1. Introduction
RELYzIT Talent (“we,” “our,” or “us”) is committed to ensuring the highest level of data privacy and security, in compliance with:
- General Data Protection Regulation (GDPR) (EU) 2016/679
- NIS 2 Directive (where applicable)
- ISO 27001 Security Standards
This Privacy Policy explains:
- What personal data we collect
- How we process data, including AI usage
- Your rights under GDPR and how to exercise them
- Our security and compliance measures
For inquiries or to exercise your data rights, contact us at:
π§ Email: contact.eu@relyzit.io
2. Personal Data We Collect
We collect and process the following categories of personal data:
2.1. Data Provided Directly by You
- Identification Data β Name, date of birth, nationality.
- Contact Information β Email, phone number, LinkedIn profile.
- Professional Data β CV, work history, skills, certifications.
- Communication Data β Emails, messages, interview records.
2.2. Data Collected Automatically
- Website Usage Data β IP address, browser type, pages visited.
- Cookies & Tracking Data β See our Cookie Policy for details.
2.3. Data from Third-Party Sources
- Recruitment platforms (e.g., LinkedIn, job boards)
- AI-Based Talent Matching Tools (HRFLOW AI, OpenAIβs ChatGPT)
3. Purpose and Legal Basis for Processing
We process personal data in compliance with Article 6 of the GDPR under the following legal bases:
| Purpose | Legal Basis (Article 6 GDPR) |
|---|---|
| Candidate recruitment and matching | Legitimate interest (Art. 6(1)(f)) |
| Processing job applications | Performance of contract (Art. 6(1)(b)) |
| AI-based analysis of candidate profiles | Legitimate interest (Art. 6(1)(f)) |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c)) |
| Communication with candidates and clients | Legitimate interest (Art. 6(1)(f)) |
If we process your data based on consent, you may withdraw it at any time.
4. AI Processing & Automated Decision-Making
4.1. How We Use AI in Recruitment
RELYzIT uses HRFLOW AI and OpenAIβs ChatGPT to assist in analyzing candidate profiles, skills, and suitability for job roles. AI-based tools help by:
- Scanning and analyzing CVs for relevant skills.
- Recommending suitable job opportunities based on candidate data.
- Improving efficiency in talent matching.
4.2. No Fully Automated Decisions
RELYzIT does not use fully automated decision-making (Article 22 GDPR). All AI-assisted processes are reviewed and finalized by human recruiters before making any hiring decisions.
4.3. Right to Object to AI Processing
Under Article 21 GDPR, you have the right to object to AI-based processing of your data.
π§ To opt out, send an email to contact.eu@relyzit.io with “Opt-Out of AI Processing” in the subject line.
5. Legitimate Interest Justification for AI Processing (LIA)
RELYzIT has conducted a Legitimate Interest Assessment (LIA) to ensure AI-based candidate analysis meets GDPR standards:
β Necessity β AI improves the efficiency of the recruitment process.
β Balancing Test β AI processing does not override candidate rights, as human review is always involved.
β Safeguards β Candidates can opt out at any time, ensuring fairness.
Our use of AI does not create legal or significant effects on individuals, as defined under Article 22(1) GDPR.
6. How We Share Your Data
We do not sell or trade personal data. However, we may share data with:
- Employers and clients β To evaluate candidates for job placements.
- AI-Based Service Providers β HRFLOW AI, OpenAI (under strict GDPR-compliant Data Processing Agreements).
- Regulatory authorities β If required by law.
Any third parties receiving data are contractually bound to GDPR-compliant Data Processing Agreements (DPAs).
7. Data Retention Policy
We retain personal data only for as long as necessary:
| Data Type | Retention Period |
|---|---|
| Active candidates | Up to 2 years after last engagement |
| Placed candidates | Up to 5 years (for compliance) |
| Legal records | 7 years (regulatory purposes) |
After retention periods expire, data is securely deleted or anonymized.
8. Your Rights Under GDPR
You have the following rights under Articles 12-22 of GDPR:
| Your Right | What It Means |
|---|---|
| Right to Access | Request a copy of your data. |
| Right to Rectification | Correct inaccurate or incomplete data. |
| Right to Erasure (“Right to be Forgotten”) | Request deletion of your data. |
| Right to Restrict Processing | Limit how your data is processed. |
| Right to Object | Object to processing based on legitimate interest. |
| Right to Data Portability | Receive your data in a structured format. |
| Right to Withdraw Consent | Withdraw consent for processing at any time. |
π§ To exercise your rights, email contact.eu@relyzit.io.
We will respond within 30 days, in compliance with GDPR regulations.
9. Security & Data Protection Measures
We implement industry-standard security protocols:
β AES-512 Encryption for sensitive data.
β Role-Based Access Controls (RBAC) to limit data access.
β Regular GDPR Compliance Audits and penetration testing.
10. International Data Transfers
RELYzIT processes data within the EU/EEA. If data is transferred outside the EU, we ensure GDPR-compliant safeguards such as:
β Standard Contractual Clauses (SCCs).
β Adequacy decisions by the European Commission.
11. How to Contact Us
For any inquiries or GDPR requests:
π§ Email: contact.eu@relyzit.io
If you believe your data rights have been violated, you may file a complaint with your local Data Protection Authority (DPA).
12. Updates to This Privacy Policy
We may update this policy periodically. Any changes will be posted on https://relyzit.io/privacy-policy/ with the updated revision date.