Privacy Policy
Last updated: March 23, 2026
Your privacy is important to us. This policy explains how we collect, use, and protect your personal information.
Privacy at a Glance
We collect: Only necessary information
We protect: All data with standard security
We never sell: Your personal data
You control: Your information
1. Information We Collect
1.1 Information You Provide Directly
Account Information
- • Full name and email address
- • Phone number (optional)
- • Password (hashed and secured)
- • Profile photo (optional)
Professional Information
- • Resume and CV documents
- • Work experience and education
- • Skills and certifications
- • Job preferences and location
1.2 Information We Collect Automatically
Usage Data
Pages visited, time spent, search queriesDevice Information
Browser type, operating system, IP addressLocation Data
General location for job matching (with consent)1.3 Information from Third Parties
- Social media profile information (when you choose to connect accounts)
- Professional networking sites (LinkedIn, etc.) - with your permission
- Background check providers (for certain positions, with explicit consent)
- Employer feedback and references (when provided)
1.4 Employer, Staff, and Team Information
- Company profile details, including business name, logo, location, and contact information
- Recruitment team data, such as invited staff member names, work emails, and role permissions
- Hiring workflow data, including candidate screening notes, shortlist status, and interview coordination details
- Operational records related to employer account security, access logs, and administrative actions
2. How We Use Your Information
Core Services
- • Matching you with relevant job opportunities
- • Facilitating communication with employers
- • Managing your job applications
- • Providing personalized job recommendations
Platform Improvement
- • Analyzing usage patterns to improve features
- • Personalizing your experience
- • Sending relevant notifications and updates
- • Conducting user research and surveys
We Never Use Your Data For:
✗ Selling to third parties for profit
✗ Unrelated marketing campaigns
✗ Sharing without your consent
✗ Creating profiles for non-job purposes
2.1 Employer and Team Features
- Creating and managing employer company profiles and job postings
- Providing employer team access (including invited staff accounts) to support hiring collaboration
- Supporting recruitment workflows such as screening, shortlisting, and interview coordination
- Maintaining audit and security records to protect employer and candidate data
3. How We Share Your Information
3.1 With Your Consent
Job Applications
When you apply for jobs, we share your profile and resume with the specific employers you choose.
Public Profile
Information you choose to make public in your profile can be viewed by employers and recruiters.
3.2 Service Providers
We work with trusted third-party service providers who help us operate our platform:
Cloud Hosting
Secure data storage and processingEmail Services
Sending notifications and communicationsAnalytics
Understanding platform usage (anonymized)Payment Processing
Handling premium subscriptions securely3.3 Legal Requirements
We may disclose information when required by law, such as:
- Response to legal subpoenas or court orders
- Protection of our rights and property
- Prevention of fraud or illegal activities
- Protection of user safety and security
3.4 Sharing Within Employer Teams
Where employer team functionality is enabled, candidate and job-related information may be accessible to authorized users within the same employer organization for recruitment purposes.
- Access is limited to users with permissions assigned by the employer account owner or administrator
- Employer users are responsible for managing team membership and internal data handling practices
- We do not authorize use of candidate data outside legitimate recruitment and compliance purposes
4. Data Security and Protection
Our Security Commitment
We implement industry-standard security measures and Django's built-in security features to protect your personal information from unauthorized access, alteration, disclosure, or destruction.
Technical Safeguards
- HTTPS/TLS encryption for all data transmission
- Django's built-in password hashing (PBKDF2)
- CSRF protection on all forms and requests
- SQL injection prevention through Django ORM
- XSS protection with automatic escaping
- Secure session management
Administrative Safeguards
- Limited staff access on need-to-know basis
- Regular security updates and patches
- Django-allauth for secure authentication
- Secure file upload validation
- Regular backup procedures
- Security headers implementation
Django Security Features
Our platform leverages Django's comprehensive security framework:
- CSRF Protection: Prevents cross-site request forgery attacks
- SQL Injection Prevention: Through Django's ORM and parameterized queries
- XSS Protection: Automatic HTML escaping in templates
- Clickjacking Protection: X-Frame-Options header
- Secure Headers: HSTS, Content-Type-Options
- Session Security: Secure cookies and session protection
Data Breach Response
In the unlikely event of a data breach:
- We will assess and contain the incident as quickly as possible
- Affected users will be notified within 72 hours where required by law
- We will provide clear information about what data was involved
- Steps to protect yourself will be provided immediately
- We will work with relevant authorities as required
5. Your Privacy Rights and Controls
Access
View and download all personal data we have about you
Correct
Update or correct inaccurate personal information
Delete
Request deletion of your personal data
Additional Rights
- Portability: Export your data in a readable format
- Restrict Processing: Limit how we use your data
- Object: Opt out of certain data processing
- Withdraw Consent: Revoke previously given permissions
How to Exercise Your Rights
You can exercise these rights through:
- Your account settings and privacy dashboard
- Contacting our privacy team at [email protected]
- Using our online privacy request form
We will respond to your request within 30 days and verify your identity for security purposes.
6. Cookies and Tracking Technologies
Essential Cookies
Required for basic site functionality and security (CSRF tokens, sessions)Analytics Cookies
Help us understand how you use our site (with consent)Preference Cookies
Remember your settings and personalize experienceCookie Control: You can manage cookie preferences through your browser settings or our cookie preference center.
Note: Disabling essential cookies may affect site functionality and security features.
7. Data Retention
Active Accounts
- • Profile data: Retained while account is active
- • Job applications: 7 years for legal compliance
- • Messages: 3 years or until deleted by user
- • Usage logs: 2 years for security purposes
- • Employer team records (roles, invitations, audit events): Retained while employer account is active
Inactive/Deleted Accounts
- • Personal data: Deleted within 90 days
- • Anonymous analytics: May be retained
- • Legal records: As required by law
- • Backup systems: Purged within 12 months
- • Employer hiring workflow data: Archived or removed according to legal and contractual obligations
8. International Data Transfers
If you access our service from outside our primary jurisdiction, your information may be transferred to and processed in countries with different privacy laws. We ensure adequate protection through:
- Standard contractual clauses approved by relevant authorities
- Adequacy decisions recognizing equivalent protection
- Your explicit consent for specific transfers
- Certification under recognized privacy frameworks
9. Children's Privacy
Age Requirement
Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make changes:
- We will notify you via email and platform notification
- The updated policy will be posted on our website
- Material changes will include a 30-day notice period
- Your continued use constitutes acceptance of changes
11. Legal and Regulatory Compliance
We process personal data in line with applicable Zimbabwean legal requirements and internationally recognized data protection principles relevant to digital employment services.
- We apply purpose limitation, data minimization, and access control practices across candidate and employer workflows
- Employer account owners and employer staff must process candidate data lawfully, fairly, and only for legitimate recruitment purposes
- For international transfers, we use reasonable technical, contractual, and organizational safeguards
- Where local law provides stronger user rights, those rights continue to apply
This policy is a transparency notice and does not constitute legal advice.
12. Related Developer and API Policies
If you use our developer portal or API services, the following additional policies and terms also apply:
This privacy policy is effective as of the date listed above and applies to all information collected by Everyday Vacancies.