Privacy Policy

1.1 Information You Provide

• Account information: Name, email address, password, role (Company or Recruiter).
• Company profiles: Company name, website, logo, industry, size, location, tech stack.
• Recruiter profiles: Headline, bio, specializations, years of experience, LinkedIn URL, avatar.
• Candidate information: Name, email, phone, resume, current employer, job title, skills, LinkedIn URL.
• Communication data: Messages sent through the Platform.
• Financial data: Payment method details (processed via Stripe), payout information.

1.2 Information Collected Automatically

• Usage data: Pages visited, features used, timestamps.
• Device information: Browser type, operating system, IP address, device identifiers.
• Cookies and similar technologies: See our Cookie Policy section below.

We use your information to:

• Provide and operate the Platform.
• Facilitate connections between Companies and Recruiters.
• Process payments and payouts.
• Send transactional communications (submission updates, payment confirmations).
• Improve the Platform and develop new features.
• Ensure security and prevent fraud.
• Comply with legal obligations.

If you are in the European Economic Area (EEA), we process your data based on:

• Contract performance: To provide the Platform services you signed up for.
• Legitimate interests: To improve our services and ensure Platform security.
• Consent: For marketing communications and non-essential cookies.
• Legal obligation: To comply with applicable laws and regulations.

We share your information with:

• Other Platform users: As necessary to facilitate the marketplace (e.g., candidate information shared with Companies).
• Service providers: Stripe (payments), Resend (email), cloud hosting providers.
• Legal requirements: When required by law, regulation, or legal process.

We do not sell your personal information to third parties.

• Account data is retained while your account is active.
• After account deletion, we anonymize personal data within 30 days.
• Financial records are retained for 7 years as required by tax and accounting regulations.
• Candidate data submitted through the Platform is retained according to the consent provided.

You have the right to:

• Access: Request a copy of your personal data.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your personal data ("right to be forgotten").
• Data portability: Receive your data in a structured, machine-readable format.
• Object: Object to processing based on legitimate interests.
• Withdraw consent: Withdraw consent for consent-based processing at any time.

To exercise these rights, use the Data Management section in your account settings or contact privacy@merato.com.

We implement industry-standard security measures including:

• Encryption in transit (TLS/SSL) and at rest.
• Regular security audits and vulnerability assessments.
• Access controls and authentication requirements.
• Secure coding practices and input validation.

If you are outside the United States, your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where required.

We use cookies for:

• Essential cookies: Required for the Platform to function (session management, authentication).
• Analytics cookies: To understand how the Platform is used (only with your consent).

You can manage your cookie preferences through the cookie consent banner or your browser settings.

The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification.

For privacy-related inquiries, contact us at:

• Email: privacy@merato.com
• Data Protection Officer: dpo@merato.com