Privacy Policy

At Needle, we respect your privacy and are committed to protecting your personal data. This policy outlines how we collect, use, and protect your information when you use our services.

Last updated: February 5, 2026

This Privacy Notice is designed to help you understand how Needle ("Needle," "we," "us," and "our") collects, uses, and shares your personal information and to help you understand and exercise your privacy rights.

1. Scope

This Privacy Notice applies to personal information processed by us, including on our websites, mobile applications, and other online or offline offerings. To make this Privacy Notice easier to read, our websites, mobile applications, and other offerings are collectively called the "Services."

2. Personal Information We Collect

The categories of personal information we collect depend on how you interact with us, our Services, and the requirements of applicable law. We collect information that you provide to us, information we obtain automatically when you use our Services, and information from other sources such as third-party services and organizations, as described below.

A. Information You Provide to Us Directly

We may collect the following personal information that you provide to us:

Account Creation. We may collect information when you create an account, such as your name, email address, company name, and role.

Hiring and Candidate Data. When you use the Services to manage your hiring process, you may upload or input personal information about job candidates, including names, contact details, resumes, interview notes, assessments, and other recruitment-related data ("Candidate Data"). You are the data controller of Candidate Data and are responsible for ensuring you have the necessary legal basis to collect and process this information. Needle processes Candidate Data on your behalf solely to provide the Services.

Personal Information Contained in User Content. We may collect personal information contained in the text, files, documents, graphics, images, audio, and video that you upload to or create with the Services.

Purchases. We may collect personal information and details associated with your purchases, including payment information. Any payments made via our Services are processed by third-party payment processors. We do not directly collect or store any payment card information.

Your Communications with Us. We may collect personal information, such as email address, phone number, or mailing address when you request information about our Services, register for our newsletter, request customer or technical support, or otherwise communicate with us.

Surveys. We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.

Interactive Features. We and others who use our Services may collect personal information that you submit or make available through our interactive features (e.g., messaging, collaboration features, commenting functionalities, and integrations with third-party tools). Any information you provide using public sharing features of the Services will be considered "public," unless otherwise required by applicable law, and is not subject to the privacy protections referenced herein.

Conferences, Trade Shows, and Other Events. We may collect personal information from individuals when we attend or host conferences, trade shows, and other events.

Business Development and Strategic Partnerships. We may collect personal information from individuals and third parties to assess and pursue potential business opportunities.

B. Information Collected Automatically

We may collect personal information automatically when you use our Services:

Automatic Data Collection. We may collect certain information automatically when you use our Services, such as your Internet protocol (IP) address, user settings, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, browser or device information, location information (including approximate location derived from IP address), and Internet service provider. We may also automatically collect information regarding your use of our Services, such as pages that you visit before, during, and after using our Services, information about the links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services.

Cookies, Pixel Tags/Web Beacons, and Other Technologies. We, as well as third parties that provide content, advertising, or other functionality on our Services, may use cookies, pixel tags, local storage, and other technologies ("Technologies") to automatically collect information through your use of our Services.

  • Cookies. Cookies are small text files placed in device browsers that store preferences and facilitate and enhance your experience.

  • Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in our Services that collects information about engagement on our Services. We may also include web beacons in emails to understand whether messages have been opened, acted on, or forwarded.

Our uses of these Technologies fall into the following general categories:

  • Operationally Necessary. Technologies that allow you access to our Services, are required to identify irregular website behavior, prevent fraudulent activity, improve security, or allow you to make use of our functionality.

  • Performance-Related. Technologies used to assess the performance of our Services, including as part of our analytic practices to help us understand how individuals use our Services.

  • Functionality-Related. Technologies that allow us to offer you enhanced functionality when accessing or using our Services, such as identifying you when you sign in or keeping track of your preferences.

  • Advertising- or Targeting-Related. First-party or third-party Technologies used to deliver content, including ads relevant to your interests, on our Services or on third-party websites.

See "Your Privacy Choices and Rights" below to understand your choices regarding these Technologies.

Analytics. We may use Technologies and other third-party tools to process analytics information on our Services. Some of our analytics partners include:

  • Google Analytics. For more information, please visit Google Analytics' Privacy Policy. To learn more about how to opt out of Google Analytics' use of your information, please click here.

C. Information Collected from Third-Party Sources

We may obtain information about you from third-party sources, including:

  • Third-Party Integrations. If you connect third-party services to Needle (such as email providers, calendar tools, job boards, or other HR systems), we may receive information from those services in accordance with your authorization and the third party's privacy practices.

  • Publicly Available Sources. We may collect professional information from publicly available sources such as LinkedIn profiles or company websites, solely in connection with providing sourcing and recruiting features of the Services.

3. How We Use Your Information

We use personal information for the following purposes:

  • To Provide the Services. To operate, maintain, and provide the features and functionality of the Services, including processing Candidate Data, generating AI-powered insights and recommendations, and facilitating your hiring workflows.

  • To Improve the Services. To understand how users interact with the Services, identify issues, and improve performance, features, and user experience.

  • To Communicate with You. To send you service-related notices, respond to your inquiries, and provide customer support.

  • To Send Marketing Communications. To send you promotional information about our products and services, subject to your opt-out preferences.

  • For Research and Development. To develop new features, products, and services, and to conduct analysis and testing.

  • For Security and Fraud Prevention. To detect, investigate, and prevent security incidents, fraudulent activity, and violations of our Terms of Service.

  • To Comply with Legal Obligations. To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

4. How We Share Your Information

We may share your personal information in the following circumstances:

  • Service Providers. We may share information with third-party vendors and service providers that perform services on our behalf, such as hosting, analytics, payment processing, and customer support.

  • AI and Machine Learning Providers. We use third-party AI services to power features of the Services. Information necessary to generate AI outputs may be shared with these providers, subject to contractual data protection obligations.

  • Business Transfers. In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.

  • Legal Requirements. We may disclose information if required to do so by law or in response to valid legal process.

  • With Your Consent. We may share information with your consent or at your direction.

We do not sell your personal information.

5. AI-Specific Data Practices

Needle uses artificial intelligence to provide features such as candidate sourcing, screening, summarization, communication drafting, and hiring recommendations. The following practices apply:

  • Candidate Data Processing. Candidate Data that you upload or input is processed by AI systems solely to provide the Services to you. We do not use your Candidate Data to train general-purpose AI models.

  • AI Output. AI-generated content (such as candidate summaries, recommendations, or drafted messages) is produced based on the data you provide and may not always be accurate. You are responsible for reviewing AI Output before acting on it.

  • Third-Party AI Services. We may use third-party AI providers to deliver certain features. Data shared with these providers is governed by contractual obligations that restrict their use of your data.

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Notice, unless a longer retention period is required or permitted by law. Candidate Data is retained for the duration of your use of the Services and will be deleted within a reasonable period following account termination, unless you request earlier deletion. You may request deletion of your personal information at any time by contacting us using the information in Section 11.

7. Security

We implement reasonable administrative, technical, and physical safeguards to protect the personal information we collect. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

8. Your Privacy Choices and Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information, including:

  • The right to access, correct, or delete your personal information;

  • The right to restrict or object to processing;

  • The right to data portability;

  • The right to withdraw consent where processing is based on consent;

  • The right to opt out of the sale or sharing of personal information (we do not sell personal information); and

  • The right to lodge a complaint with a supervisory authority.

To exercise any of these rights, please contact us using the information in Section 11. We will respond to your request in accordance with applicable law.

Opt-Out of Marketing Communications. You may opt out of marketing emails by clicking the "unsubscribe" link in any marketing email we send. Please note that you may continue to receive transactional or service-related communications.

Cookie Preferences. You can manage your cookie preferences through your browser settings or any cookie consent tool we make available on our website.

9. International Data Transfers

If you are located outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. We take appropriate steps to ensure that your information receives an adequate level of protection in the jurisdictions in which we process it.

10. Children's Privacy

The Services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete that information.

11. Contact Us

If you have any questions about this Privacy Notice or our data practices, please contact us at:

Needle: julian (at) needle.so

12. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. If we make material changes, we will notify you by updating the "Last updated" date at the top of this notice and, where required by law, by providing additional notice (such as email notification or in-app messaging). We encourage you to review this Privacy Notice periodically.