Acceptable Use Policy · SourceHire

Conduct rules for everyone who uses SourceHire. The rules target abuse and circumvention; they don't restrict legitimate hiring, application, or review activity.

1. Overview

This Acceptable Use Policy (the “AUP”) applies to everyone who accesses or uses the SourceHire Services. It is part of our Terms of Service. Violations may result in suspension or termination of access and may be reported to law enforcement where warranted.

2. All Users

You will not:

Use the Services for any illegal purpose or in violation of any applicable law (including data protection, employment, export control, and anti-discrimination law).
Submit false, fraudulent, or impersonating information to the Services.
Upload or transmit any content that is unlawful, defamatory, obscene, harassing, threatening, or that infringes any third party's intellectual property or privacy rights.
Upload malware, ransomware, viruses, or any other malicious code.
Probe, scan, or test the vulnerability of the Services without our prior written authorization (a coordinated vulnerability disclosure framework is available; see Section 9).
Interfere with or disrupt the Services, including the servers and networks that host them.
Use any automated system (bot, scraper, crawler) to access the Services in a manner that exceeds reasonable human use, except as permitted by an authenticated API contract or our publicrobots.txt.

3. Candidates

You will not:

Submit a resume or cover letter that contains material you do not own or have permission to share.
Misrepresent your qualifications, employment history, education, or right to work.
Apply on behalf of another person without their explicit authorization, or impersonate another person.
Use the platform to send unsolicited communications to recruiters or other users.

4. Recruiters

You will not:

Use Personal Data accessible through the Services for any purpose other than evaluating Candidates for employment with your organization, contacting them about the specific job they applied to, and the operational administration of the Services.
Resell, sublicense, redistribute, or otherwise transmit Candidate Personal Data to any third party other than as necessary to evaluate the Candidate for the specific employment opportunity to which the Candidate applied.
Use any export, integration, or screen-capture mechanism to circumvent the platform's consent and scoping controls.
Contact a Candidate outside the context of a job they applied to without their separate, specific consent.
Make hiring decisions on the basis of any protected characteristic listed in Section 7.

5. Reviewers

You will not:

Unmask Candidate PII for any purpose other than legitimate review activity.
Use review-side access to Candidate data to perform Recruiter- style outreach.
Approve profiles you have not actually reviewed in good faith.

6. Admins

You will not:

Use admin-level access to perform any of the operations disclaimed in the “What we will not do” section of the Privacy Policy and Terms of Service.
Use the Migration Hub to bundle and transmit applicant data outside of an actual customer-offboarding event.
Disable or downgrade the audit-log or consent-ledger integrity-verification mechanisms.

7. No Discrimination

Operators must not use the Services in a manner that discriminates on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age (40 or older), disability, genetic information, veteran status, citizenship status (where protected), pregnancy, marital status, caregiver status, or any other characteristic protected by applicable federal, state, local, or non-United States law. The platform deliberately excludes protected-class attributes from operator exports for this reason.

8. No Circumvention

You will not attempt to evade the platform's consent re-checks, audit logging, scoping rules, masking defaults, or export limits, whether by technical means (e.g., direct database access, API fuzzing, scraping the rendered admin console) or procedural means (e.g., requesting that operators perform repetitive narrow exports to assemble a forbidden dataset).

9. Reporting Violations

To report a suspected violation of this AUP, email abuse@sourceunlimited.co. To report a security vulnerability under our coordinated disclosure program, email security@sourceunlimited.co and we will respond within five (5) business days.

10. Enforcement

We may investigate suspected violations and take any action we consider appropriate, including warning, suspension, account termination, account-wide data export to the affected user, referral to law enforcement, and pursuit of any other remedy available at law or in equity. Where the violation involves Candidate Personal Data, we will notify affected Candidates as required by Section 15 of the Privacy Policy and applicable law.

2. All Users

You will not:

Use the Services for any illegal purpose or in violation of any applicable law (including data protection, employment, export control, and anti-discrimination law).
Submit false, fraudulent, or impersonating information to the Services.
Upload or transmit any content that is unlawful, defamatory, obscene, harassing, threatening, or that infringes any third party's intellectual property or privacy rights.
Upload malware, ransomware, viruses, or any other malicious code.
Probe, scan, or test the vulnerability of the Services without our prior written authorization (a coordinated vulnerability disclosure framework is available; see Section 9).
Interfere with or disrupt the Services, including the servers and networks that host them.
Use any automated system (bot, scraper, crawler) to access the Services in a manner that exceeds reasonable human use, except as permitted by an authenticated API contract or our publicrobots.txt.

3. Candidates

You will not:

Submit a resume or cover letter that contains material you do not own or have permission to share.
Misrepresent your qualifications, employment history, education, or right to work.
Apply on behalf of another person without their explicit authorization, or impersonate another person.
Use the platform to send unsolicited communications to recruiters or other users.

4. Recruiters

You will not:

Use Personal Data accessible through the Services for any purpose other than evaluating Candidates for employment with your organization, contacting them about the specific job they applied to, and the operational administration of the Services.
Resell, sublicense, redistribute, or otherwise transmit Candidate Personal Data to any third party other than as necessary to evaluate the Candidate for the specific employment opportunity to which the Candidate applied.
Use any export, integration, or screen-capture mechanism to circumvent the platform's consent and scoping controls.
Contact a Candidate outside the context of a job they applied to without their separate, specific consent.
Make hiring decisions on the basis of any protected characteristic listed in Section 7.

6. Admins

You will not:

Use admin-level access to perform any of the operations disclaimed in the “What we will not do” section of the Privacy Policy and Terms of Service.
Use the Migration Hub to bundle and transmit applicant data outside of an actual customer-offboarding event.
Disable or downgrade the audit-log or consent-ledger integrity-verification mechanisms.

7. No Discrimination

8. No Circumvention

10. Enforcement