Global Data Protection Regulation Compliance

What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). The GDPR aims primarily to give control back to citizens and residents over their data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The regulation has been in effect since May 25, 2018.

Introduction & Scope

At Jobma, we’re committed to protecting your personal information. We process personal data responsibly, securely, and in accordance with applicable privacy and data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Equal Employment Opportunity Commission (EEOC) guidelines, the Americans with Disabilities Act (ADA), New York City Automated Employment Decision Tools Law (AEDT), and the Illinois Artificial Intelligence Video Interview Act (AIVIA).

This statement applies to individuals located in the European Union (EU) and European Economic Area (EEA) whose personal data we process, whether they are candidates, employers, recruiters, or other users interacting with Jobma’s platform, website, and services.

Our Commitment to GDPR

As per the General Data Protection Regulation (GDPR), Jobma primarily operates as the processor - this means that we act on behalf of our customers, typically employers, and process data based on their instructions. Our customers are the controllers of the personal data that we handle. We do not collect or process sensitive or special categories of data through our services, for example, information related to health, political opinions, religious beliefs, etc.

What Personal Data We Collect

We collect different categories of personal data depending on your interaction with Jobma.

These categories include:

• Identity & Contact Data: Name, email address, phone number, company name, job title, account credentials.
• Interview Data: Video recordings, audio, text responses, metadata associated with interviews (timestamps, device used, duration).
• Technical & Usage Data: IP address, device type, browser type, operating system, access logs, usage patterns (e.g., pages visited, session duration).
• Communication Data: Records of demo and pricing requests, support requests, feedback forms, and correspondence between you and Jobma.
• Marketing & Preference Data: Preferences regarding communications, subscription to newsletters, or promotional activities.
• Survey & Feedback Data: Optional survey responses you provide about our interviewing services.

We do not intentionally collect “special categories” of personal data (e.g., race, ethnicity, religious beliefs) unless you provide that data voluntarily and only when necessary for legitimate recruitment-related purposes.

We store data in secure data servers (in partnership with Google Cloud) in Iowa (US-Central1, United States). Retention is a minimum of one year or longer if required under law or for legitimate business purposes.

Legal Basis & Purpose of Processing

Legal Basis

We process your personal data under one or more of the following legal bases:

• Contract Performance: To fulfil our contractual obligations when you or your employer engages Jobma’s services.
• Legitimate Interest: To improve platform performance, detect and prevent fraud, maintain security, and support business operations, ensuring that such interests do not override your rights or freedoms.
• Consent: Where you have given explicit permission (e.g., for marketing communications or non-essential cookies).
• Legal Obligation: To comply with applicable laws, regulations, or lawful requests from authorities.

Purposes of Processing

Your personal data is processed for the following purposes:

• Enabling registration, secure account creation, and access to Jobma’s services.
• Facilitating video and live interviews, including hosting, recording, storing, transmitting, and sharing of interview data with employer clients.
• Communicating with you, providing customer support, service notifications, and updates.
• Performing analytics, auditing, performance optimization, product improvement, and platform maintenance.
• Ensuring compliance with legal and regulatory requirements, including anti-fraud and security monitoring.
• Conducting marketing and promotional activities (subject to your voluntary consent), with the option to withdraw at any time.

Recipients & Third-Parties

In connection with the purposes above, Jobma may share your personal data with:

• Employer clients who request and receive candidate interview data and related information.
• Integration partners such as applicant tracking systems (ATS), HR platforms, and other software that connect to Jobma.
• Payment processors for subscription or service billing.
• Cloud hosting and backup providers that host or store data on Jobma’s behalf.
• Analytics and communication service providers that support monitoring, email communications, and user interaction analytics.

Jobma does not control or manage these external websites or services and is not responsible for their privacy practices. We strongly encourage users to review the privacy policies of these third parties to understand how they collect, use, and safeguard your information before engaging with their services.

Rights of Data Subjects

Under the General Data Protection Regulation (GDPR), individuals have the following rights designed to give them greater control over their personal data:

To exercise your rights, please contact privacy@jobma.com. We will take reasonable steps to verify your identity before fulfilling requests and respond as required by law. For marketing emails, you can unsubscribe instantly using the link provided in the footer of the email.

Cookies

Jobma uses cookies to collect non-identifiable technical and usage data that help improve platform performance and user experience. Cookies may include:

• Necessary Cookies: Required for core website functionality, such as secure login, account authentication, and navigation. These cookies enable essential services and cannot be disabled.
• Analytical Cookies: Collect aggregated, anonymized data about how users interact with the platform (e.g., page visits, session duration, and error diagnostics). This helps Jobma analyze performance, identify issues, and optimize system reliability.
• Preference Cookies: Store user preferences (such as language, region, or display settings) and remember user choices, including role-based settings for candidates or employers.
• Advertising Cookies: Used to deliver relevant marketing content, measure campaign effectiveness, and understand engagement across Jobma’s and our partners’ digital channels. These may involve limited data sharing with Jobma’s marketing and integration partners.

The information collected through cookies may include:

• Login and session identifiers to maintain authentication
• Browser type, device model, and operating system details
• IP address and approximate geolocation
• Usage patterns, such as pages visited or actions performed
• Preferences related to account type, language, or display settings

For any cookies beyond the strictly necessary, Jobma obtains explicit, informed consent before placing them on your device. This consent is freely given, specific, unambiguous, and based on a clear affirmative action (e.g., clicking “Accept All”). You are provided with an option to accept all, reject all, or select specific cookie categories.

Users can manage or disable cookies through their browser settings at any time. However, please note that disabling certain cookies may impact platform functionality, limit access to specific features, or reduce overall site performance.

Security Measures

Jobma implements robust technical, organizational, and administrative safeguards designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. To ensure security, we enable end-to-end encryption for video interviews, granular permission settings for different user types, and multifactor authentication. We also conduct regular audits of our security procedures to validate their effectiveness.

Changes to This Statement

Jobma reserves the right to update this GDPR Compliance Statement in response to changes in regulation, business operations, or technology. Continued use of our services following publication of changes constitutes your acknowledgement of the revised statement.