Privacy Policy

We believe in empowering our users not only with innovative recruitment tools but also with the assurance that their data remains secure, private, and used in strict accordance with their preferences and applicable legal frameworks.
At ShortlistIQ, we strive consistently to align our data security with industry best practices, offering a secure platform that ensures you stay worry-free and focused on optimizing your recruitment. Trust in us as we make your data protection our promise.


Earn Coupon doo ("the Company") engages in the provision of cloud-based software solutions, delivering recruitment products and services ("Services") to employers under the terms of a formal written contract with the Company (individually referred to as a “Client” and collectively as "Clients").

The Company prioritizes the safeguarding of data privacy. As articulated in this Policy, our data privacy procedures govern a range of activities including, but not limited to, the interactions with our Website, dealings with suppliers, and engagements with job applicants. We urge you to peruse this Policy meticulously, as it delineates the modalities of our collection, utilization, dissemination, and other processing methods pertaining to personal information, which could allow the identification of individuals (or households in certain locales) ("Personal Data"). Furthermore, this Policy enumerates your prerogatives and options concerning the Company's handling of your Personal Data.


The scope of this Policy is limited; it excludes information processed on behalf of our Clients, as such processing is subject to the specific contractual agreements with those Clients. Should you be an individual interacting with a Client, for instance as a potential candidate, job applicant, or an employee, and have supplied data to them, the management of your data falls under the purview of that Client's own privacy policy. To access comprehensive privacy details about a Client's use of your data, or to exercise rights concerning such Personal Data, you should make direct contact with the respective Client. Our Clients retain autonomy over the data processed by the Company on their behalf, including setting their own privacy and security measures. The Company's access, dissemination, sharing, or any processing of personal data provided to us by or for a Client is strictly aligned with the conditions stipulated in the contractual arrangement with that specific Client, directives from the Client, or as mandated by relevant legislation.

Our responsibility does not extend to the privacy or data security strategies of our Clients, and these may not align with the guidelines described in this Policy.

Moreover, this Policy is not applicable to the Company’s employees.

Our Website and Services may feature hyperlinks to external websites, applications, and services managed by third parties. The proprietary privacy policies of these third-party entities dictate their respective privacy and data protection protocols. We advocate for a thorough examination of such privacy policies to gain an understanding of their respective data handling procedures.


The Company may engage in the processing of your Personal Data across a variety of contexts, both through digital channels and in-person interactions. Such processing encompasses situations including, but not restricted to: (i) your use of our website which acknowledges or connects to this Policy; (ii) your visits to our physical premises; (iii) your communications with the Company through channels such as live chat, electronic mail, telephonic conversations, or facsimile transmissions; (iv) your dealings with the Company in your capacity as an agent of an entity supplying goods or services to the Company; (v) your completion of documentation during conferences or events; (vi) your registration for company-hosted events or web-based seminars; (vii) your access to or procurement of downloadable materials, such as research papers; or (viii) your submission of an employment application to the Company.



The nature of the Personal Data we may gather directly from you is contingent on your mode of interaction with the Company, which may include communication via telephone, in-person contact, or through the Website, and the intended purpose of such interaction, specifically pertaining to roles such as:

Potential Client: Should you be considering our services as a potential Client, you may provide Personal Data that could include, among others: your complete name, email address, job title, information about your company, postal address, Internet Protocol (IP) address, general geographic location, phone number, professional details, information regarding your device and its usage, as well as unique identifiers, and data from cookies (elaborated in this Section 4). Moreover, you may supply any additional Personal Data as requested by the Company or at your discretion.Job Candidate: As a prospective employee, the Personal Data you may submit can encompass: your full name, email address, position you are applying for, information about your current employer, home address, IP address, broad location details, contact number, professional and educational background, curriculum vitae/resume with personal history, details on your device and its usage, unique identifiers, and cookies data (further detailed in this Section 4), along with any other Personal Data the Company may request or you choose to provide. Company Supplier: As a supplier to the Company, you may opt to furnish Personal Data including but not limited to: your full legal name, email contact, occupational designation, corporate affiliations, residential or business mailing address, general locale, telephone number, and your professional credentials, in addition to any other Personal Data the Company requests or you voluntarily include.


We additionally assemble Personal Data about you from secondary sources, comprising external entities from whom we have acquired commercial contact data and from openly accessible websites (e.g., LinkedIn, your firm’s website), networking services, or public statements. The Personal Data collected this way may involve, without being limited to, organizational details, contact numbers, job titles, physical addresses, electronic mail addresses, employment chronologies, and Personal Data present on publicly viewable websites or social media profiles. It is important to note that information accessible in the public domain might not be acknowledged as Personal Data within certain jurisdictions.


Our servers log information, potentially including Personal Data, automatically when you navigate the Website. This gathered Personal Data may cover a diverse range, potentially including: the website URL you originated from or navigated to, the make and model of your device, the operating system you employ, browser type, your ISP or mobile network carrier, unique identifiers specific to your device, your IP address, broad location category, your mobile carrier, the duration and timing of your visit, and supplemental details provided by your web browser or device. The extent of information collected is dependent on your type of device and its privacy settings. For more insights about the kind of information shared with us through your browser or device, review the privacy guidelines provided by your device manufacturer or software vendor. You may exercise control over the type of Personal Data you share through your device settings and as further described below.


Consistent with standard business practices, both we and our partner entities employ cookies and other technologies to collect and store certain varieties of information, potentially inclusive of Personal Data, when you interact with us via your computer or mobile device.


Personal Data is utilized by us for diverse intents detailed as follows:

Website and Service Delivery: To render the Website accessible to you, engage in communication about your interaction with the Website, address your questions, and offer customer service support.

Content Customization: For the customization of information and content we may provide or display to you to enhance your experience on the Website. Applicant Recruitment and Evaluation: Employed in activities related to the recruitment and appraisal of job candidates, which involve:

- Arranging and performing interviews;
- Recognizing prospective candidates, including liaising with third-party recruiting agencies;
- Examining and authenticating supplied information and conducting applicant evaluations to determine their suitability and other relevant attributes;
- Proposing employment terms, negotiating offers, and evaluating remuneration;
- Fulfilling legal and regulatory mandates;
- Engaging with candidates regarding their applications and potential alternative opportunities of interest;
- Retaining applicant data for potential future opportunities;
- Underpinning our policies and practices on equal opportunities in employment.

Outreach for Potential Roles: Identifying other roles that might align with an applicant's qualifications or areas of interest and establishing communication about these positions. (If you prefer not to be approached for potential roles, please inform us as stated in Section 11 or as otherwise indicated in this Policy.)

Marketing and Communication: Personal Data, like your email address, may be employed for marketing, ads, and promotions, as in forwarding newsletters, special offers, events, surveys, and other engagements or for contacting you regarding services or information we surmise might intrigue you. Enhancement and Security: Working towards improving the Website, our Services, and conducting internal business operations, such as security event detection and error debugging and correction. Analytical Research: Understanding user interaction with the Website and Services to facilitate improvements and cater to user preferences, as well as for the conduct of surveys, programs, and various analytical research. Compliance with Legal Obligations: Adhering to lawful responsibilities, overall operational needs, and for broader business compliance and administrative functions.

Protection of Rights and Interests: Engage in actions we consider necessary to investigate, prevent, or take action against dubious or illegal activities, fraud, threats to safety of any person or us, or breaches of our agreements or this Policy. Health and Safety Measures: For purposes such as contact tracing and executing appropriate screenings for applicants and visitors before they enter certain places or premises to maintain health and safety. Vendor and Supplier Management: The Company may procure and sustain Personal Data for the evaluation and selection of potential vendors, purchasing goods or services, or for overseeing relationships with current vendors and suppliers. Additional Purposes: The Company may inform you of or you may give consent for certain other uses of your Personal Data as they arise from time to time.



The Company may share Personal Data and additional information as follows:

Affiliates: Personal Data may be disclosed to our affiliated entities or subsidiaries; their handling and dissemination of your Personal Data will align with this Policy.

Service Providers: Personal Data may be shared with external service entities that utilize this data to administer services on our behalf, including but not limited to hosting services, artificial intelligence systems, cloud service providers, customer support services, event organizers, as well as advisors, consultants, and other service-related support entities.

Advertising and Analytic Entities: Your Personal Data is communicated with advertisers, social media platforms, and analytical service providers as previously outlined.

Company-Sponsored Events: For webinars, occasions, downloadable resources, or other activities related to our offerings, we may share your contact details and related interests with third-party partners for communication regarding such initiatives and our services.

Credit and Background Checks: During recruitment, your data may be communicated to credit report agencies or background check services as detailed in respective notices/consents.

Further Sharing: The Company may also share your Personal Data upon your instruction, with your explicit consent, or for any justifiable commercial rationale that is congruent with the stipulations of this Policy or as per relevant legislation.


Your Personal Data may be disclosed if required by law or if we believe in good faith that it is necessary to: (i) comply with legal obligations or legal processes; (ii) defend our rights and property; (iii) guard against the inappropriate or unauthorized usage of our Websites and Services; or (iv) protect our users’ or the public's safety or property (this includes instances where incorrect information is provided, or identity impersonation is suspected).

In the event the Company undergoes a business transition, such as a merger, acquisition, or the sale of part or all its assets, your Personal Data might be among the transferred assets.


We may release data that is aggregated or has been made non-identifiable for purposes like marketing, advertising, research, compliance, or other legitimate uses.


Your Personal Data may be transferred internationally to meet the objectives described in this Policy, potentially subjecting that Personal Data to laws in foreign jurisdictions. For further details on our practices concerning international data transfers, or for inquiries about the management, utilisation, dissemination, or the retention of Personal Data by us or our service providers, you may reach out to us as outlined in Section 7. See Section 9 for additional context on data transfers compliant with EU/UK data protection standards.


You are entitled to modify your preferences and exert certain authority over your Personal Data. You have the capability to retract any consent previously granted for the processing of your Personal Data. Should you decide to withdraw your consent, you may halt additional processing by reaching out to us as indicated below, although this is subject to certain legal exceptions previously communicated to you or as provided by law.


As previously mentioned, should you prefer not to receive promotional emails from us, you are at liberty to modify your preferences either by utilizing the unsubscribe functionality present within the email or by contacting us as outlined below. It is important to be aware that opting out from promotional communications does not preclude us from sending you essential service-related and transactional correspondences. We handle and act upon requests to be excluded from telephone marketing, postal mailings, and other forms of contact as legally mandated.


You can prevent or limit the utilization of cookies on your computer by modifying your web browser settings or by accessing the “Your Privacy Choices” feature located in the footer of our Website. It is noteworthy that blocking or removing non-essential cookies could potentially influence the functionality of our Websites and the choice to decline cookie-based advertising is relevant explicitly to the web browser and device you utilize for said opt-out. Should you delete your cookies, it might be necessary to reinstate your preferences. Additionally, you might continue to encounter certain advertisements, possibly from our Company, even if you have opted out from personalized advertising.

Furthermore, you possess the ability to manage how third-party advertisers utilize the Personal Data they compile from your activities on our Website and other sites for the purpose of showing you ads that are more aligned with your preferences. For U.S. residents, more information is available and the option to opt out of targeted ads offered by participating third-party ad networks can be found at (Digital Advertising Alliance). You can download the DAA AppChoices tool ( to manage interest-based advertising on mobile applications. Residents in other regions may find pertinent information and make choices through the subsequent links:

- For EU Users: (European Interactive Digital Advertising Alliance)
- For Canadian Users: (Digital Advertising Alliance of Canada)
- For Japanese Users: (Data Driven Advertising Initiative in Japan)


This section elaborates on the specific privacy entitlements of California residents as defined under the California Consumer Privacy Act (CCPA) and associated state privacy laws. It excludes scenarios exempt under the CCPA such as information that is public, anonymized, or legally protected under other statutes like HIPAA or FCRA. This Policy also excludes personal information pertaining to our contractors and employees.

When we commit to using Personal Data in a de-identified manner, we shall not re-identify such data unless allowed by law.


As a Service Provider under the CCPA, we manage Personal Data on the behalf of our Clients based on written agreements. For Personal Data processed in this capacity, we will assist Clients in responding to requests to exercise privacy rights.


For CCPA purposes, we act as a Business in the operation of our Website and as an employer. As delineated in Section 5, we collect, utilize, and process the described personal information to facilitate our Services, respond to requests made by you, and support various business operations such as services, user experience enhancement, analytics, customization, marketing, event coordination, research, legal compliance, and general operational support.

California residents are granted these rights concerning their Personal Data, subject to certain limitations:

- Opt-out of sale: The right to opt-out of the sale of Personal Data. For methods to opt-out, see Section 8.5.
- Limitations on sensitive information: Restrict certain processing of sensitive personal information to purposes permissible under CCPA.
- Right to delete: Request and obtain deletion of Personal Data collected by us, barring specific exceptions. Directions to exercise this right are in Section 8.5.
- Right to correct: Amend incorrect Personal Data.
- Right to know/access: Confirm the processing of your Personal Data, access it, receive a copy in a portable format, and be informed about: 
- Categories of Personal Data collected, 
- Sources of Personal Data, 
- Categories of Personal Data disclosed or sold, 
- Categories of third parties to whom the data has been disclosed or sold, 
- Business or commercial purposes for collecting or selling Personal Data, 
- Specific pieces of Personal Data collected. 

For methods to exercise these rights, refer to Section 8.5.

- Non-discrimination right: Freedom from discriminatory treatment for exercising CCPA rights.


The collated Personal Data, its usage, and disclosure are dependent on our interactions with you. We outline the Personal Data categories collected over the past twelve months and the types of third parties to whom this data may be disclosed for business purposes, as detailed in Section 5.

Personal Data Categories Collected:

- Identifiable information,
- Personal profiles,
- Internet or electronic network activity.

We disclose the above categories to third parties such as advertising networks, analytics providers, and social networks for marketing purposes. However, there is no sale or sharing of Sensitive Personal Information or Personal Data of known minors.

Sensitive Personal Information is only utilized or disclosed as necessary and permitted by the CCPA.


Personal Data can be sourced as specified in Section 4, including directly from individuals and various entities like advertising networks, analytics providers, and government entities.


To assert the rights to know/access, correct, or delete your Personal Data, submit a request by:

(i) Emailing with “California Privacy Request” in the subject line;
(ii) Postal mail at the address given in Section 11;
(iii) Via live chat on the website.

To opt-out of the sale or sharing of your Personal Data, use the appropriate link in our website footer, or employ a Global Privacy Control enabled browser or device. Additional information on GPC can be found at


To ensure CCPA compliance, we diligently verify the identity of individuals making privacy-related requests, with verification procedures adjusted according to the nature of the right being exercised and the sensitivity of the Personal Data involved.

We process requests using information linked within our records. Sometimes, additional data may be needed to verify your identity or process your request. When a request cannot be adequately verified, we notify the requestor. Authorized agents initiating a request on someone else's behalf must provide proof of authorization, and we may also ask the concerned individual to directly confirm their identity.


Personal data acquired by the Company may be retained and processed in the United States or anywhere else globally where the Company or its affiliates, subsidiaries, or third-party service providers operate facilities. By providing your personal data to the Company, you are consenting to the processing and transfer of your information within the United States and internationally, adhering to the data protection laws relevant to those data transfers.


For the processing of your Personal Data, the Company relies on its legitimate business interests or, where necessary, obtains your explicit consent. Consent withdrawal is permissible at any moment without influencing prior processing activities. Additionally, the Company may process Personal Data to comply with legal mandates or to protect or assert legal rights.

Data Subject Rights: You maintain rights to access, rectify, or erase your Personal Data, as well as to restrict or object to processing, and under particular situations, to port your data. Should you believe the Company has not adhered to EU or UK regulations, you may lodge a complaint as explained in Section 9.2, or with a data protection supervisory authority.

For GDPR-related issues, EU and UK residents could reach our Data Protection Officer through the details located in Section 11.2 and have the right to complain directly to their local Data Protection Administrator (DPA). More information about relevant DPAs can be sourced via the European Data Protection Board website for EU individuals and the UK Information Commissioner’s Office website for UK residents.


The Company may process your Personal Data outside of your jurisdiction, including countries not recognized by the European Commission or local regulators as having adequate data protection laws, such as the EEA. In such instances, the Company ensures an adequate level of protection, for example through executing relevant back-to-back agreements and standard contractual clauses approved by the European Commission.


Applicable to individuals in Canada:

Consent: Personal Data will not be collected, used, or disclosed without your consent, unless permitted by law. Situations exempt from consent include publicly available information and instances where consent might compromise an investigation.

Collection, Use, and Retention Limits: Personal Data collection is purpose-specific and limited to what is necessary. It will only be used or disclosed for stated purposes or as legally permitted.

Retention and Access: Personal Data used to make decisions about you will be kept for at least one year, after which it will be securely destroyed or rendered anonymous once no longer needed for legal or business purposes. Upon request and identity verification, we will provide access to your Personal Data and information on its use and disclosures, subject to certain conditions and potential fees.

Accuracy: We strive to maintain accurate and complete Personal Data and will amend it as necessary. In cases of accuracy disputes, we will annotate the disputed data accordingly.


In the Republic of Serbia, data privacy is governed by local regulations aligned with international standards. As the Company operates within Serbian jurisdiction, it adheres to these regulations by:

- Ensuring lawful and transparent Personal Data processing.
- Limiting collection and processing only to data pertinent and necessary for specified purposes.
- Committing to data accuracy and updating where required.
- Restricting data retention to periods necessary for the intended processing purposes.
- Implementing appropriate technical and organizational measures to secure Personal Data against unauthorized or unlawful processing, destruction, or damage.

Serbian individuals enjoy rights similar to those in the EU, including access, rectification, erasure, and data portability. The Company ensures to address such requests in a timely manner and relevant to local data protection legislation. Concerns or inquiries about data privacy rights within Serbia can be directed to the Company’s contact information listed in Section 11.2 or to the Commissioner for Information of Public Importance and Personal Data Protection in Serbia.



The Company implements suitable physical and digital safeguards to secure Personal Data. However, it is important to recognize that no security system can ensure absolute immunity from breaches.

To augment these protections, individuals are advised to take precautions to prevent unauthorized access to their passwords, mobile devices, and computers. This includes logging off shared devices, choosing strong, unique passwords that are not easily guessed, and keeping login credentials confidential. As part of protective measures, the Company reserves the right to temporarily disable access to the Website or services if any unusual or potentially harmful activity is detected. The Company cannot be held liable for any compromised, lost, or stolen passwords or any unauthorized activities on user accounts.


Personal Data is retained for periods necessary to serve the initial collection purposes, comply with legal standards, and meet regulatory, tax, accounting, or reporting duties. These retention periods are subject to specific exceptions communicated to you or as permitted by law. Practices may vary among our Clients and other external parties; referring to their privacy policies is recommended for further information.

Retention may extend beyond typical periods in cases of disputes or potential legal proceedings.

When determining the duration of Personal Data retention, we weigh criteria including the data's volume, nature, and sensitivity, the risk of harm from unauthorized access or disclosure, the reasons for processing the data, whether objectives can be met by other means, and all relevant legal and compliance requirements.


The Company does not intentionally address or collect Personal Data from children. Upon identifying that a child has provided Personal Data, the Company will expeditiously expunge such data from its records.


The Company reserves the authority to modify or update this Policy at its discretion. Amendments will be communicated through updates on the specified URL for this Policy. Users are encouraged to review this Policy regularly to stay abreast of any alterations.



Should you have inquiries regarding this Policy, wish to update your Personal Data, or choose to exercise any rights as specified herein, you are welcome to email your requests to Additionally, you may send correspondence through postal mail to the address provided beneath.


For matters related to data privacy, our Data Privacy Officer is available at or can be contacted through the live chat feature on our website.

Should you prefer, connect with us via post, directing your mail to:

Earn Coupon doo
Attention: Privacy or Data Protection Officer
Vodovodska 75,
11030 Cukarica, Belgrade,

Bring the future of AI recruitment to your team

AI assistant recruiting a job applicant
Generating an AI interview assistant in ShortlistIQ