Privacy Policy

This Privacy Policy describes how the platform ("we", "us", "our") collects, uses, stores, and shares personal data when you use our freelancer marketplace. It applies to hirers, freelancers, and any visitor to the platform.

We are the data controller for the personal data described in this policy. Our contact details are available in your account dashboard.

The table below sets out the categories of personal data we collect, with examples and the purpose for each.

We collect this data directly from you (when you register, build a profile, or post a job), automatically as you use the platform (usage data), and from third-party services — primarily Stripe — for payment and identity verification purposes.

We process your personal data on the following legal bases under applicable data protection law:

• Contract: processing your account data, profile data, job data, and payment data is necessary to provide the service you've signed up for.
• Legal obligation: identity verification data is processed to comply with Stripe's KYC requirements and applicable financial regulations.
• Legitimate interests: usage data and communications are processed to improve the platform, prevent fraud, and resolve disputes — in each case balanced against your privacy interests.
• Consent: where we send you optional marketing communications, we rely on your consent, which you may withdraw at any time.

Our AI matching system processes freelancer profile data — specifically category, tags, ratings, completed session count, and portfolio breadth — to score and rank freelancers against posted jobs. This scoring is fully automated and determines which freelancers appear in a hirer's shortlist of up to 5 candidates.

We do not use your personal data to serve third-party advertising, and your profile data is never sold to external parties.

Under applicable data protection law, you may have the right to request human review of any automated decision that significantly affects you. To exercise this right, contact us using the details in your account dashboard.

All payment processing — including escrow funding, payout releases, and identity verification — is handled by Stripe. When you connect a Stripe account or enter payment details, that information is collected directly by Stripe and governed by Stripe's Privacy Policy, not ours.

We receive from Stripe only the data we need to operate the escrow and payout flow: customer IDs, account IDs, verification status, and transaction status. We do not store card numbers, bank account numbers, or government ID documents on our own systems.

Freelancers undergoing Stripe's identity verification process consent to Stripe's collection and processing of identity documents as part of their onboarding. Stripe is an independent data controller for that data.

We share personal data only in the following circumstances:

• With hirers: when you are surfaced as a match, your public profile (bio, tags, ratings, portfolio, completed sessions) is visible to the hirer who posted the job.
• With freelancers: when a hirer sends a connection, the job title, description, budget, and hirer's display name are shared with the matched freelancer.
• With Stripe: payment data, identity data, and transaction status are shared with Stripe as our payment processor.
• With our infrastructure providers: we use third-party cloud hosting and analytics services. These providers act as data processors under contracts that restrict their use of your data.
• For legal compliance: we may disclose your data to law enforcement, regulators, or courts where required by applicable law or to protect the rights, property, or safety of the platform, our users, or the public.
• In a business transfer: if the platform is acquired, merged, or its assets transferred, your data may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.

We do not sell your personal data to any third party. We do not share your data with advertisers.

Certain freelancer profile information is publicly visible on the platform: your display name, profile photo, bio, category, tags, ratings, and completed session count. This data is visible to any logged-in hirer, not just those you have been matched with.

Hirer profiles are not publicly displayed. A hirer's display name is shared only with freelancers they have been connected with.

We retain your personal data for as long as your account is active and for a reasonable period afterwards, as follows:

• Account and profile data: retained for the duration of your account, plus 2 years after closure to handle any outstanding disputes or legal claims.
• Job and communication data (including job thread messages): retained for 3 years after the job is closed, for dispute resolution and legal compliance purposes.
• Payment and transaction data: retained for 7 years to comply with financial record-keeping obligations.
• Usage data: retained for 13 months in aggregate analytics form; raw logs are deleted after 90 days.
• Identity verification data: held by Stripe subject to their retention policies. We do not hold copies of your identity documents.

When retention periods expire, data is securely deleted or irreversibly anonymised.

We use industry-standard technical and organisational measures to protect your personal data, including encryption in transit (TLS), encryption at rest for sensitive fields, access controls restricting data access to authorised personnel, and regular security reviews.

No system is completely secure. If you believe your account has been compromised, contact us immediately using the support details in your dashboard.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and any relevant supervisory authority as required by applicable law.

Our platform serves hirers and freelancers globally. Your data may be transferred to and processed in countries outside your own, including countries that may not have data protection laws equivalent to those in your jurisdiction.

Where we transfer personal data from the UK or European Economic Area to third countries, we do so using appropriate safeguards — including standard contractual clauses approved by the relevant supervisory authority — or we rely on an adequacy decision.

Stripe may transfer your payment and identity data internationally as part of their global payment infrastructure, subject to Stripe's own transfer mechanisms and Privacy Policy.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Rectification: request that we correct inaccurate or incomplete data.
• Erasure: request that we delete your personal data, subject to our legal retention obligations.
• Restriction: request that we restrict our processing of your data in certain circumstances.
• Portability: receive your data in a structured, commonly used, machine-readable format.
• Objection: object to processing based on legitimate interests, including profiling used for AI matching.
• Automated decision-making: request human review of any automated decision that significantly affects you (see Section 4).
• Withdraw consent: where we rely on consent, withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us using the support details in your account dashboard. We will respond within 30 days. We may need to verify your identity before processing your request.

If you are in the UK or EEA, you also have the right to lodge a complaint with your local data protection supervisory authority (in the UK: the Information Commissioner's Office).

We use cookies and similar technologies to keep you logged in, remember your preferences, and understand how the platform is used. We do not use third-party advertising cookies.

• Essential cookies: required for the platform to function (authentication, session management). These cannot be disabled.
• Analytics cookies: help us understand usage patterns and improve the product. You can opt out via your browser settings or our cookie preferences panel.

We do not use fingerprinting, cross-site tracking, or any form of behavioural advertising technology.

The platform is not directed at or intended for use by anyone under the age of 18. We do not knowingly collect personal data from anyone under 18. If you believe a minor has created an account, please contact us and we will promptly close the account and delete the associated data.

We may update this Privacy Policy from time to time to reflect changes in our practices, the platform, or applicable law. When we make material changes, we will notify you by email and update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Continued use of the platform after any update constitutes your acceptance of the revised policy.

For any questions, requests, or concerns about this Privacy Policy or our data practices, contact us via the support address listed in your account dashboard. We aim to respond to all enquiries within 30 days.

If you are not satisfied with our response, you have the right to escalate your complaint to your national data protection supervisory authority.