Privacy Policy

Last updated: January 29, 2026

Privacy Policy

At Graduate Pathfinder, we believe that your privacy is a fundamental right. This Privacy Policy is designed to provide transparency into our data practices and help you to understand how we manage the information of our service users.

Introduction

This privacy policy applies to the Graduate Pathfinder website, and all related tools (the “Services”). By using our Services, you agree to the collection, processing and use of information in accordance with this policy.

Our Privacy Principles

We are committed to a “Privacy by Design” approach. Our core principles include

  • Data Minimisation: We only collect and utilise the data that is strictly necessary to provide our Services.

  • Purpose Limitation: We do not use your data for purposes other than those explicitly stated.

  • Proactive Protection: We take deliberate steps to reduce the use of identifiable data through anonymisation and privacy-preserving technology

Services

Graduate Pathfinder provides a curated environment for graduates to access career opportunities and professional networking. Access is granted only to those who have been vetted and invited into the community.

Data Controllers and Contracting Parties

As a Visitor or Member of our Services, the collection, use, and sharing of your personal data is subject to this Privacy Policy. Graduate Pathfinder is the controller of your personal data.

Changes To This Policy

We may modify this Privacy Policy from time to time. If we make material changes, we will provide notice through our Services or via email.

1. Data We Collect

In short: We collect data you provide, and information through the use of our service and uploaded documents, to understand your education background, work experience, skills, and career aspirations so that we can match you to relevant job opportunities. Additionally, we collect demographic data which is stored separately from your personal profile and used solely for anonymized trend analysis. Finally, we analyse service use to ensure we provide a safe, secure, and compliant system for everyone.z

1.1. Data you provide

Registration/Application: Name, email, and university details.

Profile: Optional details such as skills or work experience.

CV, Resume, Cover Letters & Uploaded Documents: Text and formatting data contained within your uploaded professional documents.

Profile Pictures: An optional image for internal identification.

Equal Opportunity Data: Optional information regarding gender, sexual orientation, religion, or ethnicity.

Professional Information: Any other data or content relevant to your professional identity and career development. This includes, but is not limited to: qualifications, certifications, endorsements, recommendations, professional memberships, and other accomplishments you choose to share.

1.2. Data from others

Educational Verification: We may receive verified information from educational institutions or third-party verification services solely to confirm your graduate status and qualifications.

1.3. Service Use

Activity Logs: We collect information about how you interact with our Services, such as the features you use, the pages you visit, and the time spent on the platform. This helps us optimize the user experience and maintain platform security.

1.4. Cookies and Similar Technologies, Pixels and Web Beacons

  • Essential Cookies: We use only essential and functional cookies required for the platform to operate.

  • Email Pixels & Link Tracking: Our communications use tracking pixels and "click-through" URLs. These allow us to see if an email has been opened and which links were clicked. We do this to improve our email content and measure engagement, so that we can send you more relevant information.

  • Referral Tracking: When you click on an external advertising link or a partner job posting in our emails, we may use tracking parameters to identify Graduate Pathfinder as the referral source. This is necessary for us to manage our professional partnerships and verify the effectiveness of the opportunities we share.

  • No Third-Party Cross-Site Profiling: We do not use these technologies to track your activity on websites unrelated to our Services or to build profiles for third-party advertising networks.

1.5. Your Device and Location

Technical Metadata: We receive data from your devices, including IP addresses, proxy servers, operating systems, web browsers, and add-ons.

Approximate Location: We use IP addresses to determine your approximate location (city/country level) to provide relevant regional job opportunities and ensure compliance with local regulations.

1.6. Communications

Interaction History: We collect data about your communications with us, including customer support requests, emails, and feedback. If you participate in interviews or surveys, we collect the responses you provide.

1.7. Other

Anti-Abuse Data: We utilize hCaptcha to prevent bot attacks. This involves the collection of hardware and software information to distinguish humans from automated scripts, processed in a privacy-preserving manner. We may also use additional tools to analyse behavior and eliminate any activities that may infringe on any of our policies.

2. How We Use Your Data

In short: We use your data for the primary aims of: (1) Matching you to relevant job opportunities; (2) Providing expert advice on professional career development; (3) Serving relevant advertising we believe you may be interested in; (4) Allowing independent recruiters and employment agencies access to your profile to match you with roles not listed on our platform; and (5) Generating anonymized data for trend analysis. Additionally, we utilize data to keep our platform secure, up-to-date, and to comply with legal retention requirements.

We may also utilise AI algorithms for data processing; however, we maintain a human-in-the-loop approach so that critical decisions are not made by AI.

2.1. Primary Purposes

  • Match you to relevant job opportunities currently listed on our platform.
  • Allow independent recruiters and agencies to view your profile for roles not yet listed.
  • Provide expert advice and tailored career development support.
  • Serve relevant advertising and career-related content.
  • Generate anonymous trend reports to help us understand the graduate market.

2.2 Recruitment Support and Career Guidance

Internal recruiters have access to your submitted data to provide direct placement support and tailored career advice based on your goals and experience.

2.3 AI and Automated Processing (Human-in-the-Loop):

In Short: We use AI to match you to the right roles faster and help you prepare for interviews. We don't let the machines make the final call; a human is always in the loop.

Data Extraction & Profiling: Our AI analyses your uploaded documents (CVs, cover letters) to extract skills, education, and achievements. This helps us identify "profile gaps" and recommend specific improvements to make you more employable.

Matching: We use algorithms to compare your profile against Job Descriptions. This "Smart Matching" is designed to filter for relevance, not to exclude you.

Assistive Tools: AI may provide suggestions for document refinement or facilitate mock interview prep. Note: AI will never write your documents for you; it is a co-pilot for your own original work.

Human-in-the-Loop Safeguards: No "solely automated" decision with a significant impact on your career (like a final rejection) is made by AI. A Graduate Pathfinder staff member or the Employer always reviews AI recommendations.

Your Rights (Article 22): You have the right to:

  • Request an explanation of any AI-assisted matching result.
  • Request human intervention if you believe an automated match or analysis was incorrect.
  • Contest the outcome of any AI-facilitated process.

2.4 Bias Prevention & Demographic Isolation

  • Demographic Isolation: Our AI matching and extraction tools have zero access to your demographic data (such as gender, ethnicity, or age). We have "Air-Gapped" this information from our AI models to ensure that matches are made purely on merit, skills, and experience.
  • Trend Analysis: Any high-level trend reports or demographic insights (e.g., "Diversity in Tech 2026") are performed using standard, non-AI algorithms on anonymized data. We do not use Artificial Intelligence to profile or predict behavior based on protected characteristics.

2.5 Communications

We use your data to contact you regarding your account, security updates, and service-related notices.

2.6 Advertising and Marketing

We use your information to serve you relevant content and advertising on our platform. We track interactions with these advertisements - including email clicks and referral data - to analyse the performance of our campaigns and to fulfill contractual obligations with our advertising partners (e.g., confirming a referral to a job board). You can opt out of marketing communications at any time.

2.7 Developing Services and Research

We use data (often anonymized) to conduct research and development for the improvement of our Services and to drive innovation in graduate recruitment.

2.8 Customer Support

We use data to investigate, respond to, and resolve your support requests and service issues.

2.9 Anonymous insights & Trend Reporting

We generate aggregate, non-identifiable insights to produce reports on the graduate job market, skill demands, and industry trends.

2.10 Security and Investigations

We use data if we think it’s necessary for security purposes or to investigate possible violations of our Terms of Service.

2.11 Data Retention

We retain your personal data while your account is in existence or as needed to provide you Services. We also retain data as required by law.

2.12. Legal Grounds for Processing

Our Legal Grounds for Processing (to stay compliant with data protection laws like GDPR):

  • Contractual Necessity: We process your name, contact info, professional details and CV because we can’t provide the matching services you signed up for without them.
  • Legitimate Interests: We analyse platform usage and serve relevant job ads to improve our service and sustain our business - provided this doesn't override your privacy rights.
  • Consent: For sensitive data (like diversity info) or marketing to non-members, we ask for your explicit "opt-in" first.
  • Legal Obligation: If any relevant body or court orders us to keep or share certain records, we have to comply.

3. Children’s Privacy

Our services are designed for university graduates, college students and adult career-changers. We do not knowingly collect data from anyone under the age of 16. If we discover we have inadvertently collected such data, we will delete it immediately.

4. How We Share Your Data

In Short: We only share your information with external parties to facilitate recruitment opportunities and provide our Services. Your professional profile is shared with: (1) External verified recruiters - who have partial access to match you with unlisted roles; and (2) Verified employers - who have restricted access to evaluate your candidacy. All external data access is bound by strict confidentiality policies. Your profile is never visible to other graduate Members of the platform.

4.1. Access Hierarchy:

Access to your profile is strictly restricted based on the following roles:

Internal GP Recruiters: As part of our organization, our internal team has full access to your professional data to provide direct support and placement services. They do not have access to your sensitive demographic/equal opportunity data.

External Verified Recruiters: Vetted third-party partners who have partial/restricted access to your profile to match you with unlisted roles.

Verified Employers: Registered third-party employers evaluating your candidacy for specific positions.

4.2. Others' Services and Related Services:

We may share your data with our affiliates to provide and improve our Services.

4.3. Service Providers:

We use third parties to help us provide our Services (e.g., maintenance, analysis, audit, payments, fraud detection, marketing, and development). They have access to your information only as reasonably necessary to perform these tasks on our behalf.

4.4. Legal Disclosures:

We may disclose information about you if required by law, subpoena, or to protect the safety and security of our Service and its members.

4.5. Change in Control or Sale:

We can also share your personal data as part of a sale, merger, or change in control.

5. Fair Hiring and Bias Prevention

In short: We take proactive steps to ensure all hiring facilitated through our platform is fair and equitable. We provide you with control over your profile picture visibility. By default, pictures are hidden from employers and external recruiters to prevent unconscious bias. Furthermore, demographic data is never made available to employers and is used only for high-level aggregate reporting.

5.1. Profile Picture Restriction

Your profile picture visibility is your choice. By default, profile pictures are only visible to internal Graduate Pathfinder recruiters for candidate recognition purposes. They are strictly hidden from external recruiters and employers to prevent bias, unless you explicitly choose to make them public.

5.2. Protected Characteristic Data

Data regarding equal opportunities (demographic data) is stored separately from your professional profile and documents. This information is never made available to employers.

5.3. Purpose of Sensitive Data

Demographic information is not directly shared. Our algorithms ingest this data to build professional trend reporting documents. This data is never shared with employers or used in individual hiring decisions; it is used purely for anonymized, aggregate reporting.

6. Reports and Trend Analysis

We use anonymized, aggregated data to create insights and public reports. Our algorithms process the information you and other users provide to produce these documents, ensuring they contain zero personally identifiable information (PII). These reports focus solely on aggregate metrics, such as sector-specific hiring volumes, emerging skill demands, and diversity trends within the graduate market, to help improve the recruitment landscape for everyone.

7. Your Choices and Obligations

7.1. Rights to Access, Correct, or Delete

You have full control over your personal data. You can access, update, or correct your information at any time through your account settings. You also have the right to request the deletion of your data.

7.2. Data Portability

You may request a copy of the professional data you have provided to us in a structured, commonly used, and machine-readable format.

7.3. Your Obligations

To maintain the integrity of our graduate community and ensure the best recruitment matches, you agree to:

  • Accuracy: Only upload and provide information that is true, accurate, and reflects your actual professional and educational status.
  • Up-to-Date Records: Promptly update your profile or uploaded documents if your contact information, employment status, or qualifications change.
  • Identity Integrity: You must maintain only one account and represent yourself truthfully. Sharing account access or misrepresenting your graduate status is a violation of our community standards.

7.4. Communication Preferences

You have the choice to opt-in or opt-out of marketing communications.

  • Pixel/Link Opt-Out: To prevent link and pixel tracking, you can disable the "auto-loading of images" in your email client or choose not to click the links within the emails.

  • Referral Data: By clicking on a partner's link (such as an external job application), you acknowledge that referral data will be processed to connect your interaction with our Service.

7.5. Interactions with Third Parties

While we vet all external recruiters and employers, you are responsible for the information you choose to share during direct interviews or external communications that occur off-platform.

7.6. Account Closure

You may close your account at any time. Upon closure, your identifiable personal data is either deleted or irreversibly anonymized within 30 days, except where we are legally required to retain certain records.

8. International Data Transfers

Graduate Pathfinder is based in the UK. However, some of our service providers may be located in other countries (like the USA). When we move your data outside the UK or European Economic Area (EEA), we ensure it gets the same level of protection by:

  • Only transferring to countries deemed "adequate" by the government.
  • Using Standard Contractual Clauses (SCCs) or the International Data Transfer Agreement (IDTA), these as "privacy-first" contracts that legally bind the receiver to protect your data.

9. Privacy-First Technology Choices

At Graduate Pathfinder, we prioritise your privacy in our technical architecture. We explicitly avoid the use of pervasive tracking suites like Google Analytics (GA4) to protect your browsing habits from third-party profiling. Instead, we utilize privacy-centric security tools like hCaptcha to protect our community from bot attacks and fraudulent activity while minimizing data collection. We continuously evaluate our technology stack to ensure it meets the highest standards of user privacy and data sovereignty.

Where we use tracking for email engagement or referral data, we do so with the minimum data necessary to verify the transaction, ensuring that your identity remains protected from broad-scale third-party profiling.

We actively minimise the services that we use, to enhance privacy. We use a small number of trusted third-party "sub-processors" to help us run the platform (e.g., our cloud hosting provider, email delivery system, and security tools). We vet every partner for their security standards and they are strictly forbidden from using your data for their own purposes.

We keep our sub-processor list as lean as possible. Our current core partners are listed below, and we will update this list whenever we make a significant change to our infrastructure.

ProviderPurposeLocation
Amazon Web ServicesSecure Cloud HostingIreland
ZohoEmail & Customer SupportEU
JetbrainsHelpdesk & Customer SupportEU
hCaptchaBot & Spam ProtectionEU

10. Our Commitment to Data Oversight

In short: We don't just trust our partners; we verify them. We hold every third party to the same "Privacy-First" standards we set for ourselves, and we reserve the right to investigate if we suspect your data isn't being treated with respect.

10.1. High Standards

Every recruiter and service provider we partner with is contractually bound to protect your data. We strictly prohibit "data hoarding" or the creation of unauthorized databases.

10.2. Power to Audit

We don't take "security" at face value. Our agreements give us the legal right to audit and investigate the data practices of our partners.

10.3. Zero Tolerance for Breaches

If we have reasonable grounds to suspect a partner has mishandled Member information, we will launch an investigation. If they are found to be in breach of our standards, their access is revoked immediately, and we will work to ensure the affected Members are informed, supported and protected.

10.4 Contractual Safeguards

Every external recruiter and employer granted access to our platform must first execute a formal Data Protection Agreement (DPA). This agreement legally mandates that they adhere to the same high standards of data security we set for ourselves, including restrictions on data retention and a total ban on further sharing your information without explicit permission.

11. How you can contact us

If you have questions regarding this Privacy Policy or our data practices, please contact our Privacy Team at:

Email: operations@graduatepathfinder.com

We aim to respond to all inquiries within 30 days.

← Back to Home