00 ·

Privacy policy.

Plain-English version: recruiters use Shortlistr to organise candidate information they already hold. We host that data on their behalf, we don't sell it, and we don't train AI on it. The detail is below.

Effective 20 May 2026 · Last updated 20 May 2026

01Who we are

Controller & contact.

Controller
[PLACEHOLDER: Shortlistr legal entity name], registered at [PLACEHOLDER: registered address].
Trading name
Shortlistr (shortlistr.ai)
Privacy contact
Supervisory authority
[PLACEHOLDER: e.g. Integritetsskyddsmyndigheten (IMY), Sweden — confirm jurisdiction]
02Two roles

Controller vs processor.

Shortlistr handles two categories of personal data with two different legal postures.

Recruiter account data. When you create an account, we act as the controller of your personal data — name, work email, login credentials, billing details, and the activity logs needed to run the service. The legal basis is performance of our contract with you (Art. 6(1)(b) GDPR) and our legitimate interest in operating a secure product (Art. 6(1)(f)).

Candidate and reviewer data. The candidate profiles, CVs, LinkedIn imports, briefs, reviewer email addresses and reactions you process inside Shortlistr are personal data for which you are the controller. We act as the processor on your behalf, under the data processing addendum (DPA) available on request from our trust page.

03What we collect

Data categories.

Account
Name, email, hashed password, workspace membership, timezone.
Billing
Stripe customer ID, plan tier, subscription status, invoice history. Card numbers are held by Stripe — we never see them.
Usage
Login timestamps, feature events (rooms sent, briefs generated), API request logs (retained 30 days for debugging).
Candidate
Names, contact info, CV text, LinkedIn profile data, work history — supplied by you or imported on your behalf via your LinkedIn searches.
Reviewer
Email address (you provide it), one-time passcodes, decisions and reactions made inside the briefing room, IP + user-agent at the time of decision (audit trail).
Email
Delivery status of invites, reminders and password resets via Resend. Bounce and complaint events are stored to protect our sender reputation.
04Why we use it

Purposes & legal bases.

Run the service
Authenticate users, render rooms, store briefs. Basis: contract (Art. 6(1)(b)).
Charge for use
Process subscription payments via Stripe. Basis: contract (Art. 6(1)(b)).
Send operational email
Reviewer invites, decision notifications, password resets, auto-chase reminders. Basis: contract + legitimate interest (Art. 6(1)(f)).
Keep the service secure
Rate-limiting, abuse detection, audit logs. Basis: legitimate interest (Art. 6(1)(f)).
Improve the product
Aggregated, non-identifying usage metrics. We do not train AI models on your data.
05How long

Retention.

Account data
Kept while your workspace is active. Deleted within 30 days of account closure.
Candidate & room data
Kept while the workspace is active. You can delete any candidate, room or brief at any time from inside the app. When you schedule workspace deletion (Settings → Data & deletion), all candidate, room, brief and reviewer data is purged within 30 days unless you cancel the request during that grace window.
Backups
Daily Postgres backups retained for 7 days, then rotated. Deleted data may persist in backups for that window.
Operational logs
30 days, then deleted.
Billing records
7 years, where required by Swedish/EU bookkeeping law.
Email events
12 months.
06Who we share with

Sub-processors.

Full list with regions on the trust page. We do not sell personal data to advertisers or data brokers, and we do not share it for marketing purposes outside Shortlistr.

07Transfers

International transfers.

Our primary database is hosted in the EU (Frankfurt). Some sub-processors (OpenAI for AI features, Stripe for billing, Cloudflare for edge hosting) process data outside the EEA. Transfers rely on Standard Contractual Clauses (Module 2 / Module 3 as applicable) and supplementary measures. OpenAI is contractually prohibited from training models on Shortlistr customer data.

08Your rights

What you can ask us to do.

Access
A copy of your workspace data — available as a JSON export from Settings → Data & deletion, or by emailing us.
Rectification
Correct anything inaccurate, directly in the app or by request.
Erasure
Schedule workspace deletion from Settings → Data & deletion. A 30-day grace window applies — during that time the workspace is still accessible and the request can be cancelled. After 30 days, all workspace data is purged and the Stripe subscription is cancelled. Backup retention above still applies.
Portability
Export your workspace data as JSON from Settings → Data & deletion at any time.
Object / restrict
Object to processing based on legitimate interest, or restrict it pending review.
Complaint
Lodge a complaint with your supervisory authority. We'd prefer you tell us first so we can fix it.

For candidate or reviewer data you processed via Shortlistr, contact the recruiter who invited you — they are the controller. We will help them respond.

09Cookies

What we set in your browser.

Essential
Session cookies for login, CSRF protection, and reviewer link verification. Required — the app cannot function without them.
Preferences
Wizard progress, dismissed banners (localStorage).
Analytics
None currently. If we add analytics, the cookie banner will let you opt out before any non-essential cookie is set.
10Changes

Updates to this policy.

We'll update this page when we change how we handle data. Material changes — new sub-processors that touch candidate data, new categories of collection — will be emailed to workspace owners at least 30 days before they take effect.