Privacy Policy

1. Information We Collect

1.1 Information You Provide

When you use NewHirely, you may provide us with:

• Account Information: Name, email address, password, company name, phone number
• Employee Information: Names, contact details, emergency contacts, addresses
• Employment Documents: Licenses, insurance certificates, resumes, contracts, background checks
• Payment Information: Credit card details (processed securely through Stripe)
• Communications: Support requests, feedback, and correspondence

1.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent, clicks
• Device Information: IP address, browser type, operating system, device identifiers
• Cookies: We use cookies for authentication, preferences, and analytics
• Log Data: Server logs including timestamps, errors, and access patterns

2. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve the Service
• Process transactions and send billing information
• Send onboarding invitations and automated reminders
• Respond to support requests and communications
• Monitor and analyze usage patterns to improve user experience
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations and enforce our Terms of Service
• Send marketing communications (you may opt out anytime)

3. Data Sharing & Disclosure

3.1 We DO NOT Sell Your Data

We will never sell, rent, or trade your personal information to third parties for marketing purposes.

3.2 Service Providers

We share data with trusted service providers who assist us in operating the Service:

• Supabase: Database and authentication
• Cloudflare: Hosting and CDN
• Stripe: Payment processing
• DocuSign (via Make.com): Electronic signatures
• Gusto: Payroll integration (when enabled)
• Email Service Providers: Transactional emails

All service providers are contractually obligated to protect your data and use it only for specified purposes.

3.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

4. Data Security

We implement industry-standard security measures to protect your data:

• Encryption: All data transmitted using TLS 1.3 encryption
• Secure Storage: Data encrypted at rest using AES-256
• Access Controls: Role-based permissions and Row Level Security (RLS)
• Signed URLs: Document access via expiring signed URLs
• Authentication: Secure password hashing and email verification
• Monitoring: Continuous security monitoring and audit logging

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Upon account termination:

• Data is retained for 30 days to allow for potential reactivation
• After 30 days, all personal data is permanently deleted
• You may request immediate deletion by contacting us
• We may retain certain data longer if required by law or for legitimate business purposes

6. Your Rights & Choices

6.1 Access & Correction

You have the right to access, update, or correct your personal information through your account settings.

6.2 Data Portability

You may request a copy of your data in a structured, machine-readable format (CSV, JSON).

6.3 Deletion

You may request deletion of your account and all associated data at any time. This action is irreversible.

6.4 Marketing Opt-Out

You may opt out of marketing communications by clicking "unsubscribe" in any email or by contacting us.

6.5 Cookie Controls

Most browsers allow you to control cookies through settings. Note that disabling cookies may limit Service functionality.

7. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR:

• Right to Access: Obtain confirmation of data processing and access to your data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Restrict processing under certain conditions
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@newhirely.com

8. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses for EU data transfers.

10. Third-Party Links

Our Service may contain links to third-party websites (DocuSign, Gusto, Calendly, etc.). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

11. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to say no to the sale of personal information (we don't sell data)
• Right to access your personal information
• Right to request deletion of personal information
• Right to non-discrimination for exercising CCPA rights

12. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification to your registered email address

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

For questions or concerns about this Privacy Policy or our data practices, please contact us:

Privacy Team: privacy@newhirely.com
General Support: support@newhirely.com
Data Protection Officer: dpo@newhirely.com