Home
How it works
Who is it for?
About
Blog
Sign up
Book a demo
Home
Who is it for?
How it works
ROI calculator
About
Blog
Contact
Company
See it in action
Sign up
Privacy policy
Terms of service
Company

Privacy Policy

Last Updated: 25 July 2025

Thank you for using the Hiring Platform, a service provided by Avery B.V. ("Hiring Platform," "we," "us," or "our"). We value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

By accessing or using the Hiring Platform, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Information You Provide

We collect personal information that you voluntarily provide, such as when you:

  • Register for an account.
  • Interact with our customer support.
  • Participate in promotions, surveys, or feedback sessions.
  • Engage with skill assessments or profile-building activities.

This data may include:

  • Identifying information: Full name, email address, job title, and company name.
  • User-generated content: Messages, feedback, or other inputs provided on our platform.

1.2 Information Collected Automatically

When you use the Hiring Platform, we automatically collect certain information:

  • Usage Data: Interactions with our services (e.g., features used, pages visited, insights generated).
  • Device and Browser Information: IP addresses, device type, browser version, and operating system.
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to remember your preferences and enhance your experience.

1.3 Information from Third Parties

If you integrate external services (such as an ATS), we may collect data from those platforms based on your granted permissions. This may include:

  • Publicly available candidate information.
  • Job-related data for candidate matching purposes.

2. Legal Bases for Processing

We process your personal data under one or more of the following legal bases:

  1. Contractual Necessity: When processing is necessary to provide the services you request.
  2. Legitimate Interests: For purposes such as improving our products and user experience, as long as those interests are not overridden by your rights and freedoms.
  3. Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing communications). You may withdraw consent at any time by contacting us at [email protected]
  4. Legal Obligations: Where processing is required by law or necessary to respond to legal processes.

3. How We Use Your Information

3.1 Data Processing Purposes

We use the information we collect to:

  • Provide, maintain, and improve our services.
  • Generate personalised role matching analyses and hiring insights.
  • Respond to inquiries, troubleshoot, and offer customer support.
  • Analyse usage patterns to enhance user experience and platform performance.
  • Comply with legal obligations.

3.2 Communication

We may use your contact information to:

  • Send important service updates, product changes, or new feature announcements.
  • Provide information about promotional offers or news, which you can opt out of at any time by unsubscribing or emailing us at [email protected]

3.3 Legal and Compliance

We may process your data to:

  • Comply with applicable laws, regulations, and legal requests.
  • Protect the rights, property, or safety of the Hiring Platform, our users, or others.

4. Data Sharing and Subprocessors

We share data with trusted third-party subprocessors who assist in operating, maintaining, and improving our services. Each subprocessor is contractually obligated to handle your data securely and in compliance with GDPR and other applicable data protection laws.

Subprocessor Purpose Data Processed Location Processing
Clerk User authentication & identity management Names, email addresses, authentication logs EU-based servers Clerk DPA
Railway Platform hosting and delivery Platform data EU-based servers Railway DPA
AWS Data storage and analysis Platform data EU-based servers AWS DPA
OpenAI API AI-driven services & functionalities User inputs, interaction data, related metadata (used only for AI features) Global infrastructure OpenAI DPA
PostHog (EU Cloud) Product analytics, session recording, experiments, feature flags Event data, user session data, feature‑flag and survey metadata EU-based servers PostHog Cloud EU DPA
Help Scout Customer support desk, shared inbox, live chat & help center Support conversation content, user details, contact metadata US based servers Help Scout DPA

5. Data Storage

We store all data securely on Railway servers located in Amsterdam. Railway provides industry-standard security measures, including encryption at rest and in transit. Access to stored data is restricted to authorized personnel only.

6. Data Security

We implement technical and organisational measures to protect your personal data against unauthorized access, misuse, loss, or alteration. These measures include:

  • Encryption of data in transit (TLS) and at rest (AES-256).
  • Multi-factor authentication (MFA) for sensitive systems.
  • Regular security audits, including penetration testing and vulnerability scanning.
  • Logging and monitoring of access to sensitive data.

7. Data Retention

We retain personal data only as long as necessary to provide our services, comply with legal obligations, or fulfill our operational requirements. Retention periods vary based on the data type and purpose:

  • Account-related data: Retained while your account remains active; securely deleted within 30 days of account closure, unless required for legal purposes.
  • Usage data: Retained for up to 12 months for analytics and improvements, then anonymized or securely deleted.
  • Legal obligations: Data such as invoices may be retained for 7 years to comply with tax and financial regulations.

We use secure deletion methods (e.g., cryptographic erasure or overwriting) to ensure data is permanently destroyed. For further details, please refer to our Terms of Service .

8. Your Rights

Under GDPR and other applicable data protection laws, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request corrections to inaccurate or incomplete data.
  • Erasure (Right to be Forgotten): Request deletion of your personal data under certain conditions.
  • Restrict Processing: Request limitations on data processing in specific circumstances.
  • Data Portability: Receive your data in a structured, commonly used format.
  • Object: Object to processing under certain circumstances, including where data is processed on legitimate interests.

To exercise any of these rights, please email [email protected]. We may ask you to verify your identity before responding to certain requests.

9. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to:

  • Remember user preferences and settings.
  • Track user sessions, analyse platform traffic, and improve functionality.
  • Provide a personalised experience (e.g., saving log-in status, language preferences).

9.1 Types of Cookies We Use

  • Essential Cookies: Required for the Hiring Platform to function properly (e.g., authentication).
  • Analytics Cookies: Help us understand how users interact with our services (e.g., pages visited, actions taken).
  • Preference Cookies: Store your preferences (e.g., language, region).

9.2 Managing Cookie Preferences

You can manage or delete cookies at any time through your browser settings. However, disabling certain cookies may affect functionality or limit certain features of our services.

10. International Data Transfers

When personal data is transferred outside the European Economic Area (EEA), we implement appropriate safeguards in compliance with GDPR. These may include Standard Contractual Clauses (SCCs) or other mechanisms recognized by the European Commission to ensure adequate data protection.

11. AI Use with OpenAI

We use OpenAI exclusively for AI/ML functionalities, such as generating matching insights or assisting in job profile creation. We do not use any other AI or machine-learning service providers.

  • Scope of AI Processing: Only the data required to generate relevant outputs (e.g., user inputs or context for the conversation) is shared with OpenAI.
  • Data Use: We do not allow OpenAI to use personal data for training its models. Our agreement with OpenAI ensures your data is processed solely to provide the AI functionality requested.
  • Note on OpenAI: Because OpenAI’s infrastructure may be global, personal data sent to OpenAI for AI-driven features may be transferred outside the EEA. We rely on appropriate contractual safeguards—such as our Data Processing Agreement (DPA) with OpenAI—to ensure your data is protected in compliance with GDPR.

12. What Data Is Required vs. Optional

We collect certain personal data that is essential to provide our core services, as well as additional information that is optional:

  • Required Data
  • Some data fields—such as your name, email address, and organization information—are necessary for basic account creation, operation, authentication, and security. Without this information, we cannot create or maintain your account, verify your identity, or deliver core platform functionalities (e.g., generating personalised profiles and skill insights).
  • Optional Data
  • Other data points— such as responses to surveys or providing detailed organization information—are optional. Providing this information can enhance your user experience (for example, by offering better talent matching insights), but you are not obligated to share it. Declining to provide optional information may limit certain features or functionalities, but it will not prevent you from using the core aspects of the Hiring Platform.

13. Incident Notification

We have an incident response process to address security breaches promptly. In the event of a breach affecting your personal data, we will:

  • Notify affected users within 24 hours of discovering the breach.
  • Provide regular updates about the status and resolution of the incident.
  • Take immediate measures to contain the breach and mitigate potential damage.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. If any significant updates are made, we will notify you by email or through a prominent notice on our platform. We encourage you to review this Privacy Policy periodically.

15. Contact Information

If you have any questions, concerns, or requests about this Privacy Policy or your personal data, please contact us at:

Avery  B.V.

Stationsplein 45, Unit D3.118

3013 AK Rotterdam

The Netherlands

Email: [email protected]

If you believe we are not handling your data in accordance with the law, you have the right to lodge a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) or your local supervisory authority.

Book a demo

Avery helps hiring teams to hire with confidence and speed, by creating data-driven customer profiles, generating key hiring toolkit items, and making smart job-candidate matches.

© 2025 Avery. All rights reserved.

How it works
Who is it for?
ROI calculatorAboutBlogContact
FeaturesPricingContactShopBlog PostPassword
Terms of servicePrivacy policy
FeaturesPricingContactShopBlog PostPassword
Privacy policyTerms of service
Studio born