Privacy Policy
Last updated: June 22, 2026
At Elevate, we are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our global job platform.
Quick Navigation
Scope & Application
This Privacy Policy applies to all users of Elevate worldwide, including:
- Job Seekers: Individuals searching for employment opportunities
- Employers: Companies and recruiters posting job openings
- Visitors: Anyone accessing our website or services
Global Application:
As a global platform, we comply with multiple data protection regulations including: GDPR (European Union), CCPA/CPRA (California), PIPEDA (Canada), and other applicable international privacy laws.
By using our services, you consent to the collection and use of your information as described in this Privacy Policy.
Information We May Collect
From Job Seekers:
Personal Information
- Name, email, phone number, address
- Date of birth, nationality, work eligibility
- Social media profiles or other personal websites addresses
Professional Information
- CV/Resume and cover letters
- Work experience, education history
- Skills, certifications, licenses
- Portfolio links and work samples
Job Preferences
- Job titles and industry experience
- Salary expectations and requirements
- Location preferences
- Job alert settings
Platform Usage
- Job applications and responses
- Saved jobs and searches
- Direct interactions with employers
From Employers:
Company Information
- Company name, registration details
- Business address and contact information
- Company size
Recruiter Information
- Recruiter names and contact details
- Job positions
- Payment and billing information
- ATS usage patterns and preferences
Other Circumstances and Events:
Photography at Live Events
From time to time, we host live events, seminars, or conferences. Where photography takes place at such events, we may capture images for promotional purposes, including on our website, social media channels, and marketing materials. We rely on our legitimate interests as the legal basis for this activity. If you have any concerns about any use of your image, please Contact Us.
Automatically Collected Information:
- Cookies & Tracking: See Cookies Policy
How We Use Your Information
Core Platform Services
- Matching job seekers with employers
- Processing job applications
- Facilitating employer ATS functions
- Managing user accounts and profiles
Communication & Support
- Sending job alerts and notifications
- Responding to user inquiries
- Sending service updates
- Providing customer support
Improvement & Analytics
- Improving platform functionality
- Analyzing usage patterns
- Developing new features
- Personalizing user experience
Legal & Security Purposes:
We may use your information to comply with legal obligations, enforce our Terms of Service, protect our rights and property, prevent fraud, and ensure the security of our platform and users.
Email Communications & Opt-Out:
When you create an account, we will send you periodic email digests to keep you informed about relevant opportunities and content. These include:
- Job update digests — a summary of new jobs matching your profile and preferences (default: weekly; options: weekly, monthly, or never)
- Blog update digests — a roundup of new articles and education-sector insights (default: weekly; options: daily, weekly, monthly or never)
You can change the frequency or turn off these emails at any time in Account Settings → Notifications.
Transactional emails — such as application status updates, interview notifications, and job-expiry alerts — are sent based on account activity and are also individually configurable in the same Notifications settings.
Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data based on the following legal grounds:
| Legal Basis | Purpose | Examples |
|---|---|---|
| Contractual Necessity | To provide requested services | Processing job applications, managing profiles |
| Legitimate Interests | Platform improvement, security and promotional material | Analytics, fraud prevention, marketing |
| Legal Obligation | Compliance with laws | Tax reporting, legal requests |
| Consent | Optional features | Newsletters, certain cookies |
Withdrawing Consent:
Where we rely on your consent, you may withdraw it at any time through your account settings or by contacting us. Withdrawal does not affect the lawfulness of processing before withdrawal.
International Data Transfers
As a global platform, your data may be transferred to, stored, and processed in countries outside your country of residence, including:
Safeguards for International Transfers:
Standard Contractual Clauses (SCCs)
For transfers from EEA/UK to third countries
Adequacy Decisions
Where applicable, for transfers to adequate countries
Data Protection Agreements
With all service providers and partners
Your Rights Regarding Transfers:
You may request information about the specific safeguards applied to international transfers of your data by contacting our Data Protection Officer.
Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.
Encryption
Data encrypted in transit and at rest using industry standards
Access Controls
Strict access limitations and authentication requirements
Regular Audits
Continuous security assessments and penetration testing
Data Breach Response:
In the event of a data breach affecting your personal data, we will notify you and relevant authorities as required by applicable laws (within 72 hours for GDPR-covered breaches).
Important: While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
Retention Periods:
| Data Type | Retention Period | Basis |
|---|---|---|
| Active User Accounts | Until account deletion + 30 days | Service provision |
| Inactive Accounts | 2 years of inactivity | User convenience |
| Job Applications | 5 years from application | Legal claims |
| Payment Records | 7 years | Tax requirements |
| Marketing Data | Until consent withdrawal | Consent basis |
Data Deletion:
You may request deletion of your data at any time (see Section 9). We will delete or anonymize your data upon request, except where retention is necessary for legal compliance, dispute resolution, or security purposes.
Your Data Protection Rights
Global Rights:
Access & Portability
Right to access your data and receive it in a portable format
Correction & Deletion
Right to correct inaccurate data and request deletion
Restriction & Objection
Right to restrict processing and object to certain uses
Region-Specific Rights:
GDPR (EU/EEA/UK)
All rights under Articles 15-22 of GDPR, including right to data portability, right to object to processing, and rights related to automated decision-making.
CCPA/CPRA (California)
Right to know, delete, correct, and opt-out of sale/sharing of personal information. Right to non-discrimination for exercising CCPA rights.
Other Jurisdictions
We respect privacy rights under applicable laws in Canada (PIPEDA), Brazil (LGPD), Australia, Singapore, and other jurisdictions.
Exercising Your Rights:
Through Your Account
Many rights can be exercised directly in account settings
Email Request
Submit requests via our contact form
Verification Process
We verify your identity before processing requests (for security)
Response Time:
We respond to all legitimate requests within 30 days (or within legal deadlines if shorter). Complex requests may require additional time, in which case we will notify you.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us using the information below.
General Inquiries
For questions about privacy
Response time: Typically within 2-3 business days
Data Protection Officer
For GDPR-related inquiries
Response Commitment:
We are committed to addressing all privacy-related inquiries promptly. For GDPR data subject requests, we will respond within 30 days as required by law. For general inquiries, we aim to respond within 3 business days.
Contact Our Privacy Team
For privacy-related inquiries, to exercise your data rights, or to contact our Data Protection Officer, please use the information below.
Regulatory Authorities:
You have the right to lodge a complaint with your local data protection authority if you believe we have violated applicable data protection laws.
Regulatory Authorities:
You have the right to lodge a complaint with your local data protection authority if you believe we have violated applicable data protection laws.
For authorities not listed, search for "[Your Country] data protection authority" or visit the EU Data Protection Authorities directory
