CalHire
Legal center

Privacy Policy

Last updated: June 16, 2026

CalHire, Inc. ("CalHire", "we", "us") is committed to protecting personal data. This Privacy Policy explains what we collect, why, who we share it with, how long we keep it, the safeguards we apply, and the rights you have — including region-specific rights under the EU/UK GDPR, India's DPDP Act, the UAE PDPL, and US state privacy laws.

This policy covers our public website at calhire.com. When you use the CalHire application (app.calhire.com) as a candidate or on behalf of an employer, CalHire generally acts as a processor on the employer's behalf for candidate data, and as a controller for account, billing, and security data; the applicable order form or Data Processing Addendum governs those uses.

1. Controller and contact

For the public website and the data described here, CalHire, Inc. is the data controller. You can reach our privacy team at privacy@calhire.com. Where required, our EU/UK representative and Data Protection Officer can be contacted at the same address.

2. Personal data we collect

  • Information you give us. Contact, demo, and partner-form details (name, work email, company, role, region, message).
  • Consent records. Your cookie/processing choices: the categories accepted, the policy version, and a timestamp. We mask the client IP and truncate the user-agent before storage.
  • Usage data (consent-based). Aggregate, privacy-respecting analytics about how the site is used.
  • Device and connection data. Standard log data (e.g. coarse location from IP, browser type) used for security and abuse prevention.

We do not knowingly collect special-category data through the website, and we do not use cross-site advertising trackers.

3. Purposes and legal bases

| Purpose | Data | Legal basis (GDPR/UK) | | --- | --- | --- | | Respond to your enquiry | Contact/lead details | Legitimate interests; steps prior to a contract | | Product updates you opted into | Email | Consent | | Analytics to improve the site | Usage data | Consent | | Keep the site secure | Device/log data | Legitimate interests; legal obligation | | Prove consent compliance | Consent records | Legal obligation; legitimate interests |

Under India's DPDP Act and the UAE PDPL we rely on your consent for marketing and analytics, and on legitimate uses / contractual necessity for responding to you and securing the service.

4. Automated decisions and AI

The website makes no automated decisions about you. On the CalHire platform, hiring AI is used only on anonymized data — no AI model receives personal identifying information — and no candidate is ever auto-rejected: a human makes and is recorded for every person-affecting decision. These controls support obligations under the EU AI Act, NYC Local Law 144, and equivalent rules.

5. How we share data

We share personal data only with: (a) service providers / sub-processors under contract (see our Sub-processors); (b) professional advisers; (c) authorities where legally required; and (d) a successor in a corporate transaction, under equivalent protections. We do not sell personal data, and we do not "share" it for cross-context behavioral advertising.

6. International transfers and residency

CalHire supports in-region data residency for the EU, India, and the UAE for application data. Where personal data is transferred internationally, we rely on appropriate safeguards such as the EU Standard Contractual Clauses, the UK Addendum, and equivalent mechanisms, with transfer risk assessments where required.

7. Retention

We keep contact and lead submissions only as long as needed to handle your enquiry and meet legal obligations, then delete or anonymize them. Consent records are retained as compliance evidence for as long as required by law. Platform data retention is governed by the customer agreement.

8. Security

We apply encryption in transit and at rest, least-privilege access, network controls, audit logging, and regular review. No method of transmission is perfectly secure, but we work to protect your data and to notify you and regulators of any breach as required by law.

9. Your rights

Subject to applicable law you may have the right to access, correct, delete, port, restrict, or object to processing, and to withdraw consent at any time (without affecting prior processing). To exercise rights, email privacy@calhire.com; we verify requests and respond within statutory timeframes. You will not be discriminated against for exercising your rights.

  • EU/UK (GDPR): the rights above, plus the right to lodge a complaint with your supervisory authority (or the ICO in the UK).
  • India (DPDP Act): access, correction, erasure, grievance redressal, and the right to nominate. Contact our Grievance Officer at privacy@calhire.com.
  • UAE (PDPL): access, rectification, erasure, restriction, portability, and to object, exercised with our privacy team.
  • US state laws (e.g. California/CPRA): the right to know, delete, correct, and opt out of "sale"/ "sharing" (we do neither); you may use an authorized agent. We do not sell or share personal data.

10. Cookies and choices

We ask for your consent on first visit and you can change it anytime via "Cookie settings" in the footer. See our Cookie Policy.

11. Children

The service is not directed to children under 16 (or the age set by local law), and we do not knowingly collect their data.

12. Changes

We may update this policy; material changes are reflected by the "last updated" date and, where required, by notice. Continued use after changes take effect constitutes acceptance.

13. Contact

Privacy questions or requests: privacy@calhire.com.