Privacy Policy

1. Introduction

Suitorly Pty Ltd (ABN 80 670 579 334) ("Suitorly", "we", "us", "our") operates a career, coaching, training, and recruitment software-as-a-service platform that provides Career Tools, AI-assisted features, Programs, and consent-based connections between candidates and employers.

We respect your privacy and are committed to handling personal information in a transparent, responsible, and lawful manner.

This Privacy Policy explains how we collect, use, store, and disclose personal information in accordance with:

• the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs); and
• the New Zealand Privacy Act 2020, where applicable.

This Privacy Policy forms part of the agreement between you and Suitorly under the Suitorly Terms of Service (including the Employer Terms and Candidate Terms).

Capitalised terms used in this Privacy Policy (including AI Features, Career Tools, Programs, Candidate Content, and Employer Content) have the meanings given to them in the Suitorly Terms of Service, unless otherwise stated.

2. Our Role

Suitorly acts as a data controller in respect of personal information processed through the platform.

• Individuals create and manage their own profiles directly with Suitorly.
• Employers do not upload candidate data to the platform.
• Employers may access personal information only where a candidate has provided explicit, role-specific consent through platform functionality.
• Suitorly does not act as a data processor on behalf of employers.

Employers who access personal information through the platform are contractually required under the Employer Terms of Service to handle such information confidentially, limit access to authorised personnel only, and use it solely for the relevant hiring process.

3. Personal Information We Collect

3A. Information You Provide (Candidates)

This may include:

Identity and Contact Information

• Name
• Email address
• Phone number (optional)
• Location (city or region)
• Profile photo (optional)

Professional and Career Information

• CVs, resumes, and cover letters
• Employment history and experience
• Education, qualifications, and certifications
• Skills, competencies, preferences, and portfolio links
• LinkedIn profile data (if connected)

Suitorly 360 Assessment Data

If you complete the Suitorly 360, we collect your responses to scenario-based and preference questions and use those responses to generate a behavioural strengths profile. The Suitorly 360 is a structured self-assessment tool, not a clinically validated psychometric instrument. The outputs reflect your self-reported responses and are designed to support career reflection and role matching. This data is used to produce Career Tool outputs and, where you have opted in, to support consent-based introductions with employers. Assessment data is handled with care and is subject to the same access, disclosure, and consent controls as your other personal information.

Candidate Content

As defined in the Terms of Service, including all information and materials you submit, upload, or input into Suitorly, including messages and inputs to AI Features, Career Tools, or Programs.

Sensitive Information

Suitorly does not require sensitive personal information (such as health data, race, religion, sexual orientation, or criminal history). If you voluntarily include sensitive information (for example within a CV), you consent to its collection, storage, and disclosure in accordance with your discoverability, consent, and privacy settings.

3B. Information We Collect from Employers

We may collect limited information from employers and employer representatives, including:

• Business and account details
• Names, work email addresses, and contact details of authorised users
• Job descriptions and role requirements
• Interview notes or evaluations created within the platform

This information is collected and processed solely for account management, platform operation, billing, security, compliance, and service delivery purposes.

Employer-generated data (including interview notes and evaluations) is retained for 24 months following the close of the relevant hiring process, or for such longer period as required by law.

3C. Automatically Collected Information

When you access or use Suitorly, we may automatically collect:

• IP address
• Device and browser type
• Usage logs and interaction data
• Session duration, timestamps, and feature usage

We use cookies and similar technologies to enable authentication, security, analytics, and platform performance. For more detail, see Section 3D below.

3D. Cookies, Pixels, and Tracking Technologies

Suitorly uses cookies and similar tracking technologies to operate the platform and, where you have consented, to understand usage and measure advertising effectiveness.

Essential Cookies

Essential cookies are required to run the platform. They enable authentication, session management, security, and core functionality. You cannot opt out of essential cookies without affecting your ability to use the platform.

Analytics Technologies

We use Google Analytics to collect aggregated, de-identified data about how users navigate and interact with Suitorly. This data helps us improve platform performance and user experience. Google Analytics may transfer data to servers located in the United States. For more information, see google.com/policies/privacy.

Advertising and Retargeting Pixels

We use Google Ads and Meta (Facebook) pixels on our website. These tools may collect data about your interactions with our website and may use that data to measure advertising effectiveness and, where applicable, to show you relevant advertising on Google and Meta platforms. These technologies may transfer data to servers located in the United States and other countries. For more information on Meta's data practices, see facebook.com/policy.php.

Your choices

Where required by applicable law, we will seek your consent before activating non-essential tracking technologies. You may withdraw consent or manage cookie preferences at any time via your browser settings or our cookie preference centre (accessible from the website footer). Note that disabling analytics or advertising technologies will not affect your ability to use the Suitorly platform.

4. How We Use Personal Information

We use personal information for the following purposes:

Platform Operation

• Creating and managing user accounts
• Providing Career Tools, AI Features, and Programs
• Hosting and displaying profiles in accordance with user settings

Consent-Based Matching and Messaging

• Enabling opt-in discoverability
• Facilitating introductions and messaging with employers where explicit consent is provided
• Applying employer-blocking controls where enabled

AI Features, Career Tools, and Programs

• Generating AI Content for drafting, coaching, training, mock interviews, and preparation
• Producing Career Tool outputs to support reflection and learning

Communication

• Platform notifications
• Messages, introductions, and invitations you choose to receive
• Service, security, and administrative communications

Platform Integrity and Improvement

• Analysing aggregated and de-identified usage data
• Improving platform functionality, performance, and reliability
• Detecting fraud, misuse, or policy breaches

Status Updates and Commercial Administration

Where you choose to provide status updates (such as interview progression, offer acceptance, or commencement), this information may be used to operate and administer the platform, support interview coordination and feature eligibility, and administer commercial arrangements with employers (including placement or success-based fees), in each case on a need-to-know, aggregated, or de-identified basis and in accordance with the Terms of Service.

5. Automated Decision-Making and Psychometric Outputs

Suitorly uses AI-assisted tools and structured assessments (including the Suitorly 360) to generate scores, strengths profiles, and role-fit outputs. These outputs are based on self-reported responses and are intended to inform, not replace, human decision-making by candidates, employers, and career coaches.

Automated outputs are not used as the sole basis for any employment decision. Employers who access candidate data through the platform are contractually required to treat psychometric outputs as one input among many when making hiring decisions.

If you believe an automated output has affected you unfairly or inaccurately, you may contact us at customercare@suitorly.com to request a review. We will assess such requests in accordance with the Terms of Service.

6. AI Training and Model Improvement

By default, identifiable personal data is not used to train AI models.

Suitorly may use aggregated and de-identified data to improve AI Features, Career Tools, and Programs. Where applicable, you may be offered a clear opt-out from the use of de-identified data.

To deliver AI Features, Suitorly may use third-party AI models, APIs, or infrastructure providers. These providers may process Candidate Content solely to generate AI outputs under contractual confidentiality, security, and data-use restrictions.

Suitorly does not permit third-party providers to use identifiable Candidate Content to train their general or base AI models unless they have a lawful basis to do so.

7. Discoverability, Consent, and Employer Access

Discoverability

Profiles are hidden by default. Discoverability is opt-in and can be toggled on or off at any time.

Consent to Disclosure

If you opt in and apply, match, or accept an introduction, you authorise Suitorly to disclose your identified profile (including CV and contact details) only to that specific employer.

Employer Blocking

You may block specific employers, including your current employer. Blocking relies on the accuracy of employer identifiers and may not be effective in all circumstances due to corporate structures, subsidiaries, domains, or naming conventions.

8. Disclosure of Personal Information

Suitorly does not sell personal information.

We may disclose personal information:

• to employers, strictly in accordance with your consent and platform settings;
• to service providers (such as hosting, analytics, email, payment, and infrastructure providers) under confidentiality and security obligations;
• where required by law, regulation, or legal process; or
• in connection with a business transfer, merger, acquisition, or sale of assets.

Employers may only use personal information accessed through Suitorly for the specific hiring process for which consent was provided, unless otherwise required by law or expressly authorised by the candidate.

This Privacy Policy does not grant any party rights to disclose, reproduce, or share Suitorly's proprietary platform features, workflows, AI outputs, or Programs, except as permitted under the Terms of Service.

9. International Data Storage and Transfers

Suitorly primarily operates in Australia and New Zealand.

Some of our service providers, including analytics, advertising, AI infrastructure, payment, and authentication providers, store or process data in the United States and other countries. These include providers such as Google, Meta, Anthropic, Pinecone, Clerk, ActiveCampaign, Stripe, and Airwallex.

Where personal information is transferred internationally, we take reasonable contractual and technical steps to ensure it is protected in a manner consistent with the Australian Privacy Principles.

10. Data Security

Suitorly uses reasonable technical and organisational measures to protect personal information, including:

• encryption in transit and at rest;
• access controls and authentication; and
• monitoring and security logging.

No system is completely secure, and we cannot guarantee absolute security.

11. Data Breaches

If a data breach is likely to result in serious harm, we will notify affected individuals and relevant regulators (including the Office of the Australian Information Commissioner and the New Zealand Privacy Commissioner) as required by law.

12. Data Retention

Personal information is retained while your account is active. Accounts inactive for 24 months may be archived or deleted, subject to legal, regulatory, dispute-resolution, and enforcement requirements.

Employer-generated data (including interview notes and evaluations) is retained for 24 months following the close of the relevant hiring process, or such longer period as required by law.

Before account deletion, you may request export of key profile information and documents within a reasonable timeframe, subject to technical and legal limitations.

13. Your Rights

You may have the right to:

• access personal information we hold about you;
• correct inaccurate or incomplete information;
• request deletion of your account;
• withdraw consent where processing is based on consent; and
• opt out of marketing communications.

Concerns relating to AI-assisted outputs, automated scoring, fairness, or data use may be raised via the contact details below and will be reviewed in accordance with the Terms of Service.

Essential service communications relating to your account, security, or transactions cannot be opted out of.

14. Additional Rights in Other Jurisdictions

If you are located outside Australia or New Zealand, additional privacy rights may apply under local laws. Where required, Suitorly will comply with those laws in relation to personal information of individuals in those jurisdictions.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the platform or via email. The effective date at the top of this document reflects when this version was last updated.