Privacy notice

Sift is operated by Growth Alliance LLC, a company registered in Wyoming, United States. When we say “Sift”, “we”, “us” or “our” in this policy, we mean Growth Alliance LLC.

Sift is an AI-powered recruitment screening service. Our platform helps businesses manage candidate outreach, screening and interview scheduling. We provide a web application and a browser extension for Google Chrome and Microsoft Edge.

Contact for privacy enquiries: privacy@siftrecruit.com

Postal address: Growth Alliance LLC, 2093 Philadelphia Pike #153, Claymont, Delaware 19703, United States

This policy explains how we collect, use, store and share personal data when you use Sift. It applies to our web application at siftrecruit.com, our browser extension (available for Google Chrome and Microsoft Edge), and any related services we provide.

This policy is written for our users: the businesses and individuals who create a Sift account and use our platform to manage their recruitment. Your use of Sift is also governed by our Terms of Service at siftrecruit.com/terms.

If you are a candidate whose information is processed through Sift, your recruiter is responsible for how your data is handled. We act as a data processor on their behalf. We recommend that candidates contact the business that is recruiting them for information about how their data is used.

3.1 Information you provide to us

When you create an account and use Sift, we collect:

• Your name, email address, phone number and business name
• Login credentials (passwords are stored in encrypted form only)
• Billing and payment information (processed securely by our payment provider)
• Your recruitment preferences, screening criteria, job descriptions and role requirements
• Messages you send through the platform, including outreach templates and screening questions
• Any other information you choose to provide when using the service

3.2 Information we collect automatically

When you use Sift, we automatically collect:

• Device and browser information (such as browser type, operating system and screen resolution)
• IP address and approximate location (country or region level)
• Usage data (such as features used, pages visited within the application, and interaction patterns)
• Cookies and similar technologies (see Section 9 below)

3.3 Information collected by the browser extension

Our browser extension for Google Chrome and Microsoft Edge requires you to sign in to your Sift account or create a new account. Your use of the extension is governed by this privacy policy and our Terms of Service.

The extension collects information only when you actively engage with it on supported job board and recruitment websites. The extension does not run in the background or collect data from websites outside of supported domains.

When you use the extension on a supported site, it may read page content to help you add candidate information to Sift. This includes candidate names, contact details, job titles and other publicly listed information that appears on the page. The extension also displays candidate status information from your Sift account.

3.4 Information from connected accounts

If you connect third-party accounts to Sift (such as Google or Microsoft), we receive information from those services as described in Section 7 of this policy.

We use the information we collect to:

• Provide, maintain and improve the Sift service
• Create and manage your account
• Process candidate screening on your behalf, including AI-powered outreach and follow-up messaging
• Schedule interviews and manage calendar integrations
• Process payments and manage your subscription
• Send you service-related communications (such as account notifications, billing updates and feature announcements)
• Provide customer support
• Monitor and analyse usage patterns to improve our service
• Detect, prevent and address technical issues or security concerns
• Comply with legal obligations

4.1 AI processing

Sift uses third-party artificial intelligence services provided by Anthropic (anthropic.com) to power its candidate screening, communication and scheduling features. When you use these features, relevant data (such as candidate information, screening criteria, job requirements and calendar availability) is sent to Anthropic's API for processing.

Anthropic processes this data solely to generate responses on behalf of Sift. Anthropic does not use your data to train its AI models and does not retain your data beyond what is necessary to process each request. For further details on how Anthropic handles data, please refer to Anthropic's privacy policy at anthropic.com/privacy.

AI-assisted screening is always subject to your review and approval. The service is designed to support your recruitment decisions, not to make them on your behalf. You retain full control over which candidates progress and how they are assessed.

If you are based in the United Kingdom or European Economic Area, we rely on the following lawful bases under the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR):

• Contract: Processing your personal data is necessary to provide the Sift service to you under our Terms of Service.
• Legitimate interests: We process data where it is in our legitimate business interests to do so (for example, to improve our service, ensure security and prevent fraud), provided those interests are not overridden by your rights.
• Legal obligation: We may process data where required to comply with applicable laws or regulations.
• Consent: Where we rely on your consent (for example, to send marketing communications), you may withdraw that consent at any time by contacting us at privacy@siftrecruit.com or using the unsubscribe mechanism provided.

We do not sell your personal data. We share your information only in the following circumstances:

• Service providers: We use a limited number of third-party service providers to help us operate Sift. These include providers of cloud hosting and infrastructure, payment processing, messaging and communications delivery, calendar integration, and AI processing. Our AI features are powered by Anthropic (anthropic.com). Each provider processes data only on our instructions and is bound by contractual obligations to protect your data.
• At your direction: If you choose to integrate Sift with third-party services (such as job boards or calendar applications), we share data as necessary to enable those integrations.
• Legal requirements: We may disclose information if required to do so by law, regulation, legal process or enforceable governmental request.
• Business transfers: If Growth Alliance LLC is involved in a merger, acquisition or sale of assets, your data may be transferred as part of that transaction. We will notify you of any such change.
• With your consent: We may share information for any other purpose with your explicit consent.

We do not use your data for advertising, sell it to data brokers, or share it with third parties for their own marketing purposes.

Sift allows you to connect your Google and Microsoft accounts to enable calendar integration and authentication. This section describes how we access, use, store and share data obtained through these connections. It applies in addition to the rest of this policy.

7.1 Google

When you connect your Google account to Sift, we request access to the following scopes:

• Email address (userinfo.email): Used to identify your account and for authentication purposes.
• Google Calendar (calendar and calendar events): Used to check your availability and schedule interviews with candidates on your behalf.

We use your Google data solely to provide and improve the features of Sift that you have chosen to use. Your email address is used for account identification, authentication and service-related communications. Calendar data is used to read your availability, create interview events and send calendar invitations to candidates.

Where Google Calendar data is used in connection with AI-assisted scheduling features, it may be processed by our AI provider, Anthropic, solely to facilitate interview scheduling on your behalf. Anthropic does not retain your Google data beyond what is necessary to process each request.

Sift's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for any purpose other than providing and improving the Sift service. We do not use Google user data for advertising, and we do not sell Google user data to third parties.

7.2 Microsoft

When you connect your Microsoft account to Sift, we request access to the following Microsoft Graph API permissions:

• User.Read: Used to read your basic profile information (name and email address) for account identification and authentication.
• Calendars.Read: Used to read your calendar events to check your availability for interview scheduling.
• Calendars.ReadWrite: Used to create and update interview events in your calendar on your behalf.
• Calendars.Read.Shared: Used to read shared calendars that you have access to, so that team availability can be considered when scheduling interviews.
• Calendars.ReadWrite.Shared: Used to create and update interview events in shared calendars on your behalf, where you have been granted appropriate access by the calendar owner.

We use your Microsoft data solely to provide and improve the features of Sift that you have chosen to use. Your profile information is used for account identification and authentication. Calendar data (including shared calendars) is used to read availability, create interview events and send calendar invitations to candidates.

Where Microsoft Calendar data is used in connection with AI-assisted scheduling features, it may be processed by our AI provider, Anthropic, solely to facilitate interview scheduling on your behalf. Anthropic does not retain your Microsoft data beyond what is necessary to process each request.

We do not use Microsoft user data for any purpose other than providing and improving the Sift service. We do not use Microsoft user data for advertising, and we do not sell Microsoft user data to third parties.

7.3 How we store and protect connected account data

Data obtained from Google and Microsoft accounts is stored on servers located in the United Kingdom and European Economic Area. It is encrypted in transit using TLS and encrypted at rest. Access to connected account data is restricted to authorised personnel and systems that require it to provide the service.

7.4 How we share connected account data

We share data obtained from connected Google and Microsoft accounts only with the service providers that are necessary to deliver the Sift service. These are:

• Our cloud infrastructure provider, which hosts the data on UK/EEA servers.
• Our calendar integration provider, which facilitates the connection between Sift and your Google or Microsoft calendar.
• Anthropic (anthropic.com), our AI processing provider, which processes calendar and scheduling data solely to power AI-assisted features within Sift.

Each of these providers processes data strictly on our instructions. We do not share, transfer or disclose your connected account data to any other third parties, except where required by law.

7.5 Retention and deletion

We retain connected account data for as long as your Sift account is active and the relevant integration is connected. If you disconnect a Google or Microsoft account from Sift, we delete the associated data within 30 days. If you cancel your Sift account, all connected account data is deleted within 30 days of account closure.

You may request deletion of your connected account data at any time by contacting us at privacy@siftrecruit.com.

7.6 Disconnecting your account

You can disconnect your Google or Microsoft account from Sift at any time through your account settings. Disconnecting will disable the calendar features that rely on that connection. You can also revoke Sift's access directly through your Google Account permissions page or your Microsoft account app permissions.

This section provides additional information about data handling by the Sift browser extension, as required by the Chrome Web Store and Microsoft Edge Add-ons store policies.

The Sift browser extension:

• Requires you to sign in to your Sift account or create a new account before use.
• Collects candidate information from supported job board websites only when you actively engage with the extension.
• Does not collect browsing history, cookies, authentication tokens or form input data.
• Does not run in the background or monitor your browsing activity.
• Does not collect data from websites outside of specifically supported job boards and recruitment platforms.
• Transmits all data over secure, encrypted connections (HTTPS).
• Requests only the minimum permissions necessary to provide its features.

The use of information received from supported websites through the browser extension will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements. The extension also complies with the Microsoft Edge Add-ons store developer policies regarding user data handling, encryption and data minimisation.

We use cookies and similar technologies on siftrecruit.com for the following purposes:

• Essential cookies: These are required for the service to function. They include session cookies for authentication and security cookies to protect your account. You cannot opt out of essential cookies as the service will not work without them.
• Analytics: We use Vercel Analytics to understand how people use Sift so we can improve the service. Vercel Analytics collects anonymised, aggregated usage data and does not use cookies to track individual users across websites. It does not identify you personally.

We do not use advertising cookies, tracking pixels, or any third-party cookies for the purpose of targeted advertising.

Sift is operated by Growth Alliance LLC, which is based in the United States. However, your data is primarily stored on servers located in the United Kingdom and the European Economic Area.

Where it is necessary to transfer data outside the UK or EEA (for example, where a service provider such as Anthropic is based in the United States), we ensure that appropriate safeguards are in place. These may include Standard Contractual Clauses approved by the UK Information Commissioner's Office or the European Commission, or reliance on other lawful transfer mechanisms.

We retain your personal data only for as long as necessary to provide the Sift service and to fulfil the purposes described in this policy. Our general retention periods are:

• Account data: Retained while your account is active. If you cancel your subscription, your account data is deleted within 30 days of account closure.
• Candidate screening data: Retained while your account is active. Deleted within 30 days of account closure.
• Conversation and messaging logs: Retained while your account is active. Deleted within 30 days of account closure.
• Billing records: Retained for up to 7 years after the end of your subscription, as required by applicable tax and accounting regulations.
• Connected account data (Google and Microsoft): Deleted within 30 days of disconnecting the relevant account or closing your Sift account (see Section 7.5).
• AI processing: Data sent to Anthropic for AI processing is not retained by Anthropic beyond what is necessary to process each individual request. It is not stored by Anthropic after the response is returned.

If you are based in the United Kingdom or the European Economic Area, you have the following rights under data protection law:

• Access: You can request a copy of the personal data we hold about you.
• Correction: You can ask us to correct any inaccurate or incomplete data.
• Deletion: You can ask us to delete your personal data. We will do so unless we have a lawful reason to retain it.
• Restriction: You can ask us to restrict how we process your data in certain circumstances.
• Portability: You can request a copy of your data in a structured, commonly used, machine-readable format.
• Objection: You can object to processing based on legitimate interests.
• Withdraw consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at privacy@siftrecruit.com. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority. In the United Kingdom, this is the Information Commissioner's Office (ICO) at ico.org.uk.

We take the security of your data seriously. We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration. These measures include:

• Encryption of data in transit (TLS) and at rest
• Access controls that restrict data access to authorised personnel and systems
• Regular security reviews of our infrastructure and processes
• Secure handling and encrypted transmission of all data collected by the browser extension
• Use of AI providers that maintain industry-standard security practices and do not retain customer data beyond processing

While no system can guarantee absolute security, we are committed to protecting your data to the highest reasonable standard.

Sift is a business-to-business service and is not directed at individuals under the age of 18. We do not knowingly collect personal data from anyone under 18. If you believe that we have inadvertently collected data from a person under 18, please contact us at privacy@siftrecruit.com and we will take steps to delete it.

We may update this policy from time to time to reflect changes to our practices or for other operational, legal or regulatory reasons. If we make material changes, we will notify you by email or through a notice within the Sift application before the changes take effect. We encourage you to review this policy periodically.

If you have any questions about this privacy policy or how we handle your data, you can reach us at: