Legal

GDPR & Candidate Rights

CipherIQ is committed to GDPR-aligned hiring workflows built around candidate privacy, data minimization, transparent handling of personal data, and visible human oversight.

Explore Compliance HubRead Privacy Policy

01

Candidate privacy and data minimization are built into the public trust posture.

02

Human recruiters and hiring managers remain responsible for final decisions.

03

No facial recognition, biometric profiling, or emotional AI is used.

04

Candidates receive deletion-rights support after interview completion.

Rights panel

This page explains how CipherIQ publicly frames GDPR alignment, candidate rights, AI guardrails, and human oversight. It is meant to make the trust posture readable without drifting into legal jargon or unsupported claims.

Privacy posture

GDPR-aligned workflow

CipherIQ is designed around candidate privacy, data minimization, and transparent handling of personal data.

AI boundary

No biometric or emotional AI

The public model avoids facial recognition, biometric profiling, and emotion inference.

Decision model

Human-led outcomes

CipherIQ does not make final hiring decisions and does not perform automated rejections.

Candidate right

Secure deletion link

Candidates receive a direct route to request permanent deletion of interview media and transcripts.

Commitment

What this page covers in plain language

This is the trust-layer summary of how CipherIQ publicly frames candidate privacy, AI guardrails, and employer-side human oversight.

GDPR commitmentCommitment

Candidate privacy is part of the product posture

CipherIQ is fully committed to compliance with the General Data Protection Regulation (GDPR). The platform is designed and operated around candidate privacy, data minimization, and transparent handling of personal data.

  • Privacy-aware hiring is part of the public trust surface.
  • The workflow is framed as decision support rather than autonomous employment decision-making.
  • Candidate rights remain visible throughout the process.
Trust readingReading path

How to interpret the page

The goal here is not to claim blanket legal outcomes for every employer. It is to make CipherIQ’s public guardrails, candidate-rights handling, and human-oversight model easy to understand.

  • Use this page for rights and boundary clarity.
  • Use the Privacy Policy for formal processing details.
  • Use the compliance hub for the wider trust surface.

Data collection & processing

What personal data is processed

To provide the service, CipherIQ collects and processes a limited set of candidate data categories tied to the hiring workflow.

Data category01

Identification data

Names and email addresses used for candidate communication and workflow handling.

Data category02

Professional history

Resumes, CVs, and related career history provided during the hiring process.

Data category03

Interview data

Audio, video, and AI-generated transcripts created during interview sessions.

Ethical AI & privacy guardrails

What CipherIQ explicitly does not do

These guardrails are central to how CipherIQ publicly frames privacy-aware, candidate-conscious AI hiring workflows.

AI guardrail01

No facial recognition

CipherIQ does not identify or verify individuals based on facial features.

AI guardrail02

No biometric analysis

CipherIQ does not perform biometric profiling from candidate media.

AI guardrail03

No emotional AI

CipherIQ does not infer mood, personality, or emotional state from facial expressions or voice.

AI guardrail04

Content-first review

The AI focuses on spoken content and technical expertise rather than physical traits or appearance-based scoring.

Rights, oversight, and storage

How candidate rights and human review stay visible

CipherIQ is positioned for privacy-aware hiring and evidence-based evaluation, not autonomous employment decisions.

Trust control01

Human-in-the-loop guarantee

CipherIQ does not make final hiring decisions and does not perform automated rejections. AI is used for transcription, translation, and skill organization, while every hiring outcome is determined by a human recruiter or hiring manager.

Trust control02

Right to erasure

After each interview, candidates receive a secure deletion link. When this link is used, CipherIQ instantly and permanently deletes the candidate’s interview video recording, audio, and transcript from our servers.

Trust control03

Data security and storage

Candidate data is encrypted in transit and at rest and hosted on enterprise-grade infrastructure provided by AWS, Vercel, and Supabase. Access is strictly restricted to authorized hiring personnel.

Trust control04

Data protection contact

If you have GDPR or data-protection questions, contact our team at support@cipher-iq.com.

Related workflow guides

Read the surrounding trust pages

These guides explain how CipherIQ positions scoring, interview evidence, and employer review within a privacy-aware hiring workflow.

Related guide

How CipherIQ Scoring Works

Learn how structured scoring, must-have rules, evidence-backed evaluation, and human oversight fit together.

ExploreOpen
Related guide

CipherIQ FAQ

Read common questions about forensic AI interviews, privacy-aware hiring, scoring, integrity, and review workflows.

ExploreOpen
Related guide

How CipherIQ Works

See the full hiring workflow from application intake to scored, reviewable shortlist.

ExploreOpen
Related guide

CipherIQ Resources

Browse the full authority hub for forensic AI interviews, scoring, privacy-aware hiring, integrity, regional workflows, and docs.

ExploreOpen

Next step

Need the broader workflow and trust context?

If this page answers the rights and privacy question, the next step is to see how those commitments connect to CipherIQ’s workflow, compliance framing, and wider public trust surface.

See How It WorksExplore Compliance Hub