Privacy Policy

Last updated: October 24, 2025

1. Introduction

Alwayscale Private Limited (“Alwayscale,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, process, and store your personal information and your rights under applicable laws, including updates like the UK's 2025 Data (Use and Access) Act revisions to UK GDPR and new US state privacy laws (e.g., in Indiana and Iowa).
By using our AI-powered hiring platform, you agree to this Privacy Policy. We're based in India and serve SMBs, recruiters, and job seekers globally.

2. Information We Collect

Identifiers: Name, email, phone number, IP address, device identifiers.
Professional Information: Resume content, employment history, skills, qualifications.
Sensitive Information: Passwords, financial information (credit/debit card, bank account via secure gateways), health data (optional, with consent), biometric information (if provided for voice screening).
Usage Data: Browsing activity, clicks, interactions, analytics (e.g., time spent on shortlisting).
Other Data: Candidate rankings, AI recommendations, preferences (e.g., job alerts). We minimize collection and obtain consent where required, especially under India's DPDP Act.

3. How We Use Your Information We use personal information to:

Provide hiring automation services (e.g., AI JD creation, resume parsing, voice bots).
Generate AI-powered recommendations and candidate-job matching.
Send account notifications, job alerts, and service communications.
Analyze platform usage to improve services (anonymized where possible).
Ensure security and prevent fraud (e.g., anomaly detection).
Comply with legal obligations (e.g., audits or disputes).

Data is retained only as needed—typically 6-12 months post-hire or job closure, unless legally required (e.g., 7 years for tax records). You can request deletion anytime.

4. International Data Transfers

Your personal information may be processed in countries including India, United States, EU, Singapore, and others where our service providers operate (e.g., AWS in US/Singapore, Google Cloud in EU). DPDP Act restrictions on sensitive data transfers outside India are followed.

To deliver and improve platform features
For hiring automation and analytics
To comply with legal obligations

We implement safeguards such as:

Standard Contractual Clauses (SCCs) for EU transfers.
Adequacy decisions and Binding Corporate Rules where applicable.
ISO 27001/SOC 2 security standards.
Explicit consent when legally required.

You may request information about where your data is processed, obtain copies of safeguards, and object to inadequate transfers.

5. Children’s Privacy

Our platform is not for individuals under 18 years old. If a parent believes a child under 18 has provided information without consent, contact us immediately. We will investigate, delete the data within 48 hours, and prevent future unauthorized access. Educational institutions must ensure users are 18+.

6. Third-Party Links and Integrations

We may link to third-party sites or services (e.g., job boards); we are not responsible for their privacy practices—review theirs separately. Third-party integrations include LinkedIn, Google/Outlook calendars, payment gateways (Razorpay, Stripe, PayPal), and analytics tools. You control permissions and can revoke access through your provider settings. Social features may involve cookies or IP tracking for ads. .

7. Marketing and Communications

Transactional messages (account updates, interview invitations, payment receipts) are essential and cannot be opted out of.
Marketing communications (newsletters, product updates, job recommendations) can be opted out of via your account settings or by contacting us.

We personalize based on your role, activity, and preferences. We do not sell your data; targeted ads use anonymized aggregates.

8. California, Nevada, Virginia, Colorado, Connecticut, Utah, and EU/UK Privacy Rights

Users have rights under CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, GDPR/UK GDPR (as updated in 2025), and similar laws to:

Access, correct, delete, restrict, or port personal data.
Opt out of "sales/sharing," targeted advertising, or automated decision-making.
Limit sensitive data use.

Exercise via account settings, our Privacy Rights Portal (coming soon), or by contacting us. We'll respond within 45 days (extendable if complex). EU/UK users can complain to local authorities.

9. AI and Algorithmic Transparency

AI is used for resume parsing, candidate ranking, job matching, voice screening, job description generation, and predictive analytics. We conduct regular bias audits, use diverse training data, and ensure human oversight for final decisions—AI is advisory only. Decisions are explainable (e.g., "Ranked high due to 5+ years in Python and cultural fit score"). You may request AI reviews, explanations, or opt-out from specific processes (e.g., no voice biometrics).

10. Data Breach Notification

Detect, contain, and assess promptly (24/7 monitoring).
Notify affected users and authorities as required (e.g., within 72 hours under GDPR; 30-60 days under CCPA).
Provide recommended actions (e.g., password resets, credit monitoring).

11. Security Measures

We implement industry-standard practices: encryption (AES-256 at rest, TLS in transit), access controls (MFA, role-based), and monitoring. Users: Use strong passwords, enable MFA, and watch for suspicious activity.

12. Changes to This Privacy Policy

Updates may occur for new legal requirements (e.g., 2025 state laws), services, or feedback. Material changes get 30 days' notice via email or in-platform alerts. Continued use after changes constitutes acceptance. Check back periodically.

13. Contact Information

For all privacy, grievance, AI, security, or rights requests, contact us at:

Email: contact@alwayscale.com
Phone: +91 95607 00260

We'll respond within 30 days (or sooner for urgent issues) and resolve concerns promptly. For India-specific grievances under DPDP, reference this as your primary channel.