Legal
Privacy Policy
HeadsIn Connect LLP (Saral AI) · saralhire.ai
By using Saral AI, you acknowledge this Privacy Policy. It covers two groups: Users (recruiters, hiring managers, founders) and Candidates (professionals whose public data is indexed by our platform).
1. Who We Are
Saral AI is an AI-powered recruitment intelligence platform operated by HeadsIn Connect LLP, registered in India. We help employers and recruiters discover and connect with passive talent through AI-driven search, candidate scoring, and automated outreach.
2. Information We Collect
From Users
- Account details: name, email, password (hashed), OAuth tokens
- Onboarding info: company name, your role, hiring goals
- Usage data: searches, profiles viewed, credits used, outreach sequences
- Billing: invoice records (payment cards handled by Stripe; we do not store card data)
From Candidates (Publicly Sourced)
We index and aggregate publicly available professional data from various data vendors, LinkedIn, GitHub, X (Twitter), Stack Overflow, and many other platforms. This includes job titles, career history, skills, location, public profile URLs, and AI-generated fit scores. Enriched contact details (email, phone) are surfaced on credit redemption.
We do not collect sensitive data such as political opinions, biometrics, health information, or financial details.
Technical Data (Automatic)
IP address, browser/device type, session duration, page views, and referral source are collected automatically on all visits.
3. How We Use Your Information
User Data
- Account management, authentication, and personalisation
- Credit tracking, billing, and subscription management
- Transactional emails (receipts, password resets, alerts)
- Security monitoring and fraud prevention
- Platform improvement through aggregated usage analysis
Candidate Data
- Powering candidate search and discovery for recruiters
- Generating AI-based fit scores and career insights
- Surfacing verified contact details on credit redemption
- Enabling automated outreach sequences
Candidate Data is used only for legitimate recruitment. It is never used for advertising or unrelated profiling.
4. Legal Basis for Processing
- Contract performance: to deliver the platform services you have subscribed to
- Legitimate interest: platform improvement, security, fraud prevention, and candidate discovery
- Consent: marketing communications and non-essential cookies (withdrawable anytime)
- Legal obligation: compliance with tax, regulatory, or court requirements
5. AI Disclosures
Our AI tools generate candidate fit scores, switch-likelihood predictions, and outreach drafts. These are decision-support tools only. Final hiring decisions are always made by human recruiters.
- We do not use identifiable personal data to train AI models without consent
- Third-party AI providers may not use submitted data for their own model training
- Saral AI does not make fully automated decisions with significant effects on individuals
6. Data Sharing
We do not sell, rent, or trade personal or candidate data. We share data only with:
- Registered Users, solely for legitimate recruitment use
- Service providers (Stripe, Google/LinkedIn OAuth, AWS/GCP, enrichment, data partners, and analytics partners) under data processing agreements
- Authorities, where required by law or court order
- Successor entities, in the event of a merger or acquisition (with prior notice)
7. Data Retention
| Data Category | Retention Period |
|---|---|
| Account and profile data | Active period + 90 days post-closure |
| Search and query logs | 12 months from last activity |
| Contact unlock records | 24 months from unlock date |
| Billing and invoices | 1 year (statutory requirement) |
| Support communications | 1 year from last interaction |
| Candidate indexed data | Until a valid erasure request (removed within 30 days) |
8. Data Security
- HTTPS/TLS 1.2+ encryption for all data in transit
- Passwords hashed using bcrypt or equivalent
- JWT-based session management with defined expiry
- Role-based internal access controls
- Payment data handled exclusively by PCI-DSS-compliant processors
In the event of a data breach posing a risk to individuals, we will notify the Data Protection Board of India and affected individuals within 72 hours.
9. Your Rights
Under the DPDP Act 2023 (and GDPR where applicable), you have the right to:
- Access, correct, or delete your personal data
- Withdraw consent for consent-based processing at any time
- Receive your data in a portable format
- Object to processing based on legitimate interest
- Raise a grievance with our team or the Data Protection Board of India
To exercise any right, email admin@saralhire.ai with your name, registered email, and the specific request. We acknowledge within 48 hours and respond within 30 days.
10. Cross-Border Transfers
Data may be processed on infrastructure located in India, the United States, or other countries where our cloud providers operate. All cross-border transfers are protected by contractual safeguards equivalent to this Policy. EU-based data subjects are covered by GDPR Standard Contractual Clauses.
11. Children's Privacy
Saral AI is for users aged 18 and above. We do not knowingly collect data from minors. If you believe a minor has provided data to us, contact admin@saralhire.ai immediately and we will delete it promptly.
12. Policy Updates
We may update this Policy periodically. For material changes, we will update the date above, notify registered Users by email, and display an in-platform notice. Continued use after changes take effect constitutes acceptance.
13. Contact and Grievance Redressal
If you would like to access, correct, amend, or delete any personal information, register a complaint, or need more information, contact our Privacy Compliance Officer.
| admin@saralhire.ai | |
| Address | 506, Apple Square, New GIDC Amroli Road, Katargam, Surat - 395004 |
| Escalation | Data Protection Board of India — meity.gov.in |