Data Processing
Data Processing
04/07/2026
04/07/2026
1. Purpose
This Agreement governs the processing of personal data by Hier on behalf of the Controller in connection with the use of the Hier platform.
2. Roles of the Parties
The Controller (business user) determines the purposes and means of processing candidate data
Hier acts as a Data Processor, processing personal data on behalf of the Controller
3. Nature and Purpose of Processing
Hier processes personal data to:
Provide recruitment and hiring functionality
Store and display candidate profiles and CVs
Enable communication between candidates and businesses
Support application tracking and onboarding
4. Categories of Data Subjects
Job applicants (candidates)
Business users (recruiters/employees of the Controller)
5. Types of Personal Data
Personal data processed may include:
Name, email, phone number
CVs and employment history
Profile data and preferences
Messages and communications
Application and hiring data
Uploaded documents (including onboarding materials where applicable)
6. Processor Obligations (Hier)
Hier shall:
Process personal data only on documented instructions from the Controller
Ensure all personnel are subject to confidentiality obligations
Implement appropriate technical and organisational security measures
Assist the Controller in responding to data subject requests
Notify the Controller of any personal data breach without undue delay
Not sell or share personal data for unrelated purposes
7. Sub-processors
Hier may use trusted third-party providers to deliver the service, including:
Cloud storage and hosting providers
Payment processors such as Stripe
Hier will ensure:
Sub-processors are bound by appropriate data protection obligations
Adequate safeguards are in place
8. International Transfers
Where data is transferred outside the UK:
Appropriate safeguards (e.g. Standard Contractual Clauses) will be used
9. Security Measures
Hier implements appropriate safeguards, including:
Secure authentication (JWT-based systems)
Access controls and role-based permissions
Encryption in transit where applicable
Monitoring for unauthorised access
10. Data Subject Rights
Hier will assist the Controller in responding to:
Access requests
Rectification requests
Erasure requests
Objections to processing
11. Data Retention & Deletion
Upon termination of services:
Personal data will be deleted or anonymised unless retention is required by law
Controllers may request deletion of data at any time
12. Audit Rights
The Controller may request reasonable information to verify compliance with this Agreement.
13. Liability
Each party is responsible for its own compliance with applicable data protection laws.
14. Governing Law
This Agreement is governed by the laws of England and Wales.
15. Contact
1. Purpose
This Agreement governs the processing of personal data by Hier on behalf of the Controller in connection with the use of the Hier platform.
2. Roles of the Parties
The Controller (business user) determines the purposes and means of processing candidate data
Hier acts as a Data Processor, processing personal data on behalf of the Controller
3. Nature and Purpose of Processing
Hier processes personal data to:
Provide recruitment and hiring functionality
Store and display candidate profiles and CVs
Enable communication between candidates and businesses
Support application tracking and onboarding
4. Categories of Data Subjects
Job applicants (candidates)
Business users (recruiters/employees of the Controller)
5. Types of Personal Data
Personal data processed may include:
Name, email, phone number
CVs and employment history
Profile data and preferences
Messages and communications
Application and hiring data
Uploaded documents (including onboarding materials where applicable)
6. Processor Obligations (Hier)
Hier shall:
Process personal data only on documented instructions from the Controller
Ensure all personnel are subject to confidentiality obligations
Implement appropriate technical and organisational security measures
Assist the Controller in responding to data subject requests
Notify the Controller of any personal data breach without undue delay
Not sell or share personal data for unrelated purposes
7. Sub-processors
Hier may use trusted third-party providers to deliver the service, including:
Cloud storage and hosting providers
Payment processors such as Stripe
Hier will ensure:
Sub-processors are bound by appropriate data protection obligations
Adequate safeguards are in place
8. International Transfers
Where data is transferred outside the UK:
Appropriate safeguards (e.g. Standard Contractual Clauses) will be used
9. Security Measures
Hier implements appropriate safeguards, including:
Secure authentication (JWT-based systems)
Access controls and role-based permissions
Encryption in transit where applicable
Monitoring for unauthorised access
10. Data Subject Rights
Hier will assist the Controller in responding to:
Access requests
Rectification requests
Erasure requests
Objections to processing
11. Data Retention & Deletion
Upon termination of services:
Personal data will be deleted or anonymised unless retention is required by law
Controllers may request deletion of data at any time
12. Audit Rights
The Controller may request reasonable information to verify compliance with this Agreement.
13. Liability
Each party is responsible for its own compliance with applicable data protection laws.
14. Governing Law
This Agreement is governed by the laws of England and Wales.
15. Contact