adequacy Decisions

• Adequate Countries: Transfers to countries with adequate data protection
• Standard Contractual Clauses: Use of EU-approved standard contractual clauses
• Binding Corporate Rules: Internal data protection policies for transfers

Safeguards

• Data Processing Agreements: Contracts with third parties include data protection clauses
• Technical Measures: Encryption and other technical safeguards
• Regular Reviews: Regular assessment of transfer mechanisms

Children's Privacy

Age Restrictions

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

If We Discover Child Data

• Immediate Deletion: We will delete any child data we discover
• Parental Notification: We will notify parents if we have contact information
• Prevention Measures: We implement measures to prevent collection of child data

Cookies and Tracking Technologies

Types of Cookies

We use various types of cookies:

Essential Cookies

• Authentication: Required for login and account management
• Security: Protect against fraud and unauthorized access
• Functionality: Enable core platform features

Analytics Cookies

• Usage Analytics: Understand how you use our platform
• Performance: Monitor platform performance and reliability
• Improvements: Identify areas for improvement

Marketing Cookies

• Personalization: Customize content and advertisements
• Targeting: Show relevant job opportunities and candidates
• Measurement: Measure marketing campaign effectiveness

Cookie Management

You can control cookies through:

• Browser Settings: Most browsers allow you to control cookie settings
• Platform Settings: Use our privacy settings to control certain cookies
• Opt-Out Tools: Use industry opt-out tools for advertising cookies

Third-Party Services

Integrated Services

Our platform may integrate with third-party services:

Authentication Services

• Google OAuth: For Google account login
• Social Login: Other social media login options
• Single Sign-On: Enterprise SSO solutions

Business Tools

• CRM Systems: Customer relationship management tools
• ATS Systems: Applicant tracking systems
• Communication Tools: Email and messaging services

Third-Party Privacy

Third-party services have their own privacy policies. We encourage you to review them:

• Google Privacy Policy: https://policies.google.com/privacy
• LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy
• Other Services: Check individual service privacy policies

Changes to This Privacy Policy

Policy Updates

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Notification Methods

• Email Notification: Send email to your registered address
• Platform Notice: Display notice in our application
• Website Posting: Post updated policy on our website

Effective Date

• Immediate Effect: Changes take effect immediately upon posting
• Continued Use: Your continued use constitutes acceptance of changes
• Objection: You may object to changes by contacting us

Version History

We maintain a history of policy changes:

• Current Version: September 2025
• Previous Versions: Available upon request
• Change Log: Summary of material changes

Contact Information

Privacy Questions

If you have questions about this Privacy Policy or our privacy practices:

Company Information:

• Company Name: Faez Labs
• Owner: Faysal Badaoui Mahdad
• NIF: 53923695B
• Address: Universitetsbyen 14, 8000 Aarhus C. Building 1740

Contact Methods

• Email: privacy@recruta.xyz
• Email: contact@faezlabs.xyz
• Email: faysal@faezlabs.com
• Phone: +4591684834
• Support: Use our in-app support system

Response Time

• General Inquiries: Within 48 hours
• Privacy Rights Requests: Within 30 days
• Urgent Matters: Within 24 hours

Data Protection Officer

For EU residents, you can contact our Data Protection Officer:

Data Protection Officer:

• Name: Faysal Badaoui Mahdad
• NIF: 53923695B
• Email: contact@recruta.xyz
• Email: faysal@faezlabs.com
• Phone: +4591684834

Compliance

Regulatory Compliance

We comply with applicable privacy laws and regulations:

Global Standards

• GDPR: General Data Protection Regulation (EU)
• CCPA: California Consumer Privacy Act (US)
• PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
• LGPD: Lei Geral de Proteção de Dados (Brazil)

Industry Standards

• SOC 2: Security and availability standards
• ISO 27001: Information security management
• Privacy by Design: Built-in privacy protection

Regular Audits

We conduct regular audits to ensure compliance:

• Internal Audits: Quarterly internal privacy assessments
• External Audits: Annual third-party privacy audits
• Penetration Testing: Regular security testing
• Compliance Reviews: Ongoing regulatory compliance monitoring

---

This Privacy Policy is effective as of the date listed above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

For the most current version of this Privacy Policy, please visit our website regularly.