Privacy
Privacy & GDPR Policy
AGNCI processes personal data in accordance with the General Data Protection Regulation (GDPR). This policy describes what data we collect, why we collect it, and how we protect it.
Last updated: April 2026
In case of any discrepancies between this translation and the Dutch version, the Dutch version shall prevail.
1. Who are we?
AGNCI is an AI-powered recruitment platform that connects staffing agencies and employers. AGNCI is established in the Netherlands and acts as the data controller for personal data processed through the platform.
2. What data do we collect?
We process the following categories of personal data: name, business email address, telephone number, company name, job title, work experience and educational details of candidates, and technical data such as IP address and browser information. Candidate data is only processed with explicit consent or on the basis of a legitimate interest of the submitting agency.
3. What do we use your data for?
We use personal data for: providing the platform and its matching functionality, communication about our product, invoice processing, improvement of our services, and compliance with legal obligations. We never sell data to third parties.
4. Legal bases
Processing is carried out on the basis of: performance of a contract (Art. 6(1)(b) GDPR), legal obligation (Art. 6(1)(c) GDPR), legitimate interest (Art. 6(1)(f) GDPR), or explicit consent (Art. 6(1)(a) GDPR).
5. Retention period
Personal data is not retained longer than necessary. Account data is retained for the duration of the agreement plus 2 years thereafter. Financial data is retained for 7 years in accordance with fiscal retention obligations. Candidate data is deleted as soon as the submitting agency requests this, or no later than 12 months after the last activity.
6. Sharing with third parties
We only share data with sub-processors that assist us in providing the platform, such as hosting providers, email providers, and AI providers. We have entered into data processing agreements with all of these parties. Data is processed within the EU or under appropriate safeguards such as Standard Contractual Clauses.
7. Your rights
You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. You may withdraw your consent at any time. Requests can be submitted via privacy@agnci.ai. We will respond within 30 days. If you are not satisfied, you may file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
8. Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, and unauthorised access. All connections are encrypted via TLS, passwords are stored in hashed form, and access to data is restricted on a need-to-know basis.
9. Cookies and similar technologies
AGNCI only places strictly necessary (functional) cookies. These are required for the operation of the platform and fall under the exemption of Article 5(3) of the ePrivacy Directive (2002/58/EC), meaning no consent banner is required. Specifically, we place: (1) a session cookie for authentication via Supabase, so that you remain logged in, (2) a CSRF token to secure requests, and (3) a preference cookie for the selected language of the platform. We do not use tracking, advertising, or profiling cookies, nor any third-party cookies for marketing purposes. For anonymous usage statistics, we use Vercel Web Analytics, which operates entirely without cookies and does not store IP addresses or personal data. You can always delete or block cookies through your browser settings. Please note that disabling functional cookies may limit the functionality of the platform.
10. Changes
This privacy policy may be amended from time to time. The most recent version is always available on this page. In the event of substantial changes, we will inform you via email or a notification within the platform.
11. Mobile apps (iOS and Android)
AGNCI offers mobile apps for agencies and employers, distributed via the Apple App Store and Google Play among others. This privacy policy applies in full to the use of those apps and also serves as the privacy policy Apple requires under App Store Review Guideline 5.1.1. Within the app we process: (a) account data linked to your identity (name, email address, company name, job title, and candidate and vacancy data you submit yourself), (b) diagnostic data that is not linked to your identity (crash logs, app version, OS version, anonymous interaction metrics), and (c) identifiers strictly necessary for authentication and security. We do not collect the advertising identifier (IDFA), we do not engage in cross-app tracking, and we do not show the App Tracking Transparency prompt because there is nothing to track. We do not sell or share data with data brokers. These practices match what you see on our App Store Privacy Nutrition Labels.
12. Device permissions and access
The app only requests access to hardware or system features when needed for a feature you actively use, in line with Apple's principle of minimum necessary access. Specifically: (1) Push notifications (optional) for new matches, messages and operational updates; (2) Camera (optional) to upload documents or a profile picture; (3) Photo library (optional, via Apple's Limited Photos picker) for the same uploads; (4) Face ID / Touch ID (optional) for fast and secure sign-in. We do not request access to contacts, location, microphone, health data, HomeKit or Bluetooth. You can revoke any permission at any time via Settings → Privacy on your iOS device. Revoking a permission does not prevent the rest of the app from working.
13. Deleting your account from within the app
In accordance with App Store Review Guideline 5.1.1(v), you can fully delete your account and associated personal data from within the app itself, without having to contact support. The option is available under Profile → Settings → Delete account. After confirmation we delete your account data, profile information, candidate and match history, and linked sessions within 30 days. Data subject to a statutory retention obligation (such as invoices under the 7-year fiscal retention period) and anonymised analytical data may be retained longer; those data are no longer traceable to you. You may also request deletion by email at privacy@agnci.ai.
14. Age limit and children
AGNCI is a business platform for recruiters, agencies and employers and is not directed at children. You must be at least 16 years old to use an account. We do not knowingly collect personal data from children under 16. Our apps carry an App Store age rating of 17+. If you believe we have unintentionally processed data of a minor, please contact privacy@agnci.ai and we will delete the data as soon as possible.
Questions?
Please contact our Data Protection Officer at privacy@agnci.ai.