Recruiters.co
Trust & security

Built on verification, consent, and control

Split-fee recruiting involves sensitive information on every side of a deal — client relationships, candidate identities, and money. Here's how Recruiters.co protects all three.

Network verification

Every participant is verified before they can transact

Organization verification

Recruiters, agencies, and employers verify their organization before they can post job orders, submit candidates, or engage with the network.

Access control

Confidential job orders and executive searches are invite-only. Access can be granted and revoked per role, per recruiter.

Full audit trail

Views, submissions, ownership claims, and access changes on sensitive records are logged and available for review.

Field-level redaction

Sensitive fields — like candidate identity in a blind profile — are permissioned separately from the rest of a record, not just hidden in the UI.

Candidate privacy

Candidate identity is protected until engagement

Blind profiles by default

Candidates shared between recruiters are represented as blind profiles. Identity is revealed only when an employer or recruiter chooses to engage.

Explicit, scoped consent

Candidate consent is captured with a defined scope and expiration — it does not carry forward indefinitely or apply beyond what was agreed.

Duplicate detection without exposure

When two recruiters may be working the same candidate, we compare keyed hashes of identifiers to flag the conflict without revealing the other recruiter's candidate identity.

Ownership disputes go to human review

Material candidate-ownership disputes are routed to structured human review rather than resolved automatically.

Data security

Practices we design toward, end to end

These are engineering practices and commitments, not a certification — see the note on independent audits below.

Encryption in transit

We encrypt data in transit with TLS between your browser, our application, and the services it depends on.

Encryption at rest

Data is stored at rest with encryption where supported by our database and object-storage providers.

Least-privilege access

Internal access to production data is scoped by role, and platform-level admin actions are treated as a distinct, permission-gated category — not just another query.

Audit logging of sensitive actions

Role grants, verification decisions, agreement changes, and every payment or payout state transition are written to an append-only audit log.

Tenant isolation

Every data-access path applies organization scoping from your verified session — never from a client-supplied ID — so one organization's data stays separated from another's.

Upload scanning workflow

Resumes, agreements, and other uploaded files are designed to move through a malware-scanning step before they're made available to another party.

Payments

Money moves through a reconciled ledger

Invoicing, split allocations, guarantee reserves, and payouts are recorded in an immutable financial ledger. Split allocations are locked to the signed agreement before funds move, and refunds or disputes follow the same recorded process.

Card data is handled entirely by Stripe, a PCI-DSS Level 1 service provider — Recruiters.co never stores full card numbers. Payouts to recruiters, agencies, and other marketplace participants move through Stripe Connect, with each recipient organization separately onboarded and subject to Stripe's own verification requirements.

Card data handled by Stripe

PCI-DSS Level 1 service provider

Payouts via Stripe Connect

Multi-party transfers, idempotent

Guarantee reserves held

Released per guarantee terms

Every transaction logged

Immutable financial ledger

Platform integrity

Guardrails around every transaction

Rate limiting

Automated abuse of marketplace endpoints — scraping, bulk submissions, credential stuffing — is throttled at the platform level.

Idempotent webhooks

Payment and third-party webhook events (Stripe and others) are deduplicated and processed idempotently, so a retried delivery can't double-charge or double-post a transaction.

Reconciliation, not silent correction

Ledger and payout state is checked against the payment provider on a recurring basis; discrepancies are surfaced for review rather than corrected silently.

Reliability

Infrastructure built to stay up and stay correct

Managed hosting

The application runs on managed infrastructure with a defined deployment process, rather than hand-maintained servers.

Backups

The production database is backed up on a recurring schedule as part of our operational baseline.

Monitoring & error tracking

Application errors and service health are tracked so issues can be identified and addressed quickly.

Responsible disclosure

Found a security issue? Tell us.

If you believe you've found a security vulnerability in Recruiters.co, please report it to [email protected] with enough detail to reproduce the issue. Please give us a reasonable opportunity to investigate and address a report before any public disclosure, avoid accessing or modifying data beyond what's necessary to demonstrate the issue, and avoid testing against real user or candidate data where a safe alternative exists. We will acknowledge good-faith reports and do not pursue legal action against researchers who follow these guidelines.

The practices on this page describe our engineering approach and commitments. Recruiters.co does not currently hold SOC 2, ISO 27001, PCI-DSS, HIPAA, or similar third-party certifications, and this page is not a compliance attestation. Card processing is handled by Stripe, which is independently PCI-DSS Level 1 certified as a payment service provider.

Read more

Our commitments in writing

These pages define our specific commitments to recruiters, employers, and candidates, including which categories of subprocessors we use to run the Service.

Questions about how we handle your data?

Reach out and we'll walk you through it directly.