Privacy Policy

OnHirely ("we", "us", "our") operates the website onhirely.com and the OnHirely bias audit platform. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and company name. If you sign in via a third-party provider (e.g., Google), we receive the profile information you authorize.

Audit Data

When you run a bias audit, you upload hiring data (selection rates, demographic categories, AI scores). This data is processed to generate your compliance report and is never used for any other purpose.

Usage Data

We collect anonymized analytics (pages visited, features used, browser type) via PostHog to improve the product. We do not use third-party advertising trackers.

2. How We Use Your Information

• Provide and operate the bias audit platform
• Generate compliance reports for the regulations you select
• Send transactional emails (account confirmation, audit results)
• Improve and debug the product based on anonymized usage patterns
• Respond to support requests

We never sell, rent, or share your personal data or audit data with third parties for marketing purposes.

3. Data Retention

Audit data is retained for a configurable period (30–180 days) that you choose in your account settings. After the retention period, audit data is permanently deleted from our systems. Account information is retained as long as your account is active. You may request deletion at any time.

4. Data Security

We protect your data with industry-standard measures including:

• TLS encryption for all data in transit
• AES-256 encryption for data at rest
• Role-based access controls for internal systems
• Regular security audits and dependency updates

5. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access — Request a copy of the data we hold about you
• Rectification — Correct inaccurate personal data
• Erasure — Request deletion of your data ("right to be forgotten")
• Portability — Receive your data in a machine-readable format
• Objection — Object to processing of your data
• Restriction — Request we limit how we process your data

To exercise any of these rights, contact us at privacy@onhirely.com. We respond within 30 days.

6. Cookies

We use essential cookies for authentication and session management. We use PostHog for anonymized product analytics. We do not use advertising or tracking cookies. You can disable non-essential cookies in your browser settings.

7. GDPR Compliance (EU/EEA Users)

We process personal data under the following legal bases: contract performance (providing the audit service), legitimate interest (product improvement), and consent (where applicable). Data is processed in the United States. We rely on standard contractual clauses for cross-border transfers.

8. CCPA Compliance (California Users)

California residents have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact privacy@onhirely.com.

9. Third-Party Services

We use the following third-party services to operate OnHirely:

• Vercel — Hosting and edge delivery
• PostHog — Anonymized product analytics
• Neon / Supabase — Database infrastructure

Each provider has its own privacy policy. We only share the minimum data required for the service to function.

10. Children's Privacy

OnHirely is a B2B compliance tool and is not directed at children under 16. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on our website. Continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related inquiries, contact us at privacy@onhirely.com.