AutoTalentAutoTalent
Sign inGet started

Privacy Policy

Last updated: April 22, 2026

1. Introduction

AutoTalent ("we", "us", "our") operates the AutoTalent platform at autotalent.ai. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our recruiting automation service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and organization name through our authentication provider (Clerk).

Candidate Data

When you use AutoTalent to source candidates, we process publicly available professional information from LinkedIn profiles, including names, job titles, work history, skills, and education. This data is used solely to help you evaluate and contact potential candidates for open roles.

Email & Communication Data

If you connect an email account (via SMTP or Google OAuth), we store encrypted credentials to send outreach emails on your behalf. We process email addresses of candidates you contact and track delivery status (sent, bounced). When using Google OAuth, we request only the gmail.send scope and do not read your personal emails.

Usage & Billing Data

We track usage metrics (candidates sourced, emails sent) for billing enforcement and collect payment information through Stripe. We do not store credit card numbers directly.

3. How We Use Your Information

  • Provide and maintain the AutoTalent service
  • Send outreach emails to candidates on your behalf
  • Score and rank candidates using AI models
  • Generate personalized email content
  • Process payments and enforce usage limits
  • Improve our service and develop new features
  • Communicate with you about your account

4. AI & Third-Party Services

AutoTalent uses AI models (OpenAI, Anthropic) to score candidates and generate email content. Candidate profile data is sent to these services for processing. We also use:

  • Apollo.io and Hunter.io for email discovery
  • Apify for LinkedIn profile data collection
  • SendGrid for email delivery (when not using SMTP/Google OAuth)
  • Stripe for payment processing
  • Supabase for data storage
  • Clerk for authentication
  • Vercel for hosting

5. Data Security

We implement industry-standard security measures including:

  • AES-256-GCM encryption for stored credentials (SMTP passwords, OAuth tokens)
  • Row Level Security (RLS) on our database ensuring tenant isolation
  • HTTPS encryption for all data in transit
  • Authentication required for all non-public endpoints

6. Data Retention

We retain your account data and candidate data for as long as your account is active. You can request deletion of your data at any time by contacting us. Candidate data sourced through the platform is retained per-organization and can be deleted by the organization admin.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability

8. CAN-SPAM Compliance

Outreach emails sent through AutoTalent include an unsubscribe mechanism. When a recipient unsubscribes, they are added to a suppression list and will not receive further outreach from your organization through our platform.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at privacy@autotalent.ai.