HiringXPrivacy Policy
Last updated: April 8, 2026
This policy describes how HiringX ("we," "us") collects, uses, and shares information when you use our website and service at hiringx.io. It is intended to meet common expectations for security review, including applications that use Google user data via OAuth.
1. Information We Collect
You provide: name, email address, resume or profile details, target companies and roles, message templates, and contacts you add or discover through the product.
Gmail connection: If you connect Google, we store OAuth tokens (encrypted at rest) and your connected Gmail address so the service can use the Gmail API on your behalf.
Automatically: we log operational and security data (for example API and webhook processing) as needed to run the service.
2. How We Use Your Information
We use your information to operate the HiringX referral agent: discover and prioritize contacts, generate personalized outreach and follow-up text with AI assistance, send mail from your Gmail when you enable that, detect and classify replies, show pipeline status, send product notifications (including by email through our notification provider), and process billing when you subscribe.
Automated sending. If you choose automatic send mode, our servers may send Gmail messages on a schedule you effectively enable by launching the agent and connecting Gmail, subject to product limits (such as a daily outreach cap). If you choose review-first mode, a send still uses your Gmail when you explicitly approve from the outbox.
3. Gmail and Google User Data
We request two Gmail OAuth scopes you approve at connect time:
- gmail.send — to send outreach and follow-up messages from your email address when you or your configured agent initiates them.
- gmail.readonly — to register inbox push notifications (watch), read Gmail history, and retrieve message content only for threads related to HiringX outreach, in order to detect and classify replies.
We do not use Gmail content to build advertising profiles, and we do not sell Gmail data.
Text from replies (and related context, such as your original outreach) may be sent to our AI providers only to provide features you see in the app (for example response classification and message generation). Those providers process data as subprocessors under their own terms and policies.
Gmail OAuth tokens are encrypted at rest (AES-256-GCM). You can revoke our access anytime in your Google Account permissions; that stops our API access even if you still have a HiringX account.
4. Limited Use of Google User Data (Gmail API)
HiringX's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. In plain terms: we use Google user data only to provide or improve features of HiringX that are visible to you in the app; we do not use it for serving ads; we do not sell it; and we allow human access to such data only where permitted by that policy (for example with your consent, for security or legal compliance, or as described here).
5. Third-Party Services
We use service providers for hosting, database and authentication, payments, contact discovery, transactional email, and AI inference. They process data on our behalf under appropriate agreements. Their own privacy policies also apply.
6. Data Retention
We retain your account and related data while your account exists and as needed to comply with law. If you ask us to delete your account, we will anonymize or delete personal data as described in your request and applicable law, except where we must retain certain records (for example billing or legal holds). Operational caches and logs may be retained for a limited period and are minimized where possible.
7. Data Security
We use encryption at rest for sensitive credentials, access controls and row-level security in our database, and HTTPS for data in transit. Access to production systems is limited to authorized personnel who need it to operate the service.
8. Your Choices and Rights
You can update much of your information in the app. To exercise privacy rights (access, correction, deletion, objection, or portability) or to ask questions, contact privacy@hiringx.io. If you are in the EEA, UK, or Switzerland, you may also lodge a complaint with your local data protection authority.
The service is not directed at children under 18, and we do not knowingly collect their personal information.
9. Changes
We may update this policy from time to time. We will post the new date at the top and, for material changes, provide notice as required (for example by email or in-app message).
10. Contact
Privacy questions: privacy@hiringx.io. See also our Terms of Service.