We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Read our Cookie Policy for more information.

    Legal

    Privacy Policy

    How NeoHireX collects, uses, stores, and protects your personal data. Built to meet DPDP Act 2023, GDPR, and other global privacy standards.

    Effective date: April 2026 | Last updated: April 2026

    In this policy

    Section 1

    Overview

    NeoHireX ("we", "us", "our") provides an AI hiring operating system for staffing agencies, IT consulting firms, and in-house HR teams. This Privacy Policy explains how we handle personal data we collect when you use our platform, website, or services.

    We act as a data processor for candidate and employee data your organisation uploads to NeoHireX, and as a data fiduciary for your account and usage data.

    By using NeoHireX, you agree to the practices described here. If you do not agree, please do not use the platform.

    Section 2

    Data we collect

    We collect only the data necessary to provide and improve the NeoHireX platform.

    Account information

    • Name, email, phone
    • Job title and organisation
    • Authentication credentials
    • Profile preferences

    Candidate and HR data

    • Resumes and applications
    • Interview transcripts and recordings
    • Assessment scores and notes
    • Employment and contract records

    Usage data

    • Pages viewed and actions taken
    • Device, browser, and IP address
    • Session duration and timestamps
    • Feature usage analytics

    Cookies and similar tech

    • Essential session cookies
    • Analytics cookies (opt-in)
    • Preference cookies
    • No third-party advertising cookies
    Section 3

    How we use your data

    1

    Provide the platform

    Operate, maintain, and deliver the NeoHireX hiring operating system to your organisation.

    2

    Improve the product

    Analyse aggregated usage to improve features, performance, and reliability. Never used for advertising.

    3

    Communicate with you

    Send service notifications, security alerts, billing updates, and product news (with your consent).

    4

    Ensure compliance

    Maintain audit logs, enforce access controls, and meet legal obligations under DPDP Act 2023, GDPR, and other applicable laws.

    5

    Protect the platform

    Detect fraud, prevent abuse, and secure data against unauthorised access or breach.

    Section 5

    Sharing and disclosure

    We do not sell personal data. We share data only with:

    • Sub-processors

      Cloud hosting, email delivery, and analytics providers under strict data processing agreements.

    • Your organisation

      Authorised users in your workspace based on configured role permissions.

    • Legal authorities

      When required by law, court order, or to protect rights and safety.

    • Business transfers

      In the event of a merger or acquisition, with continued protection of your data.

    Section 6

    Data retention

    We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy or as required by law.

    • Account data: while your account is active
    • Candidate data: per your organisation's retention settings
    • Audit logs: minimum 7 years for compliance
    • Backups: deleted within 30 days of account closure
    Section 7

    Your rights

    Under DPDP Act 2023, GDPR, and similar laws, you have the following rights over your personal data.

    Right to access

    Request a copy of the personal data we hold about you.

    Right to correction

    Ask us to correct inaccurate or incomplete personal data.

    Right to deletion

    Request deletion of your personal data, subject to legal retention requirements.

    Right to withdraw consent

    Withdraw consent at any time where processing is based on consent.

    Right to data portability

    Receive your personal data in a structured, machine-readable format.

    Right to grievance redressal

    Contact our Data Protection Officer for any privacy concerns or complaints.

    To exercise any of these rights, email us at privacy@neohirex.com

    Section 8

    Security

    Enterprise-grade safeguards

    • Encryption in transit (TLS 1.3) and at rest (AES-256)
    • Role-based access controls across 16 access tiers
    • Tamper-evident audit logs
    • Regular penetration testing and vulnerability scans
    • SOC 2 Type II aligned controls
    • 24/7 security monitoring and incident response
    Section 9

    International transfers

    Personal data of Indian residents is stored in India or in adequacy-approved jurisdictions, in line with DPDP Act 2023 requirements. For other regions, transfers are governed by Standard Contractual Clauses (SCCs) and equivalent safeguards under GDPR.

    Section 10

    Cookies and tracking

    We use essential cookies to operate the platform and optional analytics cookies to improve it. You can manage cookie preferences at any time.

    For full details, see our Cookie Policy.

    Section 11

    Children's data

    NeoHireX is not intended for individuals under 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, contact us and we will delete it promptly.

    Section 12

    Changes to this policy

    We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification. The "Last updated" date at the top of this page reflects the most recent revision.

    Section 13

    Contact us

    Data Protection Officer, NeoHireX

    Email: privacy@neohirex.com

    For DPDP Act grievances, we will respond within the statutory timeframe.

    Questions about your data?

    Our team is here to help with any privacy-related questions or requests.

    Contact Privacy TeamRead DPDP Guide