Terms of Service

• The marketing site at the root domain, the public job board at /jobs, the per-job pages at /jobs/[slug], the apply flow at /jobs/[slug]/apply, and the candidate self-service surface at /apply/me.

• The admin console at /admin and its subroutes, accessible only to authenticated operators (Recruiter, Reviewer, or Admin) according to the role-based access controls described in Section 8.

Candidates do not create a password-protected account. A Candidate establishes a record by submitting an application and verifies access to that record via a magic link emailed to the address provided. Magic links expire after seven (7) days.

Recruiters, Reviewers, and Admins access the Services through authenticated accounts using either email magic-link authentication or password-based authentication. Operators are responsible for maintaining the confidentiality of their credentials and for all activity that occurs under their account.

The Services enforce a strict role hierarchy: viewer < recruiter < reviewer < admin. Each role inherits the abilities of the roles below it. Recruiter access to applicant records is scoped to jobs the Recruiter posted; Reviewer access extends to network-wide candidate browse with PII masking by default; Admin access extends to system configuration and customer-offboarding tooling.

You agree to notify us immediately at security@sourceunlimited.co of any suspected unauthorized access to or use of your account.

When you apply to a job, you submit: identity (name, email, optional phone); a resume file (required) and an optional cover letter; declared logistics (work authorization, salary expectations, relocation preference, work arrangement); products you regularly use and products you're learning; voice-of- candidate free-text answers; and the consent grants described in Section 7. You may also voluntarily complete a separated EEO self-identification survey on the post-apply page; this survey is isolated from all hiring surfaces (see Section 7.4).

Subject to your consents, the Services process your submitted documents and declared facts into a structured profile. Extraction may be performed by an artificial intelligence model (presently Anthropic's Claude, see Section 10) or by deterministic rules-based parsing, depending on the operator configuration and your ai_extraction consent.

Newly extracted profiles spend at least 24 hours in a review buffer before becoming visible in the network-wide talent search, unless the Customer has enabled an opt-in auto-approval rule that promotes profiles meeting a defined completeness threshold. Auto-approved profiles are visibly marked as such on operator views and remain reversible by a human reviewer.

At apply time you are presented with six discrete consent options. Each option is independent. You may grant some, all, or none. You may revoke any consent at any time. The minimum required consent is core_processing; without it the Services cannot process your application.

• core_processing (required) — store the resume and cover letter, generate a structured profile, retain for hiring review.
• ai_extraction — process documents with AI (Claude). When declined, only declared fields are surfaced; extracted profile fields stay null.
• discoverability — appear in the network-wide talent search. Without it, you are visible only to the Recruiter of any job you specifically applied to.
• sensitive_accommodations — capture and surface any accommodation needs.
• marketing — receive emails from Source Unlimited about new opportunities and platform updates. This consent does not authorize Recruiter outreach outside of jobs you have applied to, and it does not authorize sharing your data with third parties.
• professional_enrichment — enrich your profile with supplementary professional context inside the platform. This consent does not authorize sharing your enriched data outside the platform.

Each consent grant or revocation is appended to a per-Candidate cryptographic ledger. Each row carries the consent option, the granted boolean, the IP address and user agent at the time of the event, the policy version then in effect, the verbatim text shown to the Candidate at the time of the grant, and a SHA-256 hash chained to the previous row's hash. Any mutation, deletion, or reordering of ledger rows is detectable by chain verification, which the Services run on demand and continuously across the network.

You may revoke any consent at any time via your authenticated /apply/me session or by emailing privacy@sourceunlimited.co. Revocation is effective upon receipt for new processing. Revocation does not affect the lawfulness of processing carried out before the revocation. Revoking core_processing initiates erasure of your record under Section 14.

If you choose to complete the optional EEO self-identification survey, your responses are stored in a logically isolated table that does not join the talent-search query path or any Recruiter-visible operator surface. Aggregate EEO reporting is available only to Admins on a dedicated surface with a minimum cell-size of five (5) responses to prevent re-identification of small demographic groups. EEO responses are never included in any data export.

Operators may use the Services only for legitimate hiring activity. Operators must not use Personal Data accessible through the Services for any purpose other than evaluating Candidates for employment, contacting them about job opportunities for which they have applied, and the operational administration of the Services.

Recruiters may access full applicant records only for jobs they posted. Reviewers see network-wide records with PII masked by default; per-Candidate unmask is a single click and writes an entry to the Audit Log capturing the reviewer's identity, IP, user agent, and the unmask action. Admins see all records in clear with a banner noting that the elevated view is audit-logged.

Operator exports are strictly scoped. Each export type and its authorization model is documented at /admin/help/exports. Every export performs a per-row consent re-check at export time and writes an audit entry capturing the actor, IP, user agent, export type, format, and row count. Operators may not attempt to circumvent these scoping or auditing mechanisms.

Operators must comply with all applicable employment-discrimination laws including without limitation Title VII of the Civil Rights Act of 1964, the Age Discrimination in Employment Act of 1967, the Americans with Disabilities Act of 1990, the Genetic Information Nondiscrimination Act of 2008, the Uniformed Services Employment and Reemployment Rights Act of 1994, and equivalent state, local, and non-United States laws. Operators must not use the Services to make hiring decisions based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, genetic information, or any other protected characteristic.

Operators must not attempt to re-identify Candidates whose data appears in aggregate-only views, attempt to defeat the cell-suppression rules in EEO reporting, or combine data from the Services with other datasets to circumvent the platform's consent and scoping controls.

Operators must not resell, sublicense, transmit, or redistribute Personal Data obtained through the Services to any third party other than as necessary to evaluate the Candidate for the specific employment opportunity to which the Candidate applied. This obligation survives termination of an Operator's access.

We and our licensors own all intellectual property rights in the Services, including the software, the data model, the user interface, the documentation, the trademarks, and the trade dress. Except for the limited rights expressly granted by these Terms, no other rights are granted, by implication, estoppel, or otherwise.

You retain all ownership rights in the content you submit to the Services (your “Content”), including your resume, cover letter, narrative responses, and other uploaded materials. You grant us a worldwide, royalty-free, non-exclusive license to host, store, process, transmit, display, and modify your Content solely as necessary to provide the Services to you and to the Customers whose jobs you applied to, and as necessary for the internal operational purposes described in the Privacy Policy. We will not use your Content to train AI models for the benefit of third parties (Section 11).

If you submit feedback, suggestions, or ideas about the Services, you grant us a perpetual, irrevocable, royalty-free, worldwide license to use the feedback for any purpose without compensation or attribution.

Candidates may access their record at /apply/me using a magic link sent to the email on file. The page provides a record overview, an applications list, and a one-click download of the complete Article 15 access bundle as machine-readable JSON, including the full Consent Ledger with chain hashes.

To request erasure (the right under GDPR Article 17 and equivalent statutes), email privacy@sourceunlimited.co. Verified requests are recorded in the platform deletion queue and processed within thirty (30) days. Erasure cascades through the relational data model; the Consent Ledger retains a tombstone entry proving the erasure occurred but containing no recoverable Personal Data.

All other rights granted under GDPR, CCPA, and equivalent statutes — including correction, restriction of processing, objection to processing, and data portability — may be exercised via the same email address. We respond within statutory timeframes (generally one month under GDPR, forty-five days under CCPA, extendable in accordance with each statute).

We do not retaliate against any Candidate for exercising a statutory privacy right. Exercising a right does not affect your ability to apply to other jobs on the Services.

These Terms remain in effect while you use the Services or have an account. Customer subscription terms (start, renewal, cancellation) are governed by the Customer Order Form.

You may stop using the Services at any time. Candidates may request erasure under Section 14.2. Customers may terminate per their Order Form.

We may suspend or terminate access where you materially breach these Terms, where required by law, or where continued provision of the Services to you presents a documented risk to the integrity, security, or lawful operation of the Services. Where practicable we will provide notice and an opportunity to cure.

On termination, your right to access the Services ceases. Sections 7 (Consents — for the purposes of demonstrating prior lawful processing), 9 (Intellectual Property), 11 (What We Will Not Do), 14 (Data Rights), 18 (Disclaimers), 19 (Liability), 20 (Indemnification), 21 (Disputes), 22 (Governing Law), and 24 (Miscellaneous) survive termination.

If you are a Customer, you agree to defend, indemnify, and hold harmless Source Unlimited and its affiliates, officers, directors, employees, and agents from and against any claims, damages, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or related to (a) your or your Operators' use of the Services in violation of these Terms or applicable law; (b) any hiring decision made in connection with the Services; and (c) any claim that data you provided to the Services infringes the rights of any third party.

We will defend, indemnify, and hold harmless Customers from any third-party claim alleging that the Services, when used in accordance with these Terms, infringe a United States patent, copyright, or trademark of that third party, and we will pay any damages finally awarded by a court of competent jurisdiction. This obligation does not apply to claims arising from modifications to the Services made by anyone other than us, the combination of the Services with materials we did not provide, or use of the Services in violation of these Terms.

These Terms, together with the documents they incorporate by reference (Privacy Policy, Acceptable Use Policy, Cookie Policy, Arbitration Agreement, and where applicable the Data Processing Addendum and the Customer Order Form), constitute the entire agreement between you and us with respect to the Services and supersede all prior or contemporaneous agreements, proposals, and communications.

You may not assign or transfer these Terms or any rights under them without our prior written consent. We may assign these Terms without restriction, including in connection with any merger, acquisition, or sale of assets. Any attempted assignment in violation of this Section is void.

We may give notice to you by email to the address on file or by posting on the Services. You give notice to us by emailing legal@sourceunlimited.co and concurrently sending a copy by mail to: [ENTITY NAME], Attn: Legal, [BUSINESS ADDRESS].

If any provision of these Terms is held invalid or unenforceable, that provision will be modified to the minimum extent necessary to make it enforceable, or if not possible, severed, and the remaining provisions will remain in full force and effect.

No waiver of any provision of these Terms is effective unless in writing and signed by the waiving party. The failure to enforce any provision is not a waiver of that or any other provision.

Neither party is liable for failure or delay caused by events beyond its reasonable control, including acts of God, war, terrorism, civil unrest, government action, network or power failures, or natural disasters.

The parties are independent contractors. Nothing in these Terms creates a partnership, joint venture, agency, fiduciary, or employment relationship.

Section headings are for convenience and do not affect interpretation. The words “include” and “including” are not limiting.