Privacy Policy
Last updated: May 21, 2026
Talin Privacy Policy
This Privacy Policy describes how Talin Technologies Inc. ("Talin," "we," "us," or "our") collects, uses, shares, and protects personal information. It applies to the Talin SaaS Platform at talin.ai and app.talin.ai (the "Platform"), our marketing website, and related communications.
If you are using the Platform as a paying customer or account holder, your use is also governed by our Customer Terms at https://www.talin.ai/Terms-and-Conditions, which describe contractual rights and obligations between you and Talin. This Privacy Policy explains how we handle personal information; the Customer Terms govern data ownership, AI training rights, and other contractual matters.
We are based in Toronto, Ontario, Canada. We are subject to Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), and where applicable to particular individuals, to the EU and UK General Data Protection Regulation (GDPR) and U.S. state privacy laws including the California Consumer Privacy Act (CCPA/CPRA).
1. Who this policy is about
This policy describes how we handle personal information about three categories of individuals:
Customer users — the individual recruiters, sales reps, and other professionals who hold a Talin account and use the Platform on behalf of a Talin customer.
Third-party data subjects — candidates, hiring managers, prospects, and other individuals whose information is uploaded to or generated through the Platform by Customer users. Talin processes this information on behalf of and at the direction of the Customer.
Website visitors — visitors to talin.ai who are not Customer users.
For third-party data subjects: the recruiter or company using Talin is the data controller of your information and is responsible for the lawful basis of that processing. Talin acts as a service provider/processor. If you are a candidate or hiring manager and want to exercise rights over your information, contact the recruiter or company that uploaded your information, or use the contact details in Section 12 below and we will route your request.
2. Information we collect
Account and contact information. When a Customer user creates an account, we collect name, email address, phone number, company affiliation, job title, profile photo (if provided), and authentication credentials.
Customer Data. When Customer users use the Platform, we receive and process content they upload or generate, including candidate names, resumes, contact details (email and phone), employment history, hiring manager contact information, outreach copy, notes, and platform configuration data. This is "Customer Data" as defined in our Customer Terms.
Usage and device information. We automatically collect log data when you use the Platform, including IP address, browser type, device type, operating system, pages visited, features used, the date and time of activity, referring URL, and similar diagnostic data.
Cookies and similar technologies. We use cookies, local storage, and similar technologies on our website and in the Platform for authentication, preferences, security, analytics, and product improvement.
Communications. When you email us, chat with our support, or otherwise communicate with us, we retain those communications and your contact details.
Inferences. We generate inferences from the above — for example, candidate-to-job match scores, recommended outreach copy, and engagement predictions.
We do not knowingly collect information from anyone under 18.
3. How we use information
We use personal information to:
Provide and operate the Platform — authenticate users, deliver Platform features, run candidate sourcing and outreach workflows, integrate with third-party tools (ATSs, CRMs, email providers), and support Customer users.
Train and improve our AI models. We use Customer Data, including personal information of candidates and hiring managers contained in Customer Data, to develop, train, evaluate, fine-tune, test, and improve Talin's artificial intelligence and machine learning models that power the Platform. This includes the right to retain Customer Data in training datasets and in resulting trained models for the lifecycle of those models, including after a Customer's subscription has ended. We use commercially reasonable technical measures designed to prevent our AI models from reproducing identifiable personal information from one customer's data in outputs delivered to other customers.
Generate aggregated and de-identified insights — for benchmarking, product analytics, marketing, and public reporting, provided such insights do not identify any individual.
Communicate with you — about your account, transactions, product updates, security alerts, and (with your consent or where permitted) marketing.
Maintain security and prevent abuse — detect, investigate, and prevent fraud, security incidents, and violations of our Customer Terms or Acceptable Use Policy.
Comply with legal obligations — respond to lawful requests, enforce our agreements, and exercise or defend legal claims.
Lawful bases (GDPR/UK GDPR). Where GDPR or UK GDPR applies, we rely on the following lawful bases:
Contract performance — to provide the Platform to Customer users and the Customer that employs them.
Legitimate interests — to operate and improve the Platform, train AI models, secure the Platform, prevent abuse, and grow our business. We have assessed these legitimate interests against the rights and freedoms of the individuals concerned.
Consent — where required, including for certain marketing communications.
Legal obligation — to comply with applicable law.
For third-party data subjects whose information is uploaded by a Customer user, the Customer is responsible for establishing the lawful basis for collection and disclosure to Talin.
4. We do not sell your personal information
Talin does not sell, rent, or lease personal information. We do not share personal information with third parties for those third parties' own independent advertising, marketing, or AI-model-training purposes.
For purposes of California law: in the prior twelve (12) months, Talin has not "sold" Personal Information and has not "shared" Personal Information for cross-context behavioral advertising as those terms are defined under CCPA/CPRA.
For clarity, our use of service providers and subprocessors to process personal information on our behalf (see Section 5) is not a sale.
5. How we share information
We share personal information only as described below.
Service providers and subprocessors. We share personal information with third parties that perform services on our behalf under written contract, including:
Cloud infrastructure and hosting providers (e.g., AWS, Google Cloud).
AI model-training and inference providers (e.g., providers of foundation model APIs and training infrastructure).
Email and communications providers used to send outreach on behalf of Customer users.
Data enrichment providers used to verify or supplement contact information at the direction of Customer users.
Analytics, error monitoring, and customer support tools.
Payment processors (for Customer billing only).
These service providers are contractually required to process personal information only for the purposes we direct and consistent with this Privacy Policy.
Within a Customer's account. Personal information uploaded by a Customer user may be visible to other authorized users of that same Customer account, including the Customer's administrators.
Legal disclosures. We may disclose personal information when required by law, subpoena, court order, or other governmental request, or where we believe disclosure is necessary to investigate fraud or security incidents, protect our or others' rights, or enforce our agreements.
Business transfers. If Talin is involved in a merger, acquisition, financing, or sale of assets, personal information may be transferred as part of that transaction, subject to the receiving party's continued compliance with this Privacy Policy.
With your consent or at your direction. We share personal information in other ways where you authorize us to do so.
6. International data transfers
Talin is based in Canada. We host Customer Data in Canada and the United States. By using the Platform, you understand that your personal information may be transferred to, processed, and stored in Canada and the United States, and to our service providers located in those countries.
For transfers of personal information out of the EEA or UK, we rely on appropriate safeguards including Standard Contractual Clauses (SCCs) and the UK addendum where applicable.
7. Data retention
We retain personal information for as long as necessary to provide the Platform, comply with legal obligations, resolve disputes, and enforce our agreements.
Customer Data. While a Customer's subscription is active, Customer Data is retained for the duration of the subscription and is available for export for thirty (30) days after termination, after which Talin may delete it (subject to the survival of AI training rights described in our Customer Terms — once Customer Data has been incorporated into trained models or used to generate aggregated/de-identified data, those models and that derived data persist).
Account information. Retained for the duration of the account and for a reasonable period thereafter for legal, audit, and business purposes.
Logs and usage data. Retained for security and operational purposes, typically for 12 to 24 months.
Marketing contacts. Retained until you unsubscribe or otherwise object.
8. Your privacy rights
Depending on where you live, you may have the following rights with respect to your personal information:
Access — request a copy of the personal information we hold about you.
Correction — request correction of inaccurate or incomplete information.
Deletion — request deletion of personal information, subject to exceptions (including our retention of information in trained AI models and in aggregated or de-identified form).
Portability — request a copy of certain information in a structured, machine-readable format.
Objection or restriction — object to or restrict certain processing.
Withdraw consent — where we rely on consent, withdraw it at any time. Withdrawal does not affect the lawfulness of prior processing.
Non-discrimination (California) — exercise your CCPA rights without receiving discriminatory treatment.
Authorized agent (California) — designate an authorized agent to make requests on your behalf.
If you are a Customer user, you can exercise many of these rights through your account settings or by contacting us. If you are a candidate, hiring manager, or other third-party data subject, the Customer that uploaded your information is the data controller for that information — you should contact them first. You can also contact us using the details in Section 12 and we will route your request to the appropriate Customer or, where Talin has independent obligations, handle it directly.
We will respond to verifiable requests within the timelines required by applicable law (typically 30 to 45 days). We may need to verify your identity before fulfilling certain requests.
9. Cookies and tracking
We use cookies and similar technologies for authentication, preferences, security, analytics, and product improvement. The categories include:
Strictly necessary cookies — required for the Platform to function (e.g., session, authentication).
Functional cookies — remember preferences.
Analytics cookies — measure how the Platform is used (e.g., Google Tag Manager).
Marketing cookies — used on our marketing site to measure ad effectiveness.
You can control non-essential cookies through your browser settings or our cookie banner where applicable. Disabling certain cookies may degrade Platform functionality.
We currently do not respond to "Do Not Track" browser signals, but we honor opt-out signals where required by law (including the Global Privacy Control where applicable under CCPA).
10. Security
We maintain commercially reasonable administrative, technical, and physical safeguards designed to protect personal information. These include encryption in transit, access controls, logging, regular security reviews, and contractual obligations on our service providers.
No system is perfectly secure. In the event of a confirmed security incident affecting Customer Data, we notify affected Customers without undue delay and in any event within 72 hours of discovery, in accordance with our Customer Terms.
11. Updates to this Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date above. For material changes, we will provide additional notice (such as by email to Customer users or a prominent notice in the Platform). Your continued use of the Platform after an update constitutes acceptance of the updated Policy, except where applicable law requires affirmative consent.
12. Contact us
For questions about this Privacy Policy or to exercise your privacy rights:
Talin Technologies Inc. 10 Dundas St. East, 6th Floor Toronto, ON M5B 2G9, Canada Email: julian@talin.ai
For European Economic Area / United Kingdom residents: If you are not satisfied with how we have handled your personal information, you have the right to lodge a complaint with your local data protection authority. In Canada, you may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.
