Joinus.teamjoinus.team
Draft — pending legal review. This page is a structural placeholder so the product can launch with the right sections in place. Final wording will be reviewed by counsel before it is relied upon.

Privacy Policy

Last updated: 2026-06-14 (draft)

This policy explains what personal data Joinus.team processes, why, and the controls you and candidates have over it. As an AI recruiter, we process candidate and recruiter data on behalf of our customers (the hiring organisations) — they are the data controller; we are the processor.

1. Who we are

Joinus.team operates an autonomous AI recruiter. For candidate and hiring data, the hiring organisation using the product is the data controller; we act as the data processor on their documented instructions.

2. Data we process

Account data (recruiter names, emails, organisation details), candidate data (applications, CVs, messages, interview notes, scores), and operational data (the agent’s actions, approvals, and audit logs).

Where a recruiter connects an inbox, calendar, or messaging account, we process the contents the connection grants — only with the recruiter’s explicit, informed consent, and every access is logged.

3. How the AI uses data

The agent uses your organisation’s data to do recruiting work for that organisation only. We do not train shared models across customers on your data — learning is per-customer.

External content (CVs, inbound messages, web pages) is treated as information to consider, never as instructions to obey.

4. AI disclosure

Where required by law (including the EU AI Act), candidate-facing messages are clearly marked as AI-assisted. Elsewhere the assistant is presented as a recruiter and is truthful about being an AI when asked.

5. Sub-processors

We use vetted sub-processors (e.g. cloud hosting, model providers, messaging and connection services). A current list is available on request and maintained as part of our data-processing terms.

6. Retention

We retain personal data only as long as needed to provide the service or as the controller instructs. Interview transcripts and recordings, where used, follow a defined, configurable retention window.

7. Your rights & deletion

Candidates and users can request access to, correction of, or deletion of their data. Right-to-be-forgotten requests are honoured within the legal window across every store that holds the data.

8. Security

Data is isolated per customer (one customer can never access another’s), connection tokens are encrypted at rest, and every action is recorded in an audit log.

9. Contact

Privacy questions and data-subject requests: privacy@joinus.team.