Privacy Policy — HireDue

Effective Date: 16th April 2026

Last Updated: 16th April 2026

1. Introduction

HireDue (“Company”, “we”, “our”, “us”) provides a software platform that assists users in managing and streamlining their job application workflows, including identifying opportunities and facilitating professional communication.

We are committed to protecting user privacy through a privacy-first, user-controlled architecture, where sensitive data is processed locally on the user’s device wherever feasible.

This Privacy Policy explains how we collect, use, store, and safeguard personal information.

2. Scope and Applicability

This Privacy Policy applies to:

  • HireDue desktop application
  • HireDue website
  • Any associated services or integrations, including Google APIs

This policy applies globally, subject to applicable data protection laws.

3. Key Privacy Principles

HireDue is designed around the following principles:

  • Data Minimization — Only necessary data is collected
  • User Control — Users control all actions (including email sending)
  • Local Processing First — Sensitive data remains on-device where possible
  • Purpose Limitation — Data is used only for explicitly defined purposes
  • No Data Sale — Personal data is never sold

4. Categories of Data Collected

4.1 Information Provided by Users

  • Full name
  • Email address
  • Resume / CV and professional details
  • Job preferences and search criteria

4.2 Usage and Operational Data

  • Application activity initiated by the user
  • Status of job applications
  • System logs (errors, performance diagnostics)

4.3 Google Account Data (OAuth Integration)

When you connect your Google account, we access:

  • Permission to send emails via Gmail (gmail.send scope only)

We do not collect:

  • Gmail passwords
  • Inbox content
  • Email history

5. How We Use Personal Data

We process personal data strictly for the following purposes:

  • Facilitating job application workflows
  • Generating personalized communication drafts
  • Enabling users to send emails through their Gmail account
  • Providing tracking and visibility into application activity
  • Maintaining system performance and reliability

6. Google API Services User Data Compliance

HireDue’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

6.1 Scope of Access

HireDue only requests:

  • gmail.send permission

6.2 Use of Data

Google user data is used solely to:

  • Enable users to send emails from their own Gmail account

6.3 Restrictions

HireDue explicitly commits that:

  • Google user data is not used for advertising purposes
  • Google user data is not sold or transferred to third parties
  • Google user data is not used for profiling or tracking users across services
  • Google user data is not accessed beyond the functionality explicitly requested by the user

6.4 No Background Access

  • Emails are sent only when initiated by the user
  • HireDue does not perform automated or background email sending

7. Local-First Processing Architecture

HireDue follows a hybrid architecture:

7.1 Local Processing (On User Device)

  • Session handling
  • Interaction with external platforms
  • Email sending actions triggered by the user

Sensitive credentials remain on the user’s device.

7.2 Cloud Processing

Limited data may be stored securely in cloud systems:

  • Resume data (for personalization)
  • Job-related data (for matching and tracking)
  • Application activity logs

8. Data Sharing and Disclosure

HireDue does not sell, rent, or trade personal data.

Data may be shared only:

  • With infrastructure providers (e.g., hosting services)
  • When required by applicable law

All third-party processors are bound by confidentiality and data protection obligations.

9. Data Retention

We retain personal data only for as long as necessary to:

  • Provide the service
  • Meet legal or operational requirements

Users may request deletion at any time.

10. Data Security

We implement industry-standard security measures:

  • Encrypted communication (HTTPS/TLS)
  • Controlled system access
  • Secure handling of authentication tokens
  • Local storage of sensitive credentials

11. User Rights

Users have the right to:

  • Access their personal data
  • Request correction
  • Request data deletion
  • Revoke Google account access
  • Discontinue use of the service

12. Responsible Use Policy

HireDue is intended for legitimate professional use only.

The platform must not be used for:

  • Spam or unsolicited mass communication
  • Harassment or abusive messaging
  • Misrepresentation

13. Children’s Privacy

HireDue is not intended for individuals under the age of 18.

14. Updates to this Policy

We may update this Privacy Policy periodically. Updates will be reflected with a revised “Last Updated” date.

15. Contact Information

team@hiredue.com