Privacy Policy

GDPR Compliance

ONWORK is fully committed to compliance with the General Data Protection Regulation (GDPR). We process personal data lawfully, fairly, and in a transparent manner. All candidate and agency data is stored within the European Union.

Data We Collect

• Account Data: Name, email address, agency name, and role when you register.
• Candidate Data: Information processed through AI OCR scans (names, document numbers) — stored in your isolated workspace only.
• Usage Data: Anonymous analytics to improve platform performance.
• Payment Data: Processed securely via Stripe. We never store card details.

Data Processing

AI OCR document scanning is performed via OpenAI API. Documents are processed in real-time and are not stored by OpenAI beyond the processing window. Results are stored only within your isolated multi-tenant workspace.

Multi-Tenant Isolation

ONWORK uses JWT-based multi-tenant architecture. Each agency operates in a fully isolated workspace. No agency can access another agency's data, candidates, vacancies, or financial records.

Your Rights

Under GDPR, you have the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data. Contact privacy@onwork.pl to exercise your rights.

Contact

Data Controller: ONWORK Sp. z o.o.
Email: privacy@onwork.pl