Privacy Policy

How we protect your personal data

Last updated: 2026-01-16

1. Data Controller

The controller of your personal data is:

Open HR SASU

60 rue François Ier

75008 Paris, France

RCS Paris B 994 927 242

Email: privacy@open-hr.fr

2. Data We Collect

We collect the following categories of data:

  • Identity Data: Name, date of birth, ID document during verification.
  • Contact Data: Email address, phone number, postal address.
  • Professional Data: Employment history, skills, reference evaluations.
  • Account Data: Login ID, encrypted password, preferences.
  • Technical Data: IP address, browser type, login logs.

3. Legal Basis for Processing

We process your data on the following legal bases:

  • Contract Performance: To provide our reference verification services.
  • Consent: For marketing communications (withdrawable at any time).
  • Legitimate Interest: Platform security, fraud prevention.
  • Legal Obligation: Accounting and tax data retention.

4. How We Use Your Data

We use your data to:

  • Create and manage your account
  • Verify your identity through our certified partner
  • Collect and aggregate evaluations from your references
  • Generate your professional reference score
  • Share your verified information with authorised employers
  • Send you important notifications
  • Improve security and prevent fraud

5. Data Sharing

❌ We never sell your personal data.

We share your data only in the following cases:

  • Authorised Employers: Only with your explicit consent.
  • Verification Partners: IDnow for identity verification.
  • Technical Providers: Hosting, payments (contractually bound to protect your data).
  • Authorities: If required by law.

6. Data Retention

We retain your data for the following periods:

Data TypeDuration
Account dataWhile account is active
Professional referencesWhile account is active
Billing data10 years (legal requirement)
Security logs1 year

7. Your GDPR Rights

Under the GDPR and UK DPA 2018, you have the following rights:

  • Access: Know what data we hold about you.
  • Rectification: Correct inaccurate data.
  • Erasure: Request deletion of your data.
  • Portability: Receive your data in a machine-readable format.
  • Object: Object to certain processing.
  • Restriction: Limit processing in certain cases.

How to Exercise Your Rights

Send your request to privacy@open-hr.fr with a copy of ID. We respond within 30 days.

8. Data Security

We implement appropriate security measures:

  • Encryption: Sensitive data encrypted at rest (CSFLE) and in transit (TLS 1.3).
  • Identity Verification: Via IDnow, certified eIDAS and KYC/AML compliant.
  • Access Control: Limited, authenticated and logged access.
  • Secure Hosting: Certified cloud infrastructure with backups.

9. International Transfers

Your data is hosted within the European Union.

Any transfer outside the EU/UK is governed by adequacy decisions, standard contractual clauses (SCCs), or the EU-US Data Privacy Framework (DPF).

10. Contact & Complaints

For any questions about your personal data:

Email: privacy@open-hr.fr

Supervisory Authority:

ICO - Information Commissioner's Office (UK) or CNIL (France)

https://ico.org.uk

Privacy Policy | Open HR