shortlistd.io Terms of Use | AI Recruitment Platform

Last Updated: January 24, 2026

Agreement to Terms

We are Shortlistd, Inc. ("Shortlistd," "Company," "we," "us," "our"), a Delaware corporation. We operate shortlistd.io and provide AI-powered recruitment and hiring services (the "Services").

Contact Information:

  • Email: info@shortlistd.io

  • Address: 221 W 9th St, Wilmington, DE 19801

By accessing or using our Services, you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, you may not use our Services.

Important: You must be at least 18 years old and have the legal capacity to enter into contracts to use our Services.

1. Our Services

Our Services include:

  • AI-powered candidate sourcing and discovery from public sources

  • Contact information enrichment for candidates

  • AI-assisted interview and screening tools

  • Recruitment outreach automation (email, LinkedIn, WhatsApp)

  • Recruitment workflow automation

  • Related hiring and talent acquisition features

The Services are provided "as is" for your personal or internal business use in connection with legitimate recruitment and hiring activities.

Service Limitations:

  • Our Services may not be suitable for use cases requiring compliance with specific industry regulations (HIPAA, FISMA, etc.)

  • You are responsible for determining whether our Services meet your regulatory requirements

  • You must not use our Services if doing so would violate applicable laws or regulations

2. DATA PROCESSING ROLES AND RESPONSIBILITIES

2.1 Joint Controller Relationship

For Candidate Data Processing:

When you use our Services to source, enrich, contact, or evaluate candidates, both you and Shortlistd are joint controllers of candidate personal data under applicable data protection laws (GDPR, UK GDPR, CCPA, etc.).

What "Joint Controllers" Means:

Both parties determine aspects of how and why candidate data is processed:

You (Client) Determine:

  • Purpose: Which roles to fill, which candidates to pursue

  • Selection: Which candidates to view, contact, or interview

  • Content: What messages to send to candidates

  • Hiring Decisions: All final employment decisions

Shortlistd Determines:

  • Technical Means: How data is sourced, enriched, and delivered

  • Data Providers: Use of third-party professional database and contact enrichment services

  • Platform Features: Which outreach channels and tools are available

  • Infrastructure: Message execution via integrated communication services

Client Options:

When using candidate sourcing features, you have two options:

  1. Export CSV (You become sole controller)

    • Download candidate data

    • Use in your own external tools

    • Full control and sole responsibility

  2. Platform Execution (Joint controllers)

    • Execute outreach via Shortlistd using your connected Gmail/LinkedIn/WhatsApp accounts

    • We send messages through your accounts via our communication infrastructure

    • Shared responsibility for compliance

2.2 Client Obligations for Candidate Data Processing

By using our Services, you represent, warrant, and agree that:

Lawful Basis: You have established and documented a lawful basis under applicable data protection law for processing candidate personal data, which is typically:

  • Legitimate interest in recruitment and talent acquisition, OR

  • Explicit consent from the candidate, OR

  • Necessity for entering into or performing an employment contract

Transparency Obligations: For outreach executed via our platform:

  • We include opt-out footers in all platform-sent messages

  • We provide Article 14 notice templates you can use

  • You should include transparency language in your communications

  • Candidates can opt out at shortlistd.io/opt-out

Purpose Limitation: You will use candidate data obtained through our Services solely for:

  • Legitimate recruitment, hiring, and talent acquisition purposes

  • Evaluation of candidates for specific job opportunities

  • Communication regarding employment opportunities

Prohibited Uses: You will NOT use candidate data for:

  • Marketing unrelated products or services to candidates

  • Building or selling contact databases

  • Spam, unsolicited bulk communications, or phishing

  • Any purpose unrelated to recruitment and hiring

  • Discrimination or violation of employment laws

  • Training AI models or systems without explicit consent

Data Subject Rights: You will:

  • Honor all candidate requests for access, rectification, erasure, restriction, objection, and portability

  • Promptly notify Shortlistd of any deletion or suppression requests via privacy@shortlistd.io

  • Maintain records of your lawful basis documentation

  • Coordinate with Shortlistd on fulfilling candidate rights requests

Data Provider Awareness: You acknowledge that:

  • Shortlistd obtains candidate data from third-party professional database providers and contact enrichment services

  • These providers are independent controllers with their own privacy practices

  • Specific provider names are available upon request for compliance purposes

  • A current list of data providers is available at shortlistd.io/data-providers

2.3 Joint Controller Agreement

All clients using our platform outreach features must accept our Joint Controller Agreement, which establishes:

  • Clear allocation of responsibilities between you and Shortlistd

  • How we coordinate on GDPR compliance (Article 14 notices, opt-outs, deletions)

  • Data security obligations for both parties

  • Breach notification procedures

  • Indemnification for each party's violations

The Joint Controller Agreement is incorporated by reference into these Terms. You will be required to accept it before using candidate sourcing features.

Note: If you only export candidate data (CSV) and use it in external tools, you are the sole controller and the Joint Controller Agreement does not apply to that exported data.

2.4 Talent Pool (Shared Candidate Access)

Passive Sourcing vs. Active Applications:

When you use our candidate sourcing features, we distinguish between:

1. Passive Sourcing (Private to You):

  • When you search for candidates using our sourcing tools

  • Candidates appear in your private workspace only

  • These candidates are NOT shared with other clients

  • Your selections, notes, and decisions remain confidential

2. Talent Pool (Shared Access):

  • When candidates actively apply to jobs via our platform

  • When candidates create searchable profiles on Shortlistd

  • When candidates opt in to talent pool visibility

These candidates become part of a shared talent pool where:

  • Multiple clients can discover them for relevant opportunities

  • Each client's notes and decisions remain private

  • Candidates benefit from broader job exposure

  • Shortlistd acts as independent controller for pool management

Talent Pool Opt-Out:

  • Candidates can opt out of talent pool at any time

  • Visit shortlistd.io/opt-out or email privacy@shortlistd.io

  • Removed from shared pool within 7 days

  • Individual clients may retain data per their retention policies

Client Workspace Privacy:

  • Your candidate searches, selections, and notes are always private

  • We never tell other clients which candidates you viewed or rejected

  • Talent pool sharing only applies to candidates who actively engaged

3. AI AND AUTOMATED PROCESSING

3.1 Human-in-the-Loop Commitment

No Automated Hiring Decisions: Our Services do not make automated decisions about hiring, candidate rejection, or employment suitability. All AI-generated recommendations, scores, or suggestions are:

  • Advisory only and require human review

  • Subject to human override at any time

  • Designed to assist, not replace, human judgment

Your Responsibility: You are solely responsible for all hiring decisions made using our Services, including:

  • Final candidate selection or rejection

  • Determining candidate suitability for roles

  • Ensuring compliance with employment laws and anti-discrimination regulations

  • Conducting appropriate due diligence and background checks

3.2 Sensitive Data Restrictions

Prohibited Inferences: Our AI systems are designed to avoid inferring, generating, or processing the following sensitive attributes:

  • Race, ethnicity, or national origin

  • Religious beliefs or philosophical views

  • Sexual orientation or gender identity (beyond what is voluntarily disclosed)

  • Health information, disability status, or genetic data

  • Political opinions or affiliations

  • Trade union membership

  • Biometric data used for identification purposes

If Sensitive Data Appears: If our Services inadvertently surface sensitive data from public sources, you must:

  • Not use such data in hiring decisions

  • Report it to us immediately at info@shortlistd.io so we can improve our filters

  • Delete such information from your records

3.3 Explainability and Transparency

Candidates and clients have the right to:

  • Understand the logic behind AI-generated recommendations

  • Request human review of AI-assisted assessments

  • Challenge or correct AI-generated information

  • Opt out of AI-assisted processing where legally required

4. DATA SOURCING AND ENRICHMENT

4.1 Public Data Sources

Our Services retrieve candidate information from third-party data providers who source from:

  • Publicly accessible professional profiles and websites

  • Company directories and staff pages

  • GitHub, portfolios, and professional publications

  • Job board profiles where candidates have made information public

  • Business email patterns derived from public information

  • Other lawfully accessible public sources

Our Data Providers:

We obtain candidate data from third-party professional database providers and contact enrichment services. These providers:

  • Are independent data controllers with their own privacy practices

  • Source data from publicly available business information

  • Operate under their own lawful bases and privacy policies

Specific provider names are available upon request for compliance purposes. Contact privacy@shortlistd.io or visit shortlistd.io/data-providers

Source Restrictions: We and our providers do NOT:

  • Scrape data from behind login walls or paywalls

  • Use data obtained through unauthorized access

  • Circumvent privacy controls or robots.txt restrictions

  • Purchase or use data from breach databases

4.2 Contact Information Enrichment

When you request contact information (email addresses, phone numbers) through our Services:

Sourcing Standards:

  • We retrieve only publicly available or legitimately discoverable contact information

  • Corporate email addresses are derived from public patterns

  • Phone numbers are sourced only from public business directories or published contact information

  • We do not provide personal (private) email addresses or phone numbers obtained through unauthorized means

Your Obligations:

  • You must have a lawful basis before using contact information to reach out to candidates

  • You must honor opt-out and do-not-contact requests

  • You must comply with anti-spam laws (CAN-SPAM, GDPR Article 21, ePrivacy Directive)

  • You must not use contact information for purposes other than recruitment

4.3 Data Accuracy and Liability

No Warranties: We do not warrant that:

  • All data obtained from public sources is accurate or current

  • Contact information will be valid or deliverable

  • Candidate profiles are complete or up-to-date

Your Responsibility: You must independently verify information before making hiring decisions or contacting candidates.

5. OUTREACH EXECUTION VIA PLATFORM

5.1 How Platform Outreach Works

When you use our platform to execute outreach (rather than exporting data):

Account Connection:

  • You connect your own Gmail, LinkedIn, and/or WhatsApp accounts to Shortlistd

  • Connection is handled securely via our communication infrastructure provider

  • We never store your account passwords

Message Execution:

  • You select which candidates to contact and provide message content

  • We execute the send operation through your connected accounts

  • Messages are sent from YOUR account (not ours)

  • All messages include an automatic opt-out footer

Your Responsibilities:

  • Maintain security of your connected accounts

  • Use strong passwords and enable two-factor authentication

  • Only send messages related to legitimate recruitment

  • Honor all opt-out requests immediately

  • Comply with platform terms of service (Gmail, LinkedIn, WhatsApp)

Risks:

  • Platform automation may violate terms of service of email/social platforms

  • Account suspension or termination is possible

  • You bear all risk of account restrictions

  • We are not liable for platform enforcement actions against your accounts

5.2 Automatic Opt-Out Footer

All messages sent via our platform include:

You may customize message content but cannot remove the opt-out footer.

6. CANDIDATE DATA RETENTION AND DELETION

6.1 Your Retention Obligations

When you use our Services to collect candidate data, you must:

  • Establish and document your own data retention policy

  • Delete candidate data when no longer needed for recruitment purposes

  • Honor candidate deletion requests within required timeframes (typically 30 days)

  • Maintain only the minimum data necessary for your legitimate purposes

6.2 Our Retention Practices

Platform Data: Data stored in our systems will be retained according to:

  • Your active account status and subscription

  • Duration of active recruitment activities (maximum 12 months from last access)

  • Applicable legal requirements

  • Our Joint Controller Agreement terms

Deletion Propagation: When a candidate requests deletion:

  • Candidate can opt out at shortlistd.io/opt-out

  • You must notify us via privacy@shortlistd.io of any deletion requests you receive

  • We will delete or suppress the candidate's data in our systems within 30 days

  • We will coordinate deletion with our data providers

  • We maintain a permanent suppression list to prevent re-discovery of deleted profiles

Suppression List: Candidates who opt out are:

  • Permanently suppressed from all future searches

  • Never re-contacted or re-discovered

  • Honored indefinitely across all clients

7. User Rights and Restrictions

7.1 Permitted Uses

You may:

  • Access and use our Services for legitimate recruitment and hiring purposes

  • Download or print content you have lawful access to

  • Integrate our Services with your internal recruitment systems via authorized APIs

  • Share access with authorized team members within your organization

7.2 Prohibited Activities

You may NOT:

  • Use our Services for any purpose other than recruitment and hiring

  • Resell, redistribute, or sublicense access to our Services

  • Build a competing product or service using our Services

  • Use automated tools (bots, scrapers) to extract data beyond authorized API usage

  • Share account credentials or allow unauthorized access

  • Interfere with or disrupt our Services or other users

  • Upload malicious content (viruses, malware, etc.)

  • Impersonate others or create fake accounts

  • Violate any applicable law or regulation

  • Circumvent technical restrictions or security measures

  • Use our Services to discriminate against protected classes

  • Harvest or collect candidate data for purposes other than recruitment

  • Contact or solicit our data providers directly (non-circumvention)

8. User Content and Intellectual Property

8.1 Your Content

Ownership: You retain ownership of all content, data, and information you upload or create using our Services.

License Grant: You grant Shortlistd a limited, non-exclusive, worldwide license to:

  • Use, store, and process your content to provide the Services

  • Generate analytics and improve our platform (in aggregated, de-identified form)

  • Display your job postings and company information to candidates

Your Responsibilities: You represent and warrant that:

  • You have all necessary rights to upload and use your content

  • Your content does not violate any law, regulation, or third-party rights

  • Your content does not contain discriminatory, defamatory, or illegal material

8.2 Shortlistd Intellectual Property

Our Rights: Shortlistd owns all rights, title, and interest in:

  • The Services, platform, and underlying technology

  • Our AI models, algorithms, and proprietary systems

  • Our trademarks, logos, and brand materials

  • All improvements and derivative works we create

  • Our data sourcing methodology and vendor relationships

Restrictions: You may not:

  • Copy, modify, or create derivative works of our Services

  • Reverse engineer, decompile, or attempt to extract our source code or algorithms

  • Remove or alter any proprietary notices or labels

  • Use our trademarks without written permission

  • Contact or attempt to work directly with our data providers or service providers

9. Account Management and Payments

9.1 Account Registration

Account Requirements:

  • Provide accurate and complete registration information

  • Keep your account information current and up-to-date

  • Maintain the security and confidentiality of your login credentials

  • Notify us immediately of any unauthorized access or security breach

Account Responsibility: You are responsible for all activities under your account, including actions by team members you authorize.

9.2 Subscription and Payments

Payment Terms:

  • All fees are in U.S. Dollars unless otherwise specified

  • We accept major credit cards and bank transfers

  • Payment is processed through Stripe (see their privacy policy)

  • Subscription fees are billed in advance on a recurring basis

  • We do not store your credit card information

Billing Practices:

  • Subscriptions automatically renew unless you cancel

  • You can cancel anytime through your account settings

  • Cancellation takes effect at the end of your current billing period

  • We may offer free trials that convert to paid subscriptions

  • Free trial terms will be clearly disclosed at sign-up

No Refunds: All payments are final and non-refundable except:

  • Where required by applicable law

  • If we fail to provide the Services as agreed

  • At our sole discretion in exceptional circumstances

Price Changes:

  • We may change our pricing with 30 days' notice

  • Price changes apply to subsequent billing periods

  • You may cancel if you don't agree to price changes

9.3 Suspension and Termination

We May Suspend or Terminate:

  • For violation of these Terms

  • For non-payment of fees

  • For fraud, abuse, or illegal activity

  • For extended inactivity

  • To comply with legal requirements

  • At our discretion for any or no reason

Your Rights on Termination:

  • You may export your data before termination (subject to data retention obligations)

  • You remain responsible for all fees incurred before termination

  • Termination does not affect your ongoing data protection obligations to candidates

Effect of Termination:

  • Your access to the Services will cease

  • We may delete your account data per our retention policy

  • Candidate data will be handled per the Joint Controller Agreement and data protection laws

  • Provisions that by their nature should survive (indemnification, disclaimers, limitations) will continue

10. Privacy and Data Security

10.1 Privacy Policy

Your use of our Services is governed by our Privacy Policy, available at shortlistd.io/privacy, which is incorporated into these Terms by reference.

10.2 Data Security

Our Commitments:

  • We implement industry-standard technical and organizational security measures

  • We encrypt data in transit (TLS 1.3) and at rest (AES-256)

  • We conduct regular security assessments

  • We train our team on data protection and security practices

  • We maintain incident response procedures

Security Limitations:

  • No system is 100% secure

  • We cannot guarantee absolute security or prevent all unauthorized access

  • You must notify us immediately at security@shortlistd.io if you suspect a security incident

Your Responsibilities:

  • Maintain strong passwords and protect your credentials

  • Use two-factor authentication if available

  • Monitor your account for suspicious activity

  • Comply with reasonable security instructions we provide

  • Secure your connected Gmail/LinkedIn/WhatsApp accounts

10.3 Data Location and Transfers

Primary Location: Our Services are hosted in the United States, and your data will be stored and processed there.

International Transfers: If you are located outside the United States:

  • Your data will be transferred to and processed in the U.S.

  • We implement appropriate safeguards (Standard Contractual Clauses, etc.)

  • You consent to such transfer by using our Services

  • Specific transfer mechanisms are detailed in our Joint Controller Agreement

11. Disclaimers and Limitations of Liability

11.1 Service Disclaimers

AS-IS BASIS: THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:

  • Warranties of merchantability, fitness for a particular purpose, or non-infringement

  • Warranties regarding availability, reliability, or timeliness

  • Warranties regarding accuracy, completeness, or quality of data

SPECIFIC DISCLAIMERS:

Hiring Decisions: We provide tools and information only. You are solely responsible for all hiring decisions, candidate evaluations, and employment-related actions.

Data Accuracy: We do not warrant that data obtained through our Services is accurate, complete, or current.

Compliance: While we design our Services to support compliance, we do not guarantee that use of our Services will ensure compliance with all applicable laws.

Third-Party Data: We are not responsible for the accuracy or legality of data provided by third-party sources.

Platform Risk: Outreach execution via Gmail/LinkedIn/WhatsApp may violate platform terms of service. We are not responsible for account suspensions or terminations.

11.2 Limitation of Liability

MAXIMUM LIABILITY: TO THE FULLEST EXTENT PERMITTED BY LAW, SHORTLISTD'S TOTAL LIABILITY TO YOU FOR ANY CLAIMS ARISING FROM OR RELATED TO THESE TERMS OR THE SERVICES SHALL NOT EXCEED THE GREATER OF:

  • The amount you paid us in the 6 months preceding the claim, OR

  • $100 USD

EXCLUDED DAMAGES: IN NO EVENT SHALL SHORTLISTD BE LIABLE FOR:

  • Indirect, incidental, special, consequential, or punitive damages

  • Lost profits, revenue, data, or business opportunities

  • Cost of substitute services

  • Damages arising from reliance on data or recommendations

  • Damages arising from hiring decisions or employment-related claims

  • Damages arising from third-party platform enforcement actions (Gmail/LinkedIn/WhatsApp suspensions)

LIMITATIONS APPLY TO: These limitations apply regardless of the theory of liability (contract, tort, negligence, strict liability, or otherwise) and even if we have been advised of the possibility of such damages.

EXCEPTIONS: Some jurisdictions do not allow limitation of liability for certain damages, so these limitations may not apply to you.

11.3 Indemnification

Your Indemnity Obligation: You agree to defend, indemnify, and hold harmless Shortlistd, its affiliates, and their respective officers, directors, employees, and agents from and against any claims, damages, losses, liabilities, and expenses (including reasonable attorneys' fees) arising from or related to:

  • Your use of the Services

  • Your violation of these Terms or the Joint Controller Agreement

  • Your violation of any law or regulation

  • Your violation of any third-party rights (including candidate privacy rights)

  • Your hiring decisions or employment-related actions

  • Your failure to comply with data protection obligations

  • Content you upload or create using the Services

  • Your outreach communications to candidates

  • Violations of email/social platform terms of service

  • Your circumvention or solicitation of our data providers or service providers

Our Rights: We reserve the right to assume exclusive defense and control of any matter subject to indemnification, at your expense.

12. Dispute Resolution

12.1 Informal Resolution

Before filing any legal claim, you agree to first contact us at info@shortlistd.io and attempt to resolve the dispute informally for at least 30 days.

12.2 Binding Arbitration

Agreement to Arbitrate: Any dispute, claim, or controversy arising from or relating to these Terms or the Services that cannot be resolved informally shall be resolved by binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules.

Arbitration Procedures:

  • One arbitrator will be selected per AAA rules

  • The arbitration will be conducted in Delaware or remotely via videoconference

  • Each party bears its own costs and attorneys' fees unless the arbitrator awards them to the prevailing party

  • The arbitrator's decision will be final and binding

  • Judgment on the arbitration award may be entered in any court of competent jurisdiction

Class Action Waiver: You agree that disputes will be resolved on an individual basis only. You waive any right to participate in a class action, collective action, or representative proceeding.

Exceptions to Arbitration: Either party may bring a claim in court (without arbitration) for:

  • Intellectual property disputes (trademark, copyright, patent, trade secret)

  • Theft, piracy, or unauthorized use of intellectual property

  • Requests for injunctive or equitable relief

12.3 Time Limitation

You must bring any claim within one (1) year after the claim arises, or it will be permanently barred.

12.4 Governing Law and Venue

Governing Law: These Terms are governed by the laws of the State of Delaware, USA, without regard to conflict of law principles.

Venue: For any disputes that are not subject to arbitration, the exclusive venue shall be the state or federal courts located in Delaware, and you consent to personal jurisdiction there.

13. General Terms

13.1 Changes to Terms

We may modify these Terms at any time by:

  • Posting updated Terms on our website

  • Updating the "Last Updated" date

  • Providing notice via email or the Services (for material changes)

Your Options:

  • Continued use of the Services after changes constitutes acceptance

  • If you don't agree to changes, you must stop using the Services and terminate your account

13.2 Electronic Communications

Consent: By using our Services, you consent to receive communications from us electronically via:

  • Email to your registered email address

  • Notices posted on the Services

  • In-app messages or notifications

Legal Effect: Electronic communications satisfy any legal requirement that communications be in writing.

13.3 Entire Agreement

These Terms, together with our Privacy Policy, Joint Controller Agreement, and any other incorporated agreements, constitute the entire agreement between you and Shortlistd regarding the Services and supersede all prior agreements.

13.4 Severability

If any provision of these Terms is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary, and the remaining provisions will remain in full force and effect.

13.5 No Waiver

Our failure to enforce any right or provision of these Terms will not be deemed a waiver of such right or provision.

13.6 Assignment

You may not assign or transfer these Terms or your account without our prior written consent. We may assign these Terms without restriction.

13.7 Force Majeure

We are not liable for any failure or delay in performing our obligations due to circumstances beyond our reasonable control.

13.8 Relationship

These Terms do not create any partnership, joint venture, employment, or agency relationship between you and Shortlistd.

13.9 Non-Circumvention

You agree not to contact, solicit, or attempt to work directly with our data providers, service providers, or other vendors during the term of these Terms and for 24 months after termination. This includes attempting to obtain the same services directly or encouraging our vendors to work with you instead of through Shortlistd.

14. Contact Information

For General Questions:
Shortlistd, Inc.
221 W 9th St
Wilmington, DE 19801
Email: info@shortlistd.io

For Privacy or Data Protection Questions:
Email: privacy@shortlistd.io
Subject Line: "Privacy Request"

For Legal or Compliance Questions:
Email: info@shortlistd.io
Subject Line: "Legal/Compliance"

For Security Issues: Email: security@shortlistd.io Subject Line: "Security Incident"

Acknowledgment

By using the Services, you acknowledge that:

  • You have read and understood these Terms

  • You agree to be bound by these Terms

  • You have the authority to enter into these Terms on behalf of your organization (if applicable)

  • You will comply with all applicable laws and regulations in your use of the Services

  • You understand that for outreach executed via the platform, you and Shortlistd are joint controllers with shared compliance responsibilities

IMPORTANT NOTE FOR CLIENTS USING CANDIDATE SOURCING:

If you will be using Shortlistd to source, enrich, or contact candidates, you MUST:

  1. Accept our Joint Controller Agreement (required before accessing candidate features)

  2. Document your lawful basis for processing (typically legitimate interest in recruitment)

  3. Include transparency language in your communications or use our provided footer

  4. Honor candidate opt-out requests immediately

For questions about compliance: Contact privacy@shortlistd.io

End of Terms of Service