Trust, Privacy & Security
Last updated: June 2026. This page explains, in plain language, how Hirefloww handles the data candidates and employers share with us.
What we collect
- Candidate details: name, email, phone, location, qualification, preferred role, skills, and resume.
- Employer enquiries: company, contact details, and the hiring needs you describe.
- Basic technical logs (e.g. timestamps) to operate and secure the service.
How we use it
We use submissions strictly to match candidates with roles and to respond to employer enquiries. We don't sell personal data, and we don't share resumes with employers without your consent.
Security controls
- Resumes are stored in a private bucket — only authorised Hirefloww admins can read them.
- Uploads are restricted to PDF and Word files, 5 MB or less, scoped to a single applications folder.
- Database access is protected by row-level security so users can only see what they're entitled to.
- Admin access is gated by server-side role checks, not client-side flags.
- Secrets and API keys are stored server-side and never shipped to the browser.
Your choices
You can ask us to access, update or delete your information at any time. Email mohd.hireflow@gmail.com and we'll respond within a few business days.
This page describes Hirefloww's own practices. It is not a third-party certification or audit statement.