Start free
Legal

Privacy Policy

Your privacy matters. This policy explains how Olibr collects, uses, shares, and protects your personal information across all our services worldwide.

Effective Date: May 11, 2026 · Last Updated: May 11, 2026

Table of Contents

1. Who We Are2. Information We Collect3. How We Use Your Information4. Legal Basis for Processing (GDPR)5. How We Share Your Information6. International Data Transfers7. Data Retention8. Your Rights9. Cookie Policy10. Children’s Privacy11. Security Measures12. Changes to This Policy13. Google API Services — Limited Use Disclosure14. Contact Us

1. Who We Are

Olibr Resourcing Pvt Ltd ("Olibr," "we," "us," or "our") operates the olibr.com platform, a global recruitment and talent matching service that connects employers with qualified professionals using AI-powered hiring tools, skill assessments, and candidate management features.

Olibr serves as a data controller for personal data collected directly from users, and as a data processor when handling candidate data uploaded by employer clients. Our registered office is in India, and we serve users globally, including in the European Economic Area (EEA), United Kingdom, United States, and other jurisdictions.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, password, and profile photo when you register.
  • Professional Profile: Resume/CV, work experience, education history, skills, certifications, current and expected salary, notice period, and job preferences.
  • Employer Data: Company name, industry, team member details, job descriptions, and hiring preferences.
  • Candidate Data (uploaded by employers): Resumes, contact details, employment history, and assessment results of candidates managed through our platform.
  • Communication Data: Messages, emails, notes, and feedback exchanged through our platform.
  • Payment Information: Billing details processed through our payment providers (Razorpay). We do not store full payment card details on our servers.
  • AI Interview Data: Video recordings, audio transcriptions, and AI-generated assessments from interviews conducted on our platform.

2.2 Information Collected Automatically

  • Device & Browser Data: IP address, browser type and version, operating system, device identifiers, and screen resolution.
  • Usage Data: Pages visited, features used, search queries, click patterns, session duration, and referring URLs.
  • Location Data: Approximate geographic location derived from IP address.
  • Cookies & Tracking: Cookies, web beacons, and similar technologies as described in our Cookie Policy (Section 9).

2.3 Information from Third Parties

  • LinkedIn: Profile data when you connect your LinkedIn account or use LinkedIn login.
  • Job Boards: Professional data from integrated third-party sources, with your consent.
  • Background Verification: Employment and education verification data from authorized third-party providers, when applicable.

3. How We Use Your Information

We only process your data for legitimate, clearly defined purposes. We never sell your personal data.

  • Service Delivery: To provide, operate, and improve our recruitment platform, AI interviews, candidate search, and talent matching services.
  • Account Management: To create and manage your account, authenticate your identity, and provide customer support.
  • Matching & Recommendations: To connect candidates with relevant job opportunities and employers with qualified talent using AI algorithms.
  • Communications: To send service notifications, job alerts, interview invitations, and platform updates. Marketing communications are sent only with your consent.
  • Payments & Credits: To process transactions, manage credit balances, handle refunds, and maintain billing records.
  • AI & Analytics: To conduct AI-powered resume analysis, interview scoring, candidate assessments, and platform analytics for service improvement.
  • Security & Fraud Prevention: To detect, prevent, and respond to security incidents, fraud, and abuse.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, and government requests.
  • Platform Improvement: To analyze usage patterns, conduct research, and develop new features and services.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions that require a legal basis, we process your personal data under the following grounds:

Legal BasisExamples
Contractual NecessityAccount creation, service delivery, payment processing
ConsentMarketing emails, cookie tracking, AI interview recordings, profile sharing with employers
Legitimate InterestPlatform security, fraud prevention, service improvement, analytics
Legal ObligationTax compliance, responding to lawful government requests, data breach notifications

Where we rely on consent, you may withdraw it at any time by contacting us or adjusting your account settings. Withdrawal does not affect the lawfulness of processing conducted prior to withdrawal.

5. How We Share Your Information

We do not sell your personal data. We share information only in the following circumstances:

  • Employers & Recruiters: Candidate profiles, resumes, and assessment data are shared with registered employers on the platform for recruitment purposes, based on your selected sharing preferences or contribution mode.
  • Service Providers: Trusted third-party vendors who assist us in operating the platform, including cloud hosting (OVH Cloud), email delivery (Amazon SES), payment processing (Razorpay), AI services (Anthropic, Google), and analytics tools. These providers are bound by data processing agreements.
  • Legal Requirements: When required by law, court order, or governmental regulation, or to protect the rights, safety, or property of Olibr, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, restructuring, or sale of assets, your data may be transferred as part of the transaction, subject to the same privacy protections.
  • With Your Consent: When you explicitly authorize sharing with specific parties.

6. International Data Transfers

Olibr operates globally. Your data may be transferred to and processed in countries other than your country of residence, including India, France (OVH Cloud), and the United States (for AI processing services).

For transfers from the EEA/UK, we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions where the destination country has been deemed to provide adequate protection.
  • Binding Corporate Rules or other approved transfer mechanisms where applicable.

For transfers from the US, we comply with applicable state privacy laws, including the California Consumer Privacy Act (CCPA) and the Virginia Consumer Data Protection Act (VCDPA).

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Active Accounts: Data is retained for the duration of your account. You may delete your account at any time.
  • Inactive Accounts: Candidate accounts inactive for more than 24 months may be anonymized or deleted after notice.
  • Employer-Uploaded Data: Candidate data uploaded by employers is retained per the employer's configured retention settings or until the employer deletes it.
  • AI Interview Recordings: Retained for up to 12 months after the interview, unless the candidate or employer requests earlier deletion.
  • Financial Records: Transaction and billing data is retained for 7 years as required by tax and accounting regulations.
  • Legal Holds: Data subject to legal proceedings or regulatory investigations is retained until the matter is resolved.

8. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

8.1 Rights Under GDPR (EEA/UK)

  • Right of Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data.
  • Right to Restrict Processing: Limit how we process your data in certain circumstances.
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
  • Right to Lodge a Complaint: File a complaint with your local data protection authority.

8.2 Rights Under CCPA (California, US)

  • Right to Know: Request disclosure of the categories and specific pieces of personal information collected.
  • Right to Delete: Request deletion of personal information.
  • Right to Opt-Out of Sale: We do not sell personal data. No opt-out is required.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

8.3 Exercising Your Rights

To exercise any of these rights, email us at privacy@olibr.com or use the account settings in your dashboard. We will respond within 30 days (or as required by applicable law). We may ask for identity verification before processing requests.

9. Cookie Policy

We use cookies and similar technologies for the following purposes:

Cookie TypePurposeDuration
EssentialAuthentication, security, session managementSession / 24 hours
FunctionalUser preferences, language, theme settingsUp to 1 year
AnalyticsUsage statistics, feature adoption, error trackingUp to 2 years
MarketingTargeted advertising and campaign measurement (with consent)Up to 1 year

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect platform functionality.

10. Children's Privacy

Olibr is not intended for individuals under 18 years of age (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a minor, we will take immediate steps to delete it. If you believe a child has provided us with personal data, please contact us at privacy@olibr.com.

11. Security Measures

We implement comprehensive security measures to protect your data:

  • Encryption: All data is encrypted in transit (TLS 1.2+) and sensitive data is encrypted at rest (AES-256).
  • Access Controls: Role-based access controls, multi-factor authentication for internal systems, and least-privilege access policies.
  • Infrastructure: Hosted on SOC 2 compliant cloud infrastructure with regular vulnerability scanning and penetration testing.
  • Password Security: Passwords are hashed using bcrypt with appropriate work factors. We never store plaintext passwords.
  • Incident Response: We maintain a documented incident response plan. In the event of a data breach, we will notify affected users and relevant authorities within the timeframes required by applicable law (72 hours under GDPR).
  • Employee Training: All team members undergo regular security awareness training and are bound by confidentiality agreements.

12. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated through a prominent notice on our website or via email to registered users. We encourage you to review this page regularly. The "Last Updated" date at the top reflects the most recent revision.

13. Google API Services — Limited Use Disclosure

Olibr’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Olibr requests access to the following Google API scopes to provide its core functionality:

  • Gmail Send (gmail.send) — To send emails on your behalf to candidates, applicants, and team members directly from the Olibr platform.
  • User Info (Email) (userinfo.email) — To identify your Google account and display your email address as the sender.
  • Calendar Events (calendar.events) — To create, read, and manage interview calendar events on your Google Calendar.

Olibr only accesses, uses, stores, or shares Google user data as strictly necessary to provide the features described above. Specifically:

  • We do not use Google user data for advertising, market research, or to build user profiles unrelated to the product’s functionality.
  • We do not transfer Google user data to third parties except as necessary to provide or improve the features described above, to comply with applicable laws, or as part of a merger/acquisition with adequate data protection.
  • We do not allow humans to read your Google user data unless: (a) you have given explicit consent, (b) it is necessary for security purposes (e.g., investigating abuse), (c) it is required to comply with applicable law, or (d) the data is aggregated and anonymized for internal operations.
  • OAuth tokens are encrypted at rest and are only used to perform the authorized actions listed above.

You may revoke Olibr’s access to your Google data at any time by visiting your Google Account Permissions page or by disconnecting your Google account from Olibr Settings.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us:

Olibr Resourcing Pvt Ltd

Data Protection Contact: privacy@olibr.com

General Support: support@olibr.com

Website: https://olibr.com

For EEA/UK users: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.