Start free

Data, privacy & account

What hire.page stores, how long, who can see it, and how to fully delete your data or your account.

This guide is the canonical reference for how hire.page handles data. It covers what we store, who can access it, what candidates can request, retention, and how to delete a workspace or close an account entirely.

For specific compliance questions (GDPR, CCPA, SOC 2), email us — we can produce DPAs, sub-processor lists, and security responses.

What we store

About you (the workspace owner / reviewer)

  • Name, email, password hash (or Google OAuth identifier if you signed in with Google)
  • Account creation date, last login, login IP (hashed)
  • Notification preferences
  • Workspace memberships and roles

About your workspace

  • Workspace name, slug, logo, branding settings
  • Pipeline stages and email templates
  • Hire page content (body blocks, form fields, page settings, custom code)
  • Custom domain configuration
  • Integrations configuration (Slack, webhooks)
  • Subscription and billing info (we store a Stripe customer ID; card details live in Stripe)

About candidates who apply

  • Name, email, and every form-field answer they submitted
  • Uploaded files (stored in Cloudflare R2)
  • Source data (UTM, referrer, user-agent, hashed IP)
  • Stage history (every transition, with timestamp and actor)
  • Internal notes, comments, and reviews your team wrote about them
  • Email thread (every email sent to or received from them)

Analytics

  • Page-view events (hashed IP, referrer, UTM, user-agent, session ID, timestamp)
  • Aggregated counts roll up to the Insights dashboard

We do not run third-party trackers on the hire.page application. We use self-hosted Umami for marketing analytics, and PostHog and Google Analytics for product / marketing measurement (these are listed as sub-processors).

How long we store data

While your subscription is active, we keep your data indefinitely. After cancellation:

  • Workspace, hire pages, applicants, files, notes, comments, reviews, emails, analytics — kept for 90 days, then deleted
  • Reactivating a cancelled subscription within the 90-day window restores everything exactly as it was
  • Stripe invoices follow Stripe's retention (typically 7 years for tax)

Candidate data requests

Candidates have rights over their data. The most common:

Right of access — "send me a copy of my data"

A candidate can email [email protected] (or contact you directly — you're the data controller; we're the processor) and request their data. We respond within 30 days with:

  • Every form-field answer they submitted
  • Every uploaded file
  • Source data we have about them
  • Email thread between your team and them
  • Stage history (with stage names, no actor identities exposed)

Internal notes, comments, and reviews are not included by default — they're opinions about a third party, and disclosing them could harm both the candidate and your hiring process. We include them only when legally required.

Right of deletion — "delete my data"

A candidate can request deletion. We delete:

  • The applicant record, all answers, all files
  • Their email thread with your team
  • Source data and any analytics linked to their submission

Notes and comments referencing them by name are scrubbed (the candidate name is replaced with "[redacted]" but the comment stays — comments are your team's own work product).

Deletion is permanent and propagates within 7 days across all backups.

Right of correction

A candidate can ask us to correct factual errors. We forward these to the workspace owner.

Who can see what

  • Workspace owner — sees everything in the workspace: answers, notes, comments, reviews, candidate emails, billing, custom code, integrations
  • Reviewer — sees answers, files, notes, comments, reviews. Does not see candidate emails (the Messages tab), billing, custom code, or integrations
  • Candidate — sees only what they submitted and the emails sent to them. No internal data
  • hire.page staff — access to your workspace data is logged, restricted to support tickets you've opened, and never used for advertising or training
  • Other workspaces — never see your data; workspaces are fully isolated

We do not train AI models on your data.

Sub-processors

We use these vendors:

  • Laravel Cloud — hosting (US infrastructure)
  • Stripe — payment processing
  • Cloudflare R2 — file storage
  • Resend — outbound email
  • PostHog — product analytics
  • Google Analytics — marketing-site analytics
  • Umami — self-hosted, anonymous marketing analytics

The full sub-processor list with addresses, regions, and DPAs is on the Sub-processors page.

Security

  • All traffic over HTTPS / TLS 1.2+
  • Database encrypted at rest
  • Backups encrypted, retained for 30 days
  • Passwords hashed with Argon2id
  • Two-factor authentication available (TOTP via authenticator app)
  • Social login available via Google

Deleting a workspace

Workspace deletion is the workspace owner's call. Settings → Danger zone → Delete workspace.

  • Type the workspace name to confirm
  • We schedule deletion for 7 days from confirmation (recoverable window — un-delete during this period if you change your mind)
  • After 7 days, all data is purged from active storage
  • Backups age out at the 30-day mark

Cancelling a paid subscription is not the same as deleting a workspace. After cancellation your workspace stays on Free for 90 days; only if you actively delete (or 90 days elapse with no resubscription) is data fully purged.

Closing your account

Settings → Account → Close account.

  • If you own any workspaces, we ask you to delete them first (in v2 there's no ownership transfer, so a workspace is tied to your account)
  • After confirmation, your account is closed and your personal data (name, email, password, login history) is deleted within 30 days
  • Workspaces you were a reviewer in keep their other members; you're removed

Frequently asked

Where is data hosted?

Laravel Cloud (US region). Files are stored on Cloudflare R2 (primary region US). Backups in same region.

Do you sell my data?

No. We don't sell or share workspace or applicant data with third parties for advertising. Sub-processors receive only the data they need to do their job.

Do you train AI models on my data?

No. We do not train models on workspace data, applicant data, or any user content.

Are you SOC 2 certified?

Not in v2. SOC 2 Type I is on the roadmap. We can provide a security overview document in the meantime.

Can I sign a DPA?

Yes. Enterprise customers get a custom DPA. Starter / Growth / Scale customers can sign our standard DPA, available on request.

What if I just want to leave hire.page and take my data?

CSV export (Starter+) gets every applicant and answer out as a spreadsheet. Files are linked via signed URLs you can download in the 7-day window. We don't lock you in.