Legal

Privacy Policy

This policy describes how Astatinn LLC collects, uses, and shares personal information when you use the HireTrust public website and portals.

Key points
  • We collect only what we need to run the service and keep it secure.
  • Candidate reports are shared with authorized employer users.
  • We support privacy requests as required by applicable law.
Status
Last updated: 2026-01-18
Applies to: public web, Employer Portal, Jobs Portal, Applicant Portal.
Questions: privacy@hiretrust.me
Privacy illustration

Overview

This Privacy Policy explains how Astatinn LLC (Astatinn, we, us) collects, uses, shares, and protects personal information when you use HireTrust, including the public website and Portals such as the Employer Portal, Jobs Portal, and Applicant Portal (collectively, the Portals).

Depending on your role and the portal you use, Astatinn may act as a data controller (for example, for the public website and direct sales communications) or as a processor or service provider on behalf of employer customers (for example, when processing candidate data inside employer workflows). If you have questions about controller and processor roles for a specific engagement, contact us.

Notice and acceptance

This Privacy Policy is incorporated into the Service terms. By using the Service, you acknowledge this Privacy Policy and the processing described here. If you do not agree, do not use the Service.

Employers may be responsible for providing additional candidate notices and obtaining consents depending on applicable law.

Key points
  • We collect only what we need to operate the Service, run validation steps, and deliver reporting.
  • Candidate reports are shared with authorized employer users for hiring decisions.
  • We use security controls, logs, and monitoring to protect the Portals.
  • You may have privacy rights depending on your location, and we support requests as required by law.

What we collect

The categories below may apply depending on your role and which portal you use.

  • Account and contact data (name, email address, company, role, authentication identifiers).
  • Employer inputs (role requests, requirements, evaluation criteria, interview notes, and hiring workflow actions).
  • Candidate data (profile information, work history, links you provide, and communications related to opportunities).
  • Assessment and validation submissions (written responses, code submissions, structured interview notes, and recordings if a step includes them).
  • Usage data (pages viewed, features used, timestamps, and interactions within the portals).
  • Device and security data (IP address, browser and device information, logs, and security events).

We may also collect information you choose to provide in communications (for example, support requests) and information required to comply with legal obligations, prevent fraud, and secure the Service.

Please do not submit sensitive personal information unless it is specifically requested for a hiring workflow and legally permissible. Sensitive data can include government identifiers, health information, and other special category data. If such data is provided, we process it only as necessary for the relevant engagement and as permitted by law.

  • Audio and video: we may process recordings if a specific workflow includes them and participants are notified.
  • Identity and verification signals: we may process verification data for fraud prevention and applicant integrity checks where applicable.

Sources

We collect personal information from the following sources, depending on your role:

  • Directly from you: when you create an account, apply to a role, or communicate with us.
  • From employer customers: when they submit role requests and hiring workflow inputs or invite users.
  • Automatically: through device logs, security events, and usage telemetry in the Portals.
  • From third parties you choose: such as links you provide (for example, GitHub or LinkedIn) and identity providers.

How we use data

  • Provide and operate the service (role intake, validation workflows, reporting, authentication, and portal features).
  • Communicate with users (service updates, support responses, operational notifications).
  • Secure the service (fraud prevention, access control, incident investigation, abuse monitoring).
  • Improve reliability and quality (debugging, performance monitoring, feature improvement).
  • Comply with legal obligations and enforce our Terms of Use.

We may also use information to administer accounts, manage billing for employer customers, perform audits, maintain internal controls, and protect against fraud and abuse.

If you contact us about the Service, we may use your contact information to respond and to follow up with role calibration steps, pricing and delivery information, and onboarding materials. You can opt out of non-essential communications by using unsubscribe links where available or by contacting us.

How we share data

We share personal information only as necessary to deliver and secure the service, including:

  • With employer customers: candidate reports and submissions are shared with authorized employer users.
  • With service providers: hosting and infrastructure (including cloud providers), email delivery providers, and other vendors required to operate the service.
  • For legal reasons: when required by law, or to protect rights, safety, and security.

We may also share information with professional advisors (such as auditors and legal counsel), and in connection with a corporate transaction (such as a merger, acquisition, financing, or sale of assets), subject to appropriate confidentiality protections.

Legal bases (EEA, UK, and similar jurisdictions)

If you are located in the European Economic Area or United Kingdom, we rely on the following legal bases where applicable:

  • Contract: to provide the Service you request and manage accounts.
  • Legitimate interests: to secure the Service, prevent abuse, and improve reliability.
  • Consent: for certain cookies and marketing communications where required.
  • Legal obligations: to comply with applicable laws and respond to lawful requests.

Automated processing and profiling

The Service may use automated techniques to assist with validation workflows and reporting. We design outputs to support explainable, human-reviewed decisions. Employers remain responsible for final hiring decisions.

Automated techniques may support reviewers by generating summaries, identifying potential inconsistencies, suggesting interview prompts, and improving workflow efficiency. These outputs are reviewed by humans before they are used as hiring signals.

Where applicable law grants rights related to automated decision-making, you may request information about the logic involved and request human review. Some processing may be necessary to provide the Service.

AI service providers and self-hosted models

We may use a combination of third-party AI service providers and self-hosted models to support these features. This may include large language model APIs (for example, OpenAI) and models deployed in our environment (for example, self-hosted Ollama-based model deployments). We do not disclose implementation details beyond what is necessary to explain our processing.

We minimize data shared with AI systems, apply access controls, and use contractual protections with vendors where appropriate. We do not use AI to make final hiring decisions. Human reviewers remain responsible for validation, interpretation, and final outputs.

  • Data minimization: we send only the information needed for a given task and we prefer summaries or structured fields over raw documents where feasible.
  • Safeguards: we may use redaction, pseudonymization, and role-based access controls to reduce exposure of personal data in AI-assisted workflows.
  • Vendor controls: where applicable, we seek contractual commitments on confidentiality, security, and restrictions on use of our data.

International transfers

We may process and store information in countries other than where you live, including in the United States, where laws may differ. Where required, we implement appropriate safeguards for cross-border transfers, such as standard contractual clauses and vendor security commitments.

Retention

We retain personal information for as long as necessary to provide the Service, meet contractual obligations, comply with legal requirements, resolve disputes, and enforce our agreements. Retention periods vary depending on data type, role, and customer engagement.

Security

We implement administrative, technical, and organizational measures designed to protect personal information. No method of transmission or storage is completely secure. You are responsible for protecting your credentials and using the Service in a secure manner.

Cookies

We use cookies and similar technologies to operate the website and portals, keep sessions secure, and remember preferences. For details, see the Cookie Policy.

We may also use analytics tools to understand usage and improve reliability. If we introduce additional analytics tools, we will update our Cookie Policy and, where required by law, request consent before enabling non-essential cookies.

Your choices

Depending on your location, you may have rights to access, correct, delete, or restrict processing of personal information, or to object to processing. Some requests may require verification, and some information may be retained where required for security, legal, or legitimate business reasons.

If you are a candidate and your data is being processed in connection with an employer customer, the employer may be the controller for parts of that processing. You may need to contact the employer directly for certain requests. We will assist as required by applicable law.

  • Access: request a copy of personal information we hold about you.
  • Correction: request correction of inaccurate information.
  • Deletion: request deletion of information, subject to legal and security needs.
  • Objection: object to certain processing, including some marketing communications.
  • Portability: request a copy in a portable format where required by law.

United States notice

Certain US state privacy laws may provide rights such as access, correction, deletion, and the right to opt out of certain targeted advertising or sharing of data. HireTrust is designed as a hiring service and does not sell personal information in the conventional sense.

If you submit a request, we may verify your identity. Authorized agents may submit requests on your behalf where permitted by law, subject to verification of authority.

We do not knowingly sell personal information. If we ever engage in targeted advertising or sharing that triggers opt-out rights under applicable law, we will provide appropriate controls.

Children

The Service is not directed to children, and we do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us and we will take appropriate steps.

Changes

We may update this Privacy Policy from time to time. We will post the updated policy and revise the "Last updated" date at the top of the page. If changes are material, we may provide additional notice as required by law.

Contact

Questions about privacy? Reach out at privacy@hiretrust.me or use the contact form.

Enterprise customers. If you require a DPA, SLA, security addendum, or data retention commitments, we can provide them during onboarding.

Tech hiring, without guesswork. Skill-first. Performance-driven. Verified.

Solutions

The System

Company

Legal

© 2024–2026 HireTrust by Astatinn. All rights reserved.

Serving companies in: Dubai | Abu Dhabi | MENA | Europe

HireTrust is a proprietary system of Astatinn. All content, visual design, text, trademarks, and materials made available on this site are protected by applicable intellectual property laws. No license or right is granted by implication or otherwise, and any unauthorized copying, distribution, modification, framing, or commercial use of HireTrust materials without explicit written consent from Astatinn is prohibited. Third-party names and marks (if referenced) remain the property of their respective owners.

Cookies

We use strictly necessary cookies for security and sign-in. With your permission, we also use analytics cookies to improve performance and reliability. Cookie Policy