KORUM

Privacy Policy

Last updated:

At KORUM, privacy is not a feature bolted on at the end, it is the foundation. We are building a confidential talent grid where senior professionals move through the market unseen, with masked profiles, candidate-controlled visibility, and an identity revealed only on their own terms. We hold ourselves to that same standard here on the waitlist: we collect as little as we can, we never track or profile you, and we run no analytics or advertising trackers of any kind. The only third-party script this page loads in your browser is a privacy-preserving security check that keeps bots out of the sign-up form. To run the waitlist we also rely on a few trusted providers to securely store your entry and email you, each named in full below.

This document explains, in plain language, exactly what happens to the information you share when you join the KORUM® early-access waitlist. KORUM is operated by WorldHire, which is responsible for the information you share here. It covers the waitlist only; when KORUM opens and you create a full account, a fuller product privacy notice will apply.

1. What we collect

When you join the waitlist, we collect only what you enter into the form:

  • whether you are a candidate or a recruiter,
  • your full name,
  • your work email,
  • and any suggestions you choose to add (optional).

That is everything. We do not track your behaviour, run analytics, or build any profile of you.

2. Why we collect it, and our legal basis

We use this information to run the waitlist: to confirm your place, to contact you by email when early access opens, and to gauge overall interest. Our legal basis is your consent (GDPR Article 6(1)(a)), which you give when you submit the form. You can withdraw that consent at any time (see “Your rights” below), and we will delete your entry.

3. No cookies, no tracking

This page sets no cookies of its own, and runs no analytics, advertising, or tracking scripts. Our fonts are self-hosted, so they pull nothing from outside parties.

In your browser, the only outside script we load is a security check. To stop bots and spam from flooding the waitlist, the sign-up form is protected by Cloudflare Turnstile. When you reach the form, it loads a small script from Cloudflare and processes limited technical information, such as your IP address and basic browser signals, purely to confirm you are a real person. Turnstile is a privacy-preserving alternative to traditional CAPTCHAs: it does not use tracking cookies, does not profile you, and is never used for advertising. Cloudflare acts as our service provider for this one security function, and our legal basis is our legitimate interest in protecting the waitlist from abuse.

On our server we also briefly record the IP address of sign-up and admin-login requests to rate-limit them, so no one can flood the waitlist or guess the admin password. These counters are short-lived (cleared within a day), are never linked to your waitlist entry, and are used only to protect the service.

4. Who handles your data

To run the waitlist we share your entry with a small number of carefully chosen providers, and no one else. Each acts only on our instructions, is bound by a data-processing agreement, and is never permitted to use your data for its own purposes, advertising, or resale:

  • Storage: your signup is held in our database, hosted by Supabase on servers in Tokyo, Japan. Japan is recognised by the European Commission as offering an adequate level of data protection, so your information keeps EU-grade protection even when stored outside the EU.
  • Email: confirmation and early-access messages are sent through Resend, our email provider.
  • Bot protection: the sign-up form is protected by Cloudflare Turnstile, as described above.

We never sell, rent, trade, or otherwise share your data with anyone beyond these providers, and we never use it for advertising or profiling.

5. Your rights

Under the GDPR and equivalent laws, you can ask us to:

  • give you a copy of the data we hold about you (access),
  • correct anything that is wrong (rectification),
  • delete it (erasure),
  • restrict or object to how we use it,
  • or send it to you in a portable, machine-readable format (portability).

You can also withdraw your consent at any time. To do any of these, email us at the address below and we will respond within 30 days. You also have the right to complain to your local data-protection authority.

6. Security

We treat protecting your data as a core responsibility and guard it with rigorous, industry-standard security. It is encrypted in transit (TLS) and at rest, kept behind strict access controls, and reachable only through tightly locked-down, purpose-built interfaces, never an open database connection. Access is limited to the few people who genuinely need it to run the waitlist.

We never tamper with, alter, or misuse your information, and we never leak, sell, or trade it. In the unlikely event of a security incident affecting your data, we would act immediately to contain it and notify you and the relevant authorities as the law requires.

7. Changes

If we make material changes to how we handle your data, we will update this policy and reflect them here.

8. Contact

For any privacy question, or to exercise your rights, email support@worldhire.com