Privacy policy

Privacy policy

Privacy Policy - Intaqe B.V.

Last updated: 4 May 2026

1. Introduction

This Privacy Policy explains how Intaqe B.V. ("we", "us", or "our") collects, uses, and protects personal data when individuals interact with Intaqe B.V., our AI-powered recruiting platform.

Intaqe is a software platform developed and operated by Intaqe B.V., providing conversational infrastructure for hiring teams and recruitment workflows.

When candidates or users interact with Intaqe, personal data may be processed in accordance with this Privacy Policy.

We process personal data in compliance with the General Data Protection Regulation and other applicable European data protection laws. Where artificial intelligence is used, Intaqe is designed to align with transparency and human oversight requirements introduced by the European Union Artificial Intelligence Act.

2. Roles and Responsibilities

Under the GDPR, our role depends on which data is being processed.

Intaqe acts as Processor for candidate data

When Customers (employers using Intaqe) process candidate data through the platform, the Customer is the Controller and Intaqe is the Processor. The Controller determines:

  • which candidate data is collected
  • which screening questions are asked
  • how candidate information is evaluated
  • how hiring decisions are made

Intaqe processes this data only on behalf of the Customer and according to their documented instructions, as set out in our Data Processing Agreement (DPA).

Intaqe acts as Controller for

  • Customer account data (names, business emails, login credentials of users with an Intaqe account)
  • Website visitor data and analytics
  • Direct communications with Intaqe (e.g. sales, support, marketing)

For this data, Intaqe determines the purposes and means of processing, as described in this Privacy Policy.

3. Data We Process

We process only data that is necessary to provide our services. This may include:

Account and business information

  • Name
  • Email address
  • Company name
  • Account credentials

Candidate-provided information

  • Job application information
  • Responses submitted through interviews or screening flows
  • CV or resume data (if provided)

Evaluation outputs

  • Structured summaries or evaluation outputs generated based on customer-defined criteria

Communication data

  • Chat or voice interaction transcripts where applicable
  • Interaction timestamps and session data

Technical data

  • IP address
  • Browser/device information
  • System logs for security and reliability

We do not intentionally process special categories of personal data (such as health data or religious beliefs) unless voluntarily provided and required for the hiring process.

4. Legal Basis for Processing

Personal data is processed under the following legal bases under the General Data Protection Regulation:

Contractual necessity
To deliver and operate the Intaqe platform.

Legitimate interest
To maintain platform security, prevent misuse, and improve system performance.

Consent
Where required by law, particularly when candidates interact directly with automated intake or screening systems.

Customers remain responsible for determining the appropriate legal basis for candidate data processing.

5. Purpose Limitation & Data Minimization

Personal data is:

  • collected only for recruitment-related purposes
  • limited to data necessary for candidate intake and evaluation
  • not reused for unrelated or secondary purposes

We apply data minimization principles when designing our systems.

6. AI Use & EU AI Act Compliance

Intaqe uses artificial intelligence to support recruitment workflows such as:

  • conducting conversational candidate screening
  • organizing candidate responses
  • generating structured summaries for recruiters

In line with the European Union Artificial Intelligence Act:

  • Intaqe functions as a decision-support system, not an autonomous decision-maker
  • Final hiring decisions always remain with human recruiters
  • Evaluation criteria are defined by customers, not inferred by the system
  • AI outputs are designed to be functionally explainable and auditable

We implement safeguards to reduce bias and help prevent unlawful or discriminatory outcomes.

7. AI Use and Data Protection

7.1 No training on your data

Candidate and Customer data is never used to train our own AI models. Our LLM providers process this data under data processing agreements that prohibit training on customer data. All data-sharing options with our providers are disabled, and API calls are configured to prevent provider-side storage of inputs and outputs beyond what is strictly required for security monitoring.

7.2 PII redaction before AI processing

Before data is sent to AI models, we automatically remove direct personal identifiers such as names, email addresses, phone numbers and other contact details. Only the information needed for the specific task (such as skills, work history or interview responses) is processed by the AI.

7.3 Pseudonymization

Where AI processing is required, data is pseudonymized: direct identifiers are replaced with internal references so that AI outputs cannot be linked to an individual without access to our internal systems.

7.4 Aggregation for improvements

Where we use data to improve our systems, we rely on aggregated and statistical data wherever possible.

8. Data Sharing & Subprocessors

We share personal data only with trusted subprocessors necessary to operate the platform, such as:

  • hosting and cloud infrastructure providers
  • communication infrastructure providers
  • security and monitoring services

All subprocessors are bound by GDPR-compliant Data Processing Agreements.

We do not sell personal data to third parties.

9. International Data Transfers

Where personal data is transferred outside the European Economic Area, we ensure appropriate safeguards are implemented, such as Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.

10. Data Retention

Personal data is retained only as long as necessary for the purposes described in this policy. Specifically:

  • CV and application data: 90 days after the end of the recruitment process. With the candidate's explicit consent to join a talent pool, this data is retained for up to 1 year, after which the candidate is asked whether they want to extend.
  • Conversation transcripts and AI-generated summaries: retained together with the application data and deleted on the same schedule.
  • Video recordings (only with prior consent): 30 days after the interview, then automatically deleted.
  • Technical and AI audit logs: 12 months, unless a longer retention period is required by law (e.g. EU AI Act).
  • Account data of Customer users: for the duration of the contract plus 12 months.

After these periods, data is automatically and irreversibly deleted from our production systems. Backups are overwritten on a rolling basis within 30 days. Where required by law, data may be retained longer (e.g. for legal claims or regulatory obligations).

11. Security Measures

We apply appropriate technical and organizational measures to protect personal data against loss, unauthorized access, or misuse, including:

  • encrypted communication (HTTPS)
  • strict access controls
  • secure infrastructure
  • monitoring and logging systems

Administrative Access
In exceptional cases, authorized personnel of Intaqe B.V. may access customer data strictly for purposes such as technical support, maintenance, security, and incident resolution.

Such access is limited to what is necessary, restricted to authorized personnel, and is subject to logging and monitoring. Access events may be reviewed internally for security and compliance purposes.

12. Data Subject Rights

Under the General Data Protection Regulation, individuals have the right to:

  • access their personal data
  • request correction of inaccurate data
  • request deletion of personal data
  • request restriction of processing
  • object to certain types of processing
  • request data portability

Candidates should generally contact the employer they applied to (the Data Controller) to exercise these rights.

Requests may also be directed to Intaqe where appropriate. Contact Intaqe via hello@intaqe.eu. We will respond to all data subject requests within a month of receipt.

Individuals also have the right to lodge a complaint with their national data protection authority.

13. Transparency When Interacting With AI

When candidates interact with Intaqe, they may communicate with an AI-powered recruitment assistant.

Users are informed that the system uses artificial intelligence to facilitate screening and intake processes.

Human recruiters remain responsible for reviewing candidate information and making hiring decisions.

14. Contact

For privacy or AI-related questions, please contact: hello@intaqe.eu

Intaqe B.V.

Paramaribostraat 42-1, 1058VL

Amsterdam, The Netherlands

KvK: 42049887

Email: hello@intaqe.eu

Main

HomePricingAbout usFeatures

Other

EU AI ActBlogsContact

Terms

Terms & ConditionsPrivacy Policy

Connect

LinkedIn

Join Our Newsletter