Privacy Policy

Last Updated: August 27, 2025

1. Introduction

KaaziAI ("we", "us", "our", or "Platform") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our employment platform and related services.

This Privacy Policy applies to all users of the KaaziAI platform, including job seekers, employees, and organizations. Given the sensitive nature of employment relationships and workplace data, we have implemented enhanced protections and transparency measures.

2. Information We Collect

2.1 Personal Information You Provide

Account Registration:

Name, email address, phone number

Professional profile information (skills, experience, education)

Employment history and preferences

Location and contact details

For Individual Users (Job Seekers/Employees):

Resume and CV documents

Professional certifications and licenses

Educational qualifications

Work samples and portfolio items

References and contact information

Salary expectations and preferences

Career objectives and goals

For Organizations:

Company name, address, and contact information

Business registration details and tax identification

Industry type and company size

Authorized representative information

Payment and billing information

Employment-Related Data:

Employee records and personnel files

Performance reviews and evaluations

Training records and certifications

Attendance and time tracking data

Compensation and benefits information

Disciplinary records and grievances

Exit interviews and termination records

2.2 Information Collected Automatically

Technical Data:

IP address, browser type, and device information

Usage patterns and platform interaction data

Log files and session information

Cookies and similar tracking technologies

Platform Activity:

Job applications and organization invitations

Document uploads and downloads

Communication records within the platform

Search queries and preferences

Feature usage and engagement metrics

2.3 Information from Third Parties

Employment Verification:

Background check results (where authorized)

Professional references and recommendations

Educational institution verifications

Previous employer confirmations

Integration Data:

Information from connected professional networks

Calendar and scheduling system data

Third-party authentication services

3. How We Use Your Information

3.1 Primary Platform Functions

For All Users:

Account creation and authentication

Platform security and fraud prevention

Customer support and communication

Service improvement and development

For Individual Users:

Job matching and recommendations

Profile visibility to potential employers

Application tracking and management

Career development suggestions

For Organizations:

Employee onboarding and management

Recruitment and hiring processes

Compliance and reporting requirements

Performance tracking and analytics

3.2 Employment Relationship Management

Connection and Hiring:

Processing employer-issued invitations between organizations and employees

Facilitating job applications and interview scheduling

Enabling employment offer and acceptance processes

Employee Management:

Maintaining employee records and documentation

Processing leave requests and approvals

Managing performance reviews and feedback

Handling exit procedures and transitions

Reference and Verification Services:

Providing employment verification to third parties (with consent)

Processing reference requests between organizations

Maintaining employment history records

3.3 Legal and Compliance Purposes

Compliance with employment laws and regulations

Responding to legal requests and court orders

Protecting against fraud, abuse, and security threats

Enforcing our Terms and Conditions

4. Information Sharing and Disclosure

4.1 Employer-Employee Relationships

Within Organization Boundaries:

Authorized organization representatives may access employee data necessary for legitimate business purposes

HR personnel, direct managers, and relevant administrators have role-based access

Access is logged and monitored for compliance purposes

Employee Consent Requirements:

Sharing of personal data beyond basic employment needs requires explicit consent

Employees can withdraw consent for non-essential data sharing

Sensitive personal information requires separate, specific consent

4.2 Inter-Organization Sharing

Reference Requests:

Employment verification shared between organizations with employee consent

Limited to job-relevant information (dates of employment, position, performance)

Previous employers may confirm basic employment details

Professional Networks:

Anonymous industry benchmarking and trend data

Aggregated compensation and benefits information

Best practice sharing (without personal identifiers)

4.3 Third-Party Service Providers

We may share information with trusted third parties who assist in platform operations:

Technology Providers:

Cloud hosting and infrastructure services

Data analytics and security services

Communication and notification services

Professional Services:

Legal counsel and compliance advisors

Accounting and financial services

Background check and verification services

Integration Partners:

Calendar and scheduling applications

Professional networking platforms

HR and payroll system providers

All third-party providers are bound by strict confidentiality agreements and data processing terms.

4.4 Legal Requirements

We may disclose information when required by law or to:

Comply with legal process, court orders, or regulatory requirements

Protect our legal rights and those of our users

Investigate suspected fraud or security breaches

Respond to emergency situations involving personal safety

5. Data Retention and Storage

5.1 Retention Periods

Active Employment Relationships:

Employee data retained for duration of employment plus applicable legal requirements

Regular data minimization reviews to ensure only necessary data is retained

Former Employees:

Employment records retained for 7 years after termination (or as required by local law)

Reference information retained for legitimate business needs

Personal contact information deleted unless consent is maintained

Job Seekers:

Profile data retained while account is active

Application history retained for 3 years for legitimate business purposes

Inactive accounts subject to data retention schedule

5.2 Data Security

Technical Safeguards:

End-to-end encryption for sensitive employment data

Multi-factor authentication for organization accounts

Regular security audits and penetration testing

Secure data centers with physical access controls

Administrative Safeguards:

Role-based access controls and regular access reviews

Mandatory privacy and security training for all staff

Incident response procedures and breach notification protocols

Regular compliance assessments and audits

Data Anonymization:

Personal identifiers removed from analytics and research data

Aggregated reporting that cannot identify individuals

Pseudonymization techniques for legitimate business analytics

6. Your Privacy Rights

6.1 Access and Portability Rights

Data Access:

Right to obtain confirmation of data processing and access your personal data

Receive information about data sources, processing purposes, and retention periods

Request detailed logs of data access by organization representatives

Data Portability:

Right to receive your data in a structured, commonly used format

Ability to transfer employment records to new platforms or employers

Export functionality for personal career documentation

6.2 Correction and Update Rights

Data Accuracy:

Right to correct inaccurate or incomplete personal information

Dispute resolution process for employment record discrepancies

Regular prompts to review and update profile information

6.3 Deletion and Restriction Rights

Right to Erasure:

Request deletion of personal data when no longer necessary

Right to be forgotten in certain circumstances

Exceptions for legal compliance and legitimate business needs

Processing Restrictions:

Right to restrict processing in certain circumstances

Ability to object to specific types of data processing

Opt-out mechanisms for non-essential communications

6.4 Withdrawal of Consent

Consent Management:

Easy-to-use consent withdrawal mechanisms

Granular control over different types of data processing

Clear explanation of consequences of consent withdrawal

7. Special Protections for Sensitive Data

7.1 Employee Health Information

Medical Records:

Health information processed only when legally required

Separate consent required for health-related data processing

Enhanced security measures for medical information

Accommodation Requests:

Disability accommodation information kept confidential

Access limited to essential personnel only

Regular deletion of unnecessary health data

7.2 Performance and Disciplinary Records

Performance Data:

Performance reviews and evaluations treated as highly sensitive

Access restricted to authorized management personnel

Clear data retention policies for performance history

Disciplinary Information:

Strict access controls for disciplinary records

Time-limited retention based on severity and local law

Employee rights to contest inaccurate disciplinary information

7.3 Protected Characteristics

Anti-Discrimination Compliance:

Prohibition on collecting unnecessary demographic information

Special handling of diversity and inclusion data

Regular audits to prevent discriminatory profiling

8. International Data Transfers

8.1 Cross-Border Processing

Legal Basis for Transfers:

Adequate country determinations by data protection authorities

Standard Contractual Clauses for international transfers

Binding Corporate Rules for intra-company transfers

Data Localization:

Employee data stored in jurisdiction of employment when required by law

Clear notification of data transfer destinations

Employee consent for transfers to countries without adequate protection

8.2 Multi-National Organizations

Global Workforce Management:

Consistent privacy protections across all jurisdictions

Local compliance with employment and privacy laws

Regular assessment of international transfer mechanisms

9. Children's Privacy

9.1 Age Restrictions

Platform not intended for users under 16 years of age

Age verification procedures for account creation

Special protections for young workers in jurisdictions where legal

9.2 Parental Rights

Parental consent required for users under 18 where legally required

Special privacy protections for minor employees

Enhanced consent mechanisms for sensitive data processing

10. Cookie Policy and Tracking

10.1 Cookie Categories

Essential Cookies:

Authentication and security cookies

Session management and platform functionality

Cannot be disabled without affecting platform operation

Analytics Cookies:

Platform usage and performance monitoring

User experience optimization

Aggregated reporting and trend analysis

Preference Cookies:

User interface customization

Language and accessibility preferences

Job recommendation optimization

10.2 Cookie Management

User Controls:

Cookie preference center with granular controls

Ability to accept or reject non-essential cookies

Regular prompts to review cookie preferences

Third-Party Cookies:

Limited use of third-party tracking cookies

Clear disclosure of third-party cookie providers

Opt-out mechanisms for advertising cookies

11. Privacy by Design

11.1 Data Minimization

Collection Limitation:

Collect only data necessary for stated purposes

Regular review of data collection practices

Employee consent for additional data collection

Purpose Limitation:

Use data only for specified, legitimate purposes

Secondary use requires additional consent or legal basis

Clear communication of processing purposes

11.2 Privacy-Enhancing Technologies

Technical Measures:

Encryption of personal data at rest and in transit

Pseudonymization and anonymization techniques

Privacy-preserving analytics methods

Administrative Measures:

Privacy impact assessments for new features

Regular privacy training for all personnel

Incident response and breach notification procedures

12. Complaints and Dispute Resolution

12.1 Internal Complaint Process

Privacy Officer Contact:

Dedicated privacy officer for data protection inquiries

Formal complaint process with defined response timelines

Escalation procedures for unresolved issues

12.2 Regulatory Complaints

Data Protection Authorities:

Right to file complaints with relevant data protection authorities

Contact information for applicable regulators

Cooperation with regulatory investigations

12.3 Alternative Dispute Resolution

Mediation Services:

Access to independent privacy mediation services

Binding arbitration for certain privacy disputes

Legal remedies and compensation where applicable

13. Updates to Privacy Policy

13.1 Change Notification

Material Changes:

Email notification to all registered users

Prominent in-platform notifications

30-day advance notice for significant changes

Change Tracking:

Version control and change history

Clear identification of modified sections

Archive of previous policy versions

13.2 Consent to Changes

Continued Use:

Continued platform use constitutes acceptance of changes

Opportunity to withdraw consent before changes take effect

Account termination rights if changes are unacceptable

14. Contact Information

14.1 Privacy Officer

Contact Details:

Email: privacy@kaaziai.com

Phone: [Privacy Hotline Number]

Address: [Privacy Officer Address]

Response Times:

Acknowledgment within 48 hours

Full response within 30 days

Complex inquiries may require additional time with notification

14.2 Regional Representatives

European Union:

EU Representative: [EU Contact Details]

Data Protection Officer: [DPO Contact Details]

Other Jurisdictions:

Regional privacy contacts as required by local law

Local language support where available

---

This Privacy Policy is effective as of August 27, 2025

Document Version: 1.0

Next Scheduled Review: February 27, 2026

By using the KaaziAI platform, you acknowledge that you have read, understood, and agree to this Privacy Policy and our Terms and Conditions.