Hiered
🚧 Hiered is in beta

Privacy Policy

Last updated June 5, 2026

1. Overview

Hiered (“we,” “us,” or “our”) operates the Hiered platform at hiered.net — a service connecting students, campus organizations, and recruiters. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using Hiered, you agree to the practices described here.

Hiered is currently in beta. As we build out the platform, data practices may evolve. We will update this policy and notify users of material changes.

2. Information we collect

Information you provide

  • Account details: name, email address, username, and password (hashed — never stored in plaintext)
  • Profile information: biography, LinkedIn URL, resume, avatar, employment details, and organization affiliations
  • Organization data: name, description, school affiliation, website, member roster, hierarchy charts, succession plans, and alumni spotlights
  • Recruiter data: company name, company URL, work email, and affiliated organizations
  • Content you post: event listings, private recruiter notes, and other user-generated content
  • Payment information: processed directly by Stripe — we never see or store your card number

Information collected automatically

  • Page views and feature usage (used for analytics and the org admin dashboard)
  • IP address and browser type (collected by our hosting infrastructure)
  • Cookies and session tokens managed by Supabase Auth

3. How we use your information

  • To operate the platform: authentication, profile display, search, and event management
  • To process payments via Stripe and manage subscription status
  • To send transactional emails (event reminders, warnings, receipts) via Resend
  • To power candidate search and matching across roles and organizations
  • To display analytics to organization admins about their own org's page views and RSVP counts
  • To review reports of harmful content and enforce our Terms of Service

4. Data sharing

We do not sell your personal data. We share information only with:

  • Supabase — database, authentication, and file storage (EU/US infrastructure)
  • Stripe — payment processing. Governed by Stripe's Privacy Policy
  • Resend — transactional email delivery
  • Vercel — hosting and edge infrastructure
  • Cloudflare — DDoS protection and DNS (request metadata only)
  • Law enforcement when required by a valid legal process

5. Public vs. private data

Profile pages, organization pages, and event listings marked public are visible to anyone on the internet, including search engines. Data you mark as private (resume visibility set to “Recruiters only” or “Hidden”, private recruiter profiles, private organizations) is restricted accordingly. You control visibility settings in your account settings.

6. Data retention

We retain your data for as long as your account is active. You may delete your account at any time by contacting us at privacy@hiered.net. Upon deletion, your profile and associated content are removed within 30 days. Stripe retains billing records according to their own retention policy.

7. Security

All data is transmitted over HTTPS. Passwords are hashed by Supabase Auth and never stored in plaintext. Our service role database key is server-side only and never exposed to client code. We apply row-level security policies on all user-facing tables. Despite these measures, no system is perfectly secure — use a strong, unique password.

8. Children's privacy

Hiered is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

9. Your rights

Depending on your location, you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, email privacy@hiered.net.

10. Changes to this policy

We may update this policy from time to time. We will notify users of material changes via a platform announcement or email. Continued use of Hiered after changes take effect constitutes acceptance of the updated policy.

11. Verification & badges

First draft — pending legal review before launch.

How email verification works

When you create a Hiered account or verify a secondary email address in settings, we send a one-time 6-digit code to prove you control that address. The code is hashed (SHA-256 with a random per-request salt) before being stored — we never retain the plaintext code. Codes expire after 10 minutes and are deleted immediately after a successful verification attempt.

The .edu verified badge

If the email address you verify ends in .edu, your profile automatically receives the verified badge. This badge signals that you have demonstrated control of a .edu email address. It does not guarantee current enrollment, graduation, or affiliation with any particular institution.

The recruiter verified badge

Recruiters who verify a work email address go through a manual admin review before the badge is granted. We confirm the email domain appears to belong to a legitimate company. The badge does not guarantee the recruiter's employment status, seniority, or the legitimacy of any specific job posting.

Data handling

Verified email addresses and badge status are stored in your profile. Verification codes (hashed) are deleted once used or expired. Verification review requests visible to Hiered admins are retained for audit purposes.

12. Contact

Questions about this policy? Email us at privacy@hiered.net.