Privacy Policy

1.1 Application. This Policy applies to personal data we collect about: (a) individual Users of the Service; (b) authorised representatives of organisational Users; (c) visitors to our website; and (d) individuals whose personal data is contained in Content submitted by Users to the Service.

1.2 Roles. In respect of personal data about Users and website visitors, CleanHire acts as a data controller. In respect of personal data contained in Content submitted to the Service by a User, CleanHire acts as a data intermediary (processor) processing such data on behalf of the User, who is solely responsible for establishing a lawful basis for the processing.

2.1 Account Data. When you register or subscribe, we collect identifiers such as your name, email address, password (stored in hashed form), organisation name, job title, country, and contact number.

2.2 Payment Data. Payment card details are collected and processed directly by our third-party payment processors and are not stored by CleanHire. We receive and retain only transaction identifiers, masked card details, billing address, and transaction history.

2.3 Usage Data. We automatically collect technical and usage information, including IP address, device type, browser type, operating system, referring URL, access times, pages viewed, features used, session identifiers, scan counts, and aggregated telemetry.

2.4 Cookies and Similar Technologies. We use cookies, local storage, and similar technologies for authentication, session management, security, preferences, analytics, and performance measurement. You may manage cookies through your browser settings; disabling certain cookies may affect functionality.

2.5 Content. You may upload documents, images, and files ("Content") for processing by the Service. Content may contain personal data relating to you or to third parties (for example, names, photographs, dates of birth, identification numbers, qualifications, and issuing authority details appearing on documents).

2.6 Communications. When you contact us (including via email, support channels, or forms), we collect the contents of your communication and any personal data you choose to include.

2.7 No Special Categories. The Service is not intended for the submission of sensitive personal data beyond what is ordinarily present on educational, employment, or professional certificates. You are responsible for ensuring that any special or sensitive categories of data are submitted only with a lawful basis.

3.2 Legal Basis. We process personal data on the basis of your consent, the performance of our contract with you, compliance with legal obligations, and our legitimate interests in operating, securing, and improving the Service.

4.1 Real-Time Processing. Content submitted to the Service is processed in real time solely for the purpose of generating a Report. Content is transmitted to our third-party technology providers (the "Technology Partners") for analysis.

4.2 Non-Retention. We do not store Content after processing is complete. Submitted documents are discarded from our systems upon generation of the Report. We retain only the Report (to the extent necessary to deliver it to you within the session) and non-identifying processing metadata (such as scan counts, file type, size, and timestamps) for billing, audit, security, and operational purposes.

4.3 User Responsibility. You are solely responsible for establishing a lawful basis under the PDPA and any other applicable data protection law for submitting Content containing personal data to the Service. You warrant that you have provided all required notices to, and obtained all required consents from, the individuals concerned before submitting their personal data.

4.4 No Independent Use. We do not use submitted Content for our own purposes, for model training, for benchmarking, or for the improvement of our services or the services of any Technology Partner, except to the minimum extent strictly necessary to deliver the Report to you.

5.1 Technology Partners. We disclose Content and related processing data to our Technology Partners solely for the purpose of generating Reports. Our Technology Partners are bound by their own terms, security practices, and data protection commitments.

5.2 Service Providers. We disclose personal data to carefully selected service providers that support our operations, including cloud hosting, infrastructure, payment processing, analytics, customer support, email delivery, and security. These service providers are contractually restricted to processing personal data only for the purposes we specify.

5.3 Legal and Regulatory. We may disclose personal data where required by law, regulation, court order, subpoena, or other lawful process, or to cooperate with governmental, regulatory, or law enforcement authorities.

5.4 Corporate Transactions. In connection with any merger, acquisition, reorganisation, financing, sale of assets, or insolvency event, personal data may be disclosed to prospective or actual counterparties and their advisers, subject to appropriate confidentiality obligations.

5.5 Enforcement and Protection. We may disclose personal data where we reasonably believe disclosure is necessary to protect the rights, property, safety, or security of CleanHire, our Users, or any third party, to prevent or investigate fraud or abuse, or to enforce our Terms.

5.6 With Your Consent. We may disclose personal data to any other third party with your consent or at your direction.

5.7 No Sale of Personal Data. We do not sell personal data to third parties.

6.1 Cross-Border Processing. Personal data may be transferred to, stored in, and processed in jurisdictions outside Singapore, including where our Technology Partners and service providers operate. Such jurisdictions may have data protection laws that differ from those of Singapore.

6.2 Transfer Safeguards. Where personal data is transferred outside Singapore, we take reasonable steps to ensure that the recipient is bound by legally enforceable obligations to provide a standard of protection comparable to that required under the PDPA, including through contractual protections and participation in recognised certification schemes.

7.1 Security Measures. We implement reasonable administrative, technical, and physical safeguards designed to protect personal data against unauthorised access, use, disclosure, alteration, loss, or destruction, including encryption in transit, access controls, logging, and regular security reviews.

7.2 No Absolute Security. Despite these measures, no system, transmission, or storage is completely secure, and we cannot guarantee the absolute security of personal data. You transmit personal data to the Service at your own risk.

7.3 Your Role. You are responsible for maintaining the confidentiality of your Account credentials and for all activities under your Account. You must notify us promptly of any suspected unauthorised access or security incident.

8.2 Anonymisation. Where we no longer need personal data for the purposes for which it was collected, we will delete it, destroy it, or irreversibly anonymise it.

9.1 Access and Correction. Subject to applicable law, you have the right to request access to, and correction of, personal data about you held by us. Requests may be made to legal@cleanhire.ai. We may charge a reasonable fee for access requests as permitted under the PDPA.

9.2 Withdrawal of Consent. You may withdraw your consent to our collection, use, or disclosure of personal data at any time by contacting us. Withdrawal may limit or prevent our ability to provide the Service, and you acknowledge the legal and contractual consequences of such withdrawal.

9.3 Marketing Opt-Out. You may opt out of marketing communications at any time using the unsubscribe mechanism included in such communications or by contacting us directly.

9.4 Response Time. We will respond to verifiable requests within the timeframes required by applicable law. We may require you to verify your identity before processing a request.

9.5 Third-Party Data. Where a request relates to personal data of an individual whose data you submitted as Content, the request should be directed to you as the responsible party. We will provide reasonable assistance to you in responding to such requests to the extent required by law.

10.1 Age Restriction. The Service is not directed to, and not intended for use by, individuals under the age of eighteen (18). We do not knowingly collect personal data from minors. If you believe a minor has provided personal data to us, please contact us and we will take reasonable steps to delete such data.

11.1 External Links. The Service may contain links to third-party websites, services, or resources that are not operated by us. This Policy does not apply to such third parties, and we are not responsible for their privacy practices. You should review the privacy notices of any third-party services you access.

12.1 Updates. We may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will provide reasonable notice by email, in-app notification, or posting on the Service prior to the changes taking effect.

12.2 Continued Use. Your continued use of the Service after the effective date of any update constitutes acceptance of the updated Policy.

If you have questions, concerns, requests, or complaints regarding this Policy or our handling of personal data, please contact our Data Protection Officer at:

You also have the right to lodge a complaint with the Personal Data Protection Commission of Singapore (PDPC) if you believe your rights under the PDPA have been breached.