Privacy Policy

HQ.ai is operated by Rayner Consulting Group Pty Ltd trading as Humanistiqs (ABN to be supplied)("Humanistiqs", "we", "us", "our"). We are an Australian-domiciled business and HQ.ai is an AI-assisted HR and recruitment platform for Australian small and medium businesses.

This policy explains what personal information we collect, why we collect it, who we share it with, how long we keep it, and how you can access, correct or delete it. It is aligned to the Australian Privacy Principles (APP 1-13) under the Privacy Act 1988 (Cth).

Depending on which side of HQ.ai you use, we collect:

• Account information for business users - name, email, role, business name, ABN, address, phone, billing details.
• Candidate information you upload to the platform - resumes, work history, contact details, references, and any other data contained in candidate documents you provide.
• Candidate-submitted information at the video pre-screen stage - name, email, video recordings of answers to your interview questions, the transcripts we generate from those videos, and an AI scoring summary against the rubric you configure.
• Video pre-screen visual diagnostics - if you complete a video pre-screen, your browser computes three aggregate signals from your video frames (whether your face is in frame, whether your head is roughly facing the camera, approximate lighting) and sends only those three numbers to us. Your video frames and any underlying facial landmarks never leave your device. These numbers are shown to the reviewer as supporting context only and are never fed into the AI scoring.
• Usage information - login times, browser, IP address, the pages you visit, and the actions you take inside the product.
• Communications - any messages, support tickets, or chat content you exchange with us or with our AI advisor.

We do not collect sensitive information (as defined by the Privacy Act) unless it is volunteered in a candidate-supplied document or video answer. HQ.ai is configured to mask names, photos, addresses, dates of birth and graduation years before any AI scoring runs.

• To provide the HQ.ai service to our business clients - hosting role campaigns, scoring CVs, hosting video pre-screens, and producing scoring reports.
• To verify identity, manage accounts, process billing, and provide customer support.
• To improve the platform - including bias auditing of our AI models (we use aggregate metrics and never use a single individual's data to train any AI model).
• To meet legal obligations, including responses to lawful requests from regulators or law enforcement.

We will not use personal information for a purpose materially different to the one we collected it for without your express consent or a basis under APP 6.

For candidate-submitted information (CVs and video pre-screens), our lawful basis is the candidate's explicit consent given before recording. That consent is documented and time-stamped at the start of the video pre-screen flow. The consent text covers video recording, automated transcription, AI scoring, secure storage by our sub-processors, and retention for up to 80 days following role closure.

Candidates can withdraw consent and request erasure of their data at any time - see Section 8 below.

We use a small number of carefully chosen service providers to operate the platform. Each is bound by a contract that includes confidentiality and data-protection obligations. Some are domiciled outside Australia, primarily in the United States. The sub-processors we currently use are:

By using HQ.ai you consent to cross-border disclosure of your personal information to these sub-processors for the purposes described above. Where the recipient is overseas, we take reasonable steps to ensure they handle the information consistently with the APPs.

We do not sell personal information. We do not share personal information with advertisers. We do not allow any third-party AI provider to use your content to train their general-purpose models.

• All traffic between your browser and HQ.ai is encrypted in transit (TLS 1.2 or higher).
• All data is encrypted at rest by our hosting providers (AES-256).
• Access to production systems is restricted to a small number of authorised personnel, requires two-factor authentication, and is logged.
• We log who accessed which candidate record and when - audit trails are retained for at least 12 months.
• We undertake regular security reviews and intend to commission an independent penetration test prior to broad commercial launch.
• In the unlikely event of an eligible data breach we will notify affected individuals and the OAIC in line with the Notifiable Data Breaches scheme.

• Candidate video responses, transcripts, and AI scoring outputs - up to 80 days after role closure, unless the candidate has been progressed to hire (in which case standard employee record-keeping applies once they join your business as an employee).
• CV scoring records - up to 80 days after role closure.
• Business user account data - retained for the life of the account and for 7 years after closure for tax, financial and legal record-keeping.
• Audit logs - 12 months.
• Backups - up to 30 days, then permanently destroyed.

You can ask us at any time to:

• Confirm whether we hold personal information about you.
• Provide you with a copy of the personal information we hold.
• Correct any personal information that is inaccurate, incomplete or out of date.
• Delete your personal information (other than information we are required by law to keep).

Send your request to privacy@humanistiqs.com.au from the email address linked to the record, or use our online form at /privacy/request. We will respond within 30 days. Candidates can also withdraw consent for their pre-screen recording at any time using the same channel.

If you have a privacy concern about HQ.ai, please write to us first at privacy@humanistiqs.com.au so we have a chance to resolve it. If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

We may update this policy from time to time. The version and last-updated date at the top of this page will change when we do. Material changes will be notified by email to active business users.