Privacy Policy

Last updated: 3 June 2025

1. Who we are

Hireflow AI (“we”, “us”, “our”) is a UK-based AI-powered recruitment platform operated by Bradley Jones, trading as Hireflow AI. Our registered contact address is available on request.

Our website is hireflow.london. We are the data controller for information collected through this platform.

We are committed to protecting your personal data and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What data we collect

We collect personal data in the following ways:

Employers / Hiring businesses

  • Name and work email address
  • Company name and location
  • Job postings you create (title, description, salary, hours)
  • Billing and subscription information (processed securely via Stripe — we do not store card details)
  • Usage data (pages visited, features used, login times)

Candidates / Job seekers

  • Full name and contact details
  • CV and employment history
  • Application details and cover information
  • AI-generated scores and summaries based on your application
  • Interview stage information

All visitors

  • IP address and browser type
  • Pages visited and time on site
  • Cookie data (see section 7)

3. How we use your data

We use your personal data to:

  • Provide and operate the Hireflow AI platform
  • Match job seekers with relevant job opportunities
  • Generate AI-powered candidate scores and job descriptions
  • Send transactional emails (application confirmations, job alerts)
  • Process subscription payments
  • Improve and personalise our service
  • Comply with legal obligations

Our lawful bases for processing under UK GDPR are:

  • Contract — to provide the service you signed up for
  • Legitimate interests — to operate and improve the platform
  • Legal obligation — where required by law
  • Consent — for marketing communications (you may withdraw at any time)

4. Who we share your data with

We do not sell your personal data. We share it only with trusted third-party service providers who process it on our behalf:

  • Supabase — database and authentication hosting
  • Stripe — payment processing
  • OpenAI — AI-powered job description and candidate scoring features
  • Resend — transactional email delivery
  • Adzuna — job data import (public job listings only)

All providers are bound by data processing agreements and appropriate safeguards.

5. How long we keep your data

  • Active accounts: Data is retained for as long as your account is active.
  • Deleted accounts: Personal data is deleted within 30 days of account closure, unless required for legal or financial compliance.
  • Candidate applications: Retained for 12 months after the role is closed, then deleted unless the employer retains it for their own records.
  • Payment records: Retained for 7 years in line with UK financial regulations.

6. Your rights under UK GDPR

You have the following rights regarding your personal data:

  • Right of access — request a copy of the data we hold about you
  • Right to rectification — ask us to correct inaccurate data
  • Right to erasure — request deletion of your data (“right to be forgotten”)
  • Right to restriction — ask us to limit how we process your data
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — withdraw consent for marketing at any time

To exercise any of these rights, email us at privacy@hireflow.london. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

7. Cookies

We use essential cookies to keep you logged in and to ensure the platform functions correctly. We do not use advertising or tracking cookies.

  • Session cookies — required for authentication (deleted when you close your browser)
  • Preference cookies — to remember your settings

You can control cookies through your browser settings, but disabling essential cookies may affect functionality.

8. Data security

We implement industry-standard security measures including encrypted data transmission (TLS/HTTPS), secure authentication, and access controls. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. Changes to this policy

We may update this policy from time to time. We will notify you of significant changes by email or by displaying a notice on our platform. The “Last updated” date at the top of this page will always reflect the most recent revision.

10. Contact us

If you have any questions about this Privacy Policy or how we handle your data:

Hireflow AI

Email: privacy@hireflow.london

Website: hireflow.london

← Back to homeTerms of Service