Terms of Service
1. Acceptance of Terms
By accessing or using the KitesHR platform ("Service"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to all terms and conditions, you may not access or use the Service. These Terms apply to all users, including recruiters, hiring managers, and administrators.
2. Description of Service
KitesHR is a recruitment management platform that enables organizations to manage candidate pipelines, job postings, recruiter collaboration, and hiring workflows. The Service includes candidate data management, resume processing, application tracking, and related recruitment tools.
3. User Accounts
You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You must immediately notify KitesHR of any unauthorized use of your account. KitesHR reserves the right to suspend or terminate accounts that violate these Terms.
4. Acceptable Use
You agree not to: (a) use the Service for any unlawful purpose; (b) upload or transmit malicious code; (c) attempt to gain unauthorized access to any part of the Service; (d) share candidate data outside of the authorized recruitment workflow; (e) use the Service to discriminate against any individual based on protected characteristics.
5. Intellectual Property
All content, features, and functionality of the Service are owned by KitesHR and are protected by international copyright, trademark, and other intellectual property laws. You may not copy, modify, or distribute any part of the Service without prior written consent.
6. Data Processing for Recruitment
KitesHR processes candidate personal data solely for recruitment purposes. Users who upload candidate information represent and warrant that they have obtained the necessary consent or have a legitimate basis for processing such data. Users must comply with all applicable data protection laws when using the Service.
7. Limitation of Liability
KitesHR shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, or business opportunities, resulting from your use of the Service.
8. Termination
KitesHR reserves the right to suspend or terminate your access to the Service at any time, with or without cause and with or without notice. Upon termination, your right to use the Service will immediately cease, and any data associated with your account may be deleted in accordance with our data retention policies.
9. Changes to Terms
KitesHR reserves the right to modify these Terms at any time. We will notify users of material changes via email or through the Service. Your continued use of the Service after such changes constitutes acceptance of the revised Terms.
Privacy Policy
1. Introduction
KitesHR ("we", "us", "our") is committed to protecting the privacy and personal data of all individuals whose information is processed through our platform. This Privacy Policy explains how we collect, use, store, and protect personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
2. Data Controller
KitesHR acts as a data processor on behalf of its clients (the data controllers) who use the platform for recruitment purposes. Our clients are responsible for ensuring that all personal data uploaded to the platform has been collected lawfully and with appropriate consent.
3. Data We Collect
We may process the following categories of personal data: (a) Candidate Data — names, email addresses, phone numbers, resumes/CVs, employment history, education, skills, salary expectations, and other information provided during the application process; (b) User Data — names, email addresses, roles, and authentication credentials of platform users (recruiters, administrators); (c) Usage Data — log data, IP addresses, browser information, and platform interaction data for service improvement.
4. Consent and Legal Basis for Processing
We process personal data based on the following legal grounds under GDPR Article 6: (a) Consent — When candidates provide explicit consent for their data to be processed for recruitment purposes. Candidates are sent a consent request email upon submission of their application and may accept or decline; (b) Legitimate Interest — For the purposes of managing recruitment processes and improving our services; (c) Contractual Necessity — To fulfill our obligations under service agreements with our clients.
5. Candidate Consent Flow
KitesHR implements a transparent consent mechanism for candidate data: (a) When a candidate's information is submitted to the platform, they receive an email notification informing them that their data is being processed; (b) Candidates can explicitly Accept or Decline consent; (c) If a candidate declines consent, their data will be flagged and excluded from active recruitment processes; (d) Candidates who have not responded to the consent request are treated as implicitly consented but are clearly marked as "Unconfirmed" in the system for transparency; (e) Consent status is tracked with timestamps and is visible to authorized administrators.
6. Data Subject Rights (GDPR)
In accordance with GDPR, candidates and other data subjects have the following rights: (a) Right of Access — Request a copy of personal data we hold; (b) Right to Rectification — Request correction of inaccurate data; (c) Right to Erasure (Right to be Forgotten) — Request permanent deletion of personal data. KitesHR provides a complete data deletion mechanism that removes all application records, process histories, resumes, and assessment data; (d) Right to Restrict Processing — Request limitation of data processing; (e) Right to Data Portability — Receive personal data in a structured, machine-readable format; (f) Right to Object — Object to processing based on legitimate interests.
7. Data Deletion Process
KitesHR provides a GDPR-compliant data deletion process: (a) Authorized users can initiate deletion of application records through the platform; (b) Deletion is performed as a cascading hard-delete, permanently removing all associated data including application records, process histories, resume links, and payment associations; (c) Upon successful deletion, automated confirmation emails are sent to both the candidate and the responsible recruiter; (d) Deleted data cannot be recovered. This process ensures full compliance with the GDPR Right to Erasure.
8. Data Security
We implement appropriate technical and organizational measures to protect personal data, including: (a) Encryption of data in transit (TLS/SSL) and at rest; (b) Role-based access control with granular permissions; (c) Regular security audits and vulnerability assessments; (d) Secure authentication with JWT tokens; (e) Database transaction integrity for all data operations.
9. Data Retention
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected. Candidates who decline consent will have their data flagged for removal. Data that is no longer needed for active recruitment will be deleted in accordance with our retention schedule or upon request from the data subject.
10. International Data Transfers
KitesHR may transfer personal data to servers located outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses or other approved transfer mechanisms under GDPR.
11. Third-Party Services
We may use third-party services for email delivery, cloud hosting, and analytics. All third-party processors are vetted for GDPR compliance and are bound by data processing agreements that ensure the protection of personal data.
12. Cookies
The Service uses essential cookies for authentication and session management. We do not use tracking or advertising cookies. By using the Service, you consent to our use of essential cookies.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify affected parties of material changes via email or through the platform. The updated policy will be effective upon posting with a revised "Last Updated" date.
14. Contact Information
For any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact our Data Protection team at: kiteshr.manage@gmail.com
GDPR Compliant
KitesHR is fully compliant with the General Data Protection Regulation (EU) 2016/679. We implement data consent flows, right-to-erasure mechanisms, and transparent data processing practices to protect every individual's privacy.