Privacy Policy — TermDoc

Last updated: April 2026

TermDoc ("we", "us") operates the TD-CRM recruitment platform. This policy explains how we collect, use, and protect personal data in compliance with GDPR (EU 2016/679).

1. Data We Collect

• Candidates: Name, contact details (Telegram, email, phone), professional skills, salary expectations, work experience, city, work format preference.
• Clients (Employers): Company name, contact person, email, phone, Telegram.
• Vacancy Data: Job descriptions, requirements, salary budgets from public Telegram channels and job boards.

2. Legal Basis

• Legitimate interest (Art. 6(1)(f) GDPR) — processing publicly available vacancy data for job matching.
• Consent (Art. 6(1)(a)) — for candidate profiles submitted directly.
• Contract performance (Art. 6(1)(b)) — for clients using our recruitment services.

3. Data Sources

We parse publicly available IT vacancy posts from Telegram channels and public job boards (HeadHunter, Habr Career, RemoteOK, etc.). We do not access private messages or closed groups.

4. Data Retention

• Vacancy data: 12 months, then anonymized.
• Candidate data: Until withdrawal of consent or 24 months of inactivity.
• Client data: Duration of business relationship + 12 months.

5. Your Rights (GDPR Art. 15-22)

You have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data ("right to be forgotten")
• Restrict processing
• Data portability
• Object to processing

To exercise these rights, contact: privacy@termdoc.com

6. Data Security

We implement: encrypted database connections (TLS), encrypted backups (AES-256), access control, audit logging, session security (HttpOnly, Secure, SameSite cookies), and regular security reviews.

7. Data Processor

Hosting: Hostkey B.V. (Netherlands/Russia). Data is stored on servers in the EU jurisdiction.

8. Contact

Data Controller: TermDoc
Email: privacy@termdoc.com