shortlistd.io Terms of Use | AI Recruitment Platform

Last Updated: December 2, 2025

Agreement to Terms

We are Shortlistd, Inc. ("Shortlistd," "Company," "we," "us," "our"), a Delaware corporation. We operate shortlistd.io and provide AI-powered recruitment and hiring services (the "Services").

Contact Information:

By accessing or using our Services, you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, you may not use our Services.

Important: You must be at least 18 years old and have the legal capacity to enter into contracts to use our Services.

1. Our Services

Our Services include:

  • AI-powered candidate sourcing and discovery from public sources

  • Contact information enrichment for candidates

  • AI-assisted interview and screening tools

  • Recruitment workflow automation

  • Related hiring and talent acquisition features

The Services are provided "as is" for your personal or internal business use in connection with legitimate recruitment and hiring activities.

Service Limitations:

  • Our Services may not be suitable for use cases requiring compliance with specific industry regulations (HIPAA, FISMA, etc.)

  • You are responsible for determining whether our Services meet your regulatory requirements

  • You must not use our Services if doing so would violate applicable laws or regulations

2. DATA PROCESSING ROLES AND RESPONSIBILITIES

2.1 Data Controller and Processor Relationship

For Candidate Data Processing:

When you use our Services to source, view, enrich, or process information about candidates (job seekers or potential hires), the following relationship applies:

  • You (the Client) are the Data Controller: You determine the purposes and means of processing candidate personal data. You make decisions about which candidates to search for, contact, and evaluate.

  • Shortlistd is the Data Processor: We process candidate personal data solely on your behalf and according to your instructions through use of our platform.

Implications:

  • You bear primary legal responsibility for compliance with data protection laws (GDPR, CCPA, UK GDPR, etc.) regarding candidate data

  • You must ensure you have a lawful basis for all candidate data processing activities

  • We will assist you in meeting your compliance obligations as outlined in our Data Processing Agreement

2.2 Client Obligations for Candidate Data Processing

By using our Services, you represent, warrant, and agree that:

Lawful Basis: You have established and documented a lawful basis under applicable data protection law for processing candidate personal data, which is typically:

  • Legitimate interest in recruitment and talent acquisition, OR

  • Explicit consent from the candidate, OR

  • Necessity for entering into or performing an employment contract

Transparency Obligations: You will provide all required notices to candidates, including:

  • GDPR Article 14 notices when you collect candidate data indirectly through our Services

  • Information about your identity, processing purposes, data categories, retention periods, and candidate rights

  • Notice within 30 days of data collection or upon first contact with the candidate (whichever is sooner)

Purpose Limitation: You will use candidate data obtained through our Services solely for:

  • Legitimate recruitment, hiring, and talent acquisition purposes

  • Evaluation of candidates for specific job opportunities

  • Communication regarding employment opportunities

Prohibited Uses: You will NOT use candidate data for:

  • Marketing unrelated products or services to candidates

  • Building or selling contact databases

  • Spam, unsolicited bulk communications, or phishing

  • Any purpose unrelated to recruitment and hiring

  • Discrimination or violation of employment laws

  • Training AI models or systems without explicit consent

Data Subject Rights: You will:

  • Honor all candidate requests for access, rectification, erasure, restriction, objection, and portability

  • Promptly notify Shortlistd of any deletion or suppression requests

  • Maintain records of consent and lawful basis documentation

  • Provide candidates with a clear mechanism to exercise their rights

Sub-Processor Awareness: You acknowledge that:

  • Shortlistd uses third-party sub-processors to provide Services

  • A current list of sub-processors is available upon request

  • Shortlistd will notify you of changes to sub-processors as outlined in the DPA

2.3 Data Processing Agreement

All clients using our Services to process candidate data must execute our Data Processing Agreement (DPA), which includes:

  • Detailed processing terms and security obligations

  • Sub-processor lists and change notification procedures

  • Cross-border data transfer mechanisms

  • Breach notification procedures

  • Audit rights and compliance verification

  • Data subject rights fulfillment procedures

The DPA is incorporated by reference into these Terms. You can request the DPA by contacting info@shortlistd.io.

3. AI AND AUTOMATED PROCESSING

3.1 Human-in-the-Loop Commitment

No Automated Hiring Decisions: Our Services do not make automated decisions about hiring, candidate rejection, or employment suitability. All AI-generated recommendations, scores, or suggestions are:

  • Advisory only and require human review

  • Subject to human override at any time

  • Designed to assist, not replace, human judgment

Your Responsibility: You are solely responsible for all hiring decisions made using our Services, including:

  • Final candidate selection or rejection

  • Determining candidate suitability for roles

  • Ensuring compliance with employment laws and anti-discrimination regulations

  • Conducting appropriate due diligence and background checks

3.2 Sensitive Data Restrictions

Prohibited Inferences: Our AI systems are designed to avoid inferring, generating, or processing the following sensitive attributes:

  • Race, ethnicity, or national origin

  • Religious beliefs or philosophical views

  • Sexual orientation or gender identity (beyond what is voluntarily disclosed)

  • Health information, disability status, or genetic data

  • Political opinions or affiliations

  • Trade union membership

  • Biometric data used for identification purposes

If Sensitive Data Appears: If our Services inadvertently surface sensitive data from public sources, you must:

  • Not use such data in hiring decisions

  • Report it to us immediately so we can improve our filters

  • Delete such information from your records

3.3 Explainability and Transparency

Candidates and clients have the right to:

  • Understand the logic behind AI-generated recommendations

  • Request human review of AI-assisted assessments

  • Challenge or correct AI-generated information

  • Opt out of AI-assisted processing where legally required

4. DATA SOURCING AND ENRICHMENT

4.1 Public Data Sources

Our Services may retrieve candidate information from:

  • Publicly accessible professional profiles and websites

  • Company directories and staff pages

  • GitHub, portfolios, and professional publications

  • Job board profiles where candidates have made information public

  • Business email patterns derived from public information

  • Other lawfully accessible public sources

Source Restrictions: We do NOT:

  • Scrape data from behind login walls or paywalls

  • Use data obtained through unauthorized access

  • Circumvent privacy controls or robots.txt restrictions

  • Purchase or use data from breach databases

4.2 Contact Information Enrichment

When you request contact information (email addresses, phone numbers) through our Services:

Sourcing Standards:

  • We retrieve only publicly available or legitimately discoverable contact information

  • Corporate email addresses are derived from public patterns

  • Phone numbers are sourced only from public business directories or published contact information

  • We do not provide personal (private) email addresses or phone numbers obtained through unauthorized means

Your Obligations:

  • You must have a lawful basis before using contact information to reach out to candidates

  • You must honor opt-out and do-not-contact requests

  • You must comply with anti-spam laws (CAN-SPAM, GDPR Article 21, ePrivacy Directive)

  • You must not use contact information for purposes other than recruitment

4.3 Data Accuracy and Liability

No Warranties: We do not warrant that:

  • All data obtained from public sources is accurate or current

  • Contact information will be valid or deliverable

  • Candidate profiles are complete or up-to-date

Your Responsibility: You must independently verify information before making hiring decisions or contacting candidates.

5. CANDIDATE DATA RETENTION AND DELETION

5.1 Your Retention Obligations

When you use our Services to collect candidate data, you must:

  • Establish and document your own data retention policy

  • Delete candidate data when no longer needed for recruitment purposes

  • Honor candidate deletion requests within required timeframes (typically 30 days)

  • Maintain only the minimum data necessary for your legitimate purposes

5.2 Our Retention Practices

Platform Data: Data stored in our systems on your behalf will be retained according to:

  • Your active account status and subscription

  • Your documented retention instructions

  • Applicable legal requirements

  • Our Data Processing Agreement terms

Deletion Propagation: When a candidate requests deletion:

  • You must notify us immediately

  • We will delete or suppress the candidate's data in our systems

  • We will propagate deletion requests to our sub-processors where feasible

  • We maintain a suppression list to prevent re-discovery of deleted profiles

6. User Rights and Restrictions

6.1 Permitted Uses

You may:

  • Access and use our Services for legitimate recruitment and hiring purposes

  • Download or print content you have lawful access to

  • Integrate our Services with your internal recruitment systems via authorized APIs

  • Share access with authorized team members within your organization

6.2 Prohibited Activities

You may NOT:

  • Use our Services for any purpose other than recruitment and hiring

  • Resell, redistribute, or sublicense access to our Services

  • Build a competing product or service using our Services

  • Use automated tools (bots, scrapers) to extract data beyond authorized API usage

  • Share account credentials or allow unauthorized access

  • Interfere with or disrupt our Services or other users

  • Upload malicious content (viruses, malware, etc.)

  • Impersonate others or create fake accounts

  • Violate any applicable law or regulation

  • Circumvent technical restrictions or security measures

  • Use our Services to discriminate against protected classes

  • Harvest or collect candidate data for purposes other than recruitment

7. User Content and Intellectual Property

7.1 Your Content

Ownership: You retain ownership of all content, data, and information you upload or create using our Services.

License Grant: You grant Shortlistd a limited, non-exclusive, worldwide license to:

  • Use, store, and process your content to provide the Services

  • Generate analytics and improve our platform (in aggregated, de-identified form)

  • Display your job postings and company information to candidates

Your Responsibilities: You represent and warrant that:

  • You have all necessary rights to upload and use your content

  • Your content does not violate any law, regulation, or third-party rights

  • Your content does not contain discriminatory, defamatory, or illegal material

7.2 Shortlistd Intellectual Property

Our Rights: Shortlistd owns all rights, title, and interest in:

  • The Services, platform, and underlying technology

  • Our AI models, algorithms, and proprietary systems

  • Our trademarks, logos, and brand materials

  • All improvements and derivative works we create

Restrictions: You may not:

  • Copy, modify, or create derivative works of our Services

  • Reverse engineer, decompile, or attempt to extract our source code or algorithms

  • Remove or alter any proprietary notices or labels

  • Use our trademarks without written permission

8. Account Management and Payments

8.1 Account Registration

Account Requirements:

  • Provide accurate and complete registration information

  • Keep your account information current and up-to-date

  • Maintain the security and confidentiality of your login credentials

  • Notify us immediately of any unauthorized access or security breach

Account Responsibility: You are responsible for all activities under your account, including actions by team members you authorize.

8.2 Subscription and Payments

Payment Terms:

  • All fees are in U.S. Dollars unless otherwise specified

  • We accept major credit cards and bank transfers

  • Payment is processed through Stripe (see their privacy policy)

  • Subscription fees are billed in advance on a recurring basis

  • We do not store your credit card information

Billing Practices:

  • Subscriptions automatically renew unless you cancel

  • You can cancel anytime through your account settings

  • Cancellation takes effect at the end of your current billing period

  • We may offer free trials that convert to paid subscriptions

  • Free trial terms will be clearly disclosed at sign-up

No Refunds: All payments are final and non-refundable except:

  • Where required by applicable law

  • If we fail to provide the Services as agreed

  • At our sole discretion in exceptional circumstances

Price Changes:

  • We may change our pricing with 30 days' notice

  • Price changes apply to subsequent billing periods

  • You may cancel if you don't agree to price changes

8.3 Suspension and Termination

We May Suspend or Terminate:

  • For violation of these Terms

  • For non-payment of fees

  • For fraud, abuse, or illegal activity

  • For extended inactivity

  • To comply with legal requirements

  • At our discretion for any or no reason

Your Rights on Termination:

  • You may export your data before termination (subject to data retention obligations)

  • You remain responsible for all fees incurred before termination

  • Termination does not affect your ongoing data protection obligations to candidates

Effect of Termination:

  • Your access to the Services will cease

  • We may delete your account data per our retention policy

  • Candidate data will be handled per the DPA and data protection laws

  • Provisions that by their nature should survive (indemnification, disclaimers, limitations) will continue

9. Privacy and Data Security

9.1 Privacy Policy

Your use of our Services is governed by our Privacy Policy, available at shortlistd.io/terms/privacy-policy, which is incorporated into these Terms by reference.

9.2 Data Security

Our Commitments:

  • We implement industry-standard technical and organizational security measures

  • We encrypt data in transit and at rest

  • We conduct regular security assessments

  • We train our team on data protection and security practices

  • We maintain incident response procedures

Security Limitations:

  • No system is 100% secure

  • We cannot guarantee absolute security or prevent all unauthorized access

  • You must notify us immediately if you suspect a security incident

Your Responsibilities:

  • Maintain strong passwords and protect your credentials

  • Use two-factor authentication if available

  • Monitor your account for suspicious activity

  • Comply with reasonable security instructions we provide

9.3 Data Location and Transfers

Primary Location: Our Services are hosted in the United States, and your data will be stored and processed there.

International Transfers: If you are located outside the United States:

  • Your data will be transferred to and processed in the U.S.

  • We implement appropriate safeguards (Standard Contractual Clauses, etc.)

  • You consent to such transfer by using our Services

  • Specific transfer mechanisms are detailed in our DPA

10. Disclaimers and Limitations of Liability

10.1 Service Disclaimers

AS-IS BASIS: THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:

  • Warranties of merchantability, fitness for a particular purpose, or non-infringement

  • Warranties regarding availability, reliability, or timeliness

  • Warranties regarding accuracy, completeness, or quality of data

SPECIFIC DISCLAIMERS:

  • Hiring Decisions: We provide tools and information only. You are solely responsible for all hiring decisions, candidate evaluations, and employment-related actions.

  • Data Accuracy: We do not warrant that data obtained through our Services is accurate, complete, or current.

  • Compliance: While we design our Services to support compliance, we do not guarantee that use of our Services will ensure compliance with all applicable laws.

  • Third-Party Data: We are not responsible for the accuracy or legality of data provided by third-party sources.

10.2 Limitation of Liability

MAXIMUM LIABILITY: TO THE FULLEST EXTENT PERMITTED BY LAW, SHORTLISTD'S TOTAL LIABILITY TO YOU FOR ANY CLAIMS ARISING FROM OR RELATED TO THESE TERMS OR THE SERVICES SHALL NOT EXCEED THE GREATER OF:

  • The amount you paid us in the 6 months preceding the claim, OR

  • $100 USD

EXCLUDED DAMAGES: IN NO EVENT SHALL SHORTLISTD BE LIABLE FOR:

  • Indirect, incidental, special, consequential, or punitive damages

  • Lost profits, revenue, data, or business opportunities

  • Cost of substitute services

  • Damages arising from reliance on data or recommendations

  • Damages arising from hiring decisions or employment-related claims

LIMITATIONS APPLY TO: These limitations apply regardless of the theory of liability (contract, tort, negligence, strict liability, or otherwise) and even if we have been advised of the possibility of such damages.

EXCEPTIONS: Some jurisdictions do not allow limitation of liability for certain damages, so these limitations may not apply to you.

10.3 Indemnification

Your Indemnity Obligation: You agree to defend, indemnify, and hold harmless Shortlistd, its affiliates, and their respective officers, directors, employees, and agents from and against any claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising from or related to:

  • Your use of the Services

  • Your violation of these Terms

  • Your violation of any law or regulation

  • Your violation of any third-party rights (including candidate privacy rights)

  • Your hiring decisions or employment-related actions

  • Your failure to comply with data protection obligations

  • Content you upload or create using the Services

Our Rights: We reserve the right to assume exclusive defense and control of any matter subject to indemnification, at your expense.

11. Dispute Resolution

11.1 Informal Resolution

Before filing any legal claim, you agree to first contact us at info@shortlistd.io and attempt to resolve the dispute informally for at least 30 days.

11.2 Binding Arbitration

Agreement to Arbitrate: Any dispute, claim, or controversy arising from or relating to these Terms or the Services that cannot be resolved informally shall be resolved by binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules.

Arbitration Procedures:

  • One arbitrator will be selected per AAA rules

  • The arbitration will be conducted in Delaware or remotely via videoconference

  • Each party bears its own costs and attorneys' fees unless the arbitrator awards them to the prevailing party

  • The arbitrator's decision will be final and binding

  • Judgment on the arbitration award may be entered in any court of competent jurisdiction

Class Action Waiver: You agree that disputes will be resolved on an individual basis only. You waive any right to participate in a class action, collective action, or representative proceeding.

Exceptions to Arbitration: Either party may bring a claim in court (without arbitration) for:

  • Intellectual property disputes (trademark, copyright, patent, trade secret)

  • Theft, piracy, or unauthorized use of intellectual property

  • Requests for injunctive or equitable relief

11.3 Time Limitation

You must bring any claim within one (1) year after the claim arises, or it will be permanently barred.

11.4 Governing Law and Venue

Governing Law: These Terms are governed by the laws of the State of Delaware, USA, without regard to conflict of law principles.

Venue: For any disputes that are not subject to arbitration, the exclusive venue shall be the state or federal courts located in Delaware, and you consent to personal jurisdiction there.

12. General Terms

12.1 Changes to Terms

We may modify these Terms at any time by:

  • Posting updated Terms on our website

  • Updating the "Last Updated" date

  • Providing notice via email or the Services (for material changes)

Your Options:

  • Continued use of the Services after changes constitutes acceptance

  • If you don't agree to changes, you must stop using the Services and terminate your account

12.2 Electronic Communications

Consent: By using our Services, you consent to receive communications from us electronically via:

  • Email to your registered email address

  • Notices posted on the Services

  • In-app messages or notifications

Legal Effect: Electronic communications satisfy any legal requirement that communications be in writing.

12.3 Entire Agreement

These Terms, together with our Privacy Policy, DPA, and any other incorporated agreements, constitute the entire agreement between you and Shortlistd regarding the Services and supersede all prior agreements.

12.4 Severability

If any provision of these Terms is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary, and the remaining provisions will remain in full force and effect.

12.5 No Waiver

Our failure to enforce any right or provision of these Terms will not be deemed a waiver of such right or provision.

12.6 Assignment

You may not assign or transfer these Terms or your account without our prior written consent. We may assign these Terms without restriction.

12.7 Force Majeure

We are not liable for any failure or delay in performing our obligations due to circumstances beyond our reasonable control.

12.8 Relationship

These Terms do not create any partnership, joint venture, employment, or agency relationship between you and Shortlistd.

13. Contact Information

For General Questions: Shortlistd, Inc. 221 W 9th St Wilmington, DE 19801 Email: info@shortlistd.io

For Privacy or Data Protection Questions: Email: info@shortlistd.io Subject Line: "Privacy/Data Protection"

For Legal or Compliance Questions: Email: info@shortlistd.io Subject Line: "Legal/Compliance"

Acknowledgment

By using the Services, you acknowledge that:

  • You have read and understood these Terms

  • You agree to be bound by these Terms

  • You have the authority to enter into these Terms on behalf of your organization (if applicable)

  • You will comply with all applicable laws and regulations in your use of the Services

IMPORTANT NOTE FOR CLIENTS PROCESSING CANDIDATE DATA:

If you will be using Shortlistd to process candidate personal data (sourcing, enriching, contacting candidates), you MUST:

  1. Execute our Data Processing Agreement (DPA)

  2. Document your lawful basis for processing

  3. Implement Article 14 notification procedures

  4. Establish candidate rights fulfillment processes

Contact info@shortlistd.io with "DPA Request" in the subject line to begin the process.