Effective date: February 17, 2026
This Privacy Policy (the "Policy") describes how APPLYFT LTD ("Applyft", "we", "us", "our") collects and otherwise processes Personal Data in connection with the website https://applyft.co (the "Site").
This Policy also explains your rights and how to contact us.
1.1 Controller. For the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR"), Applyft is the "controller" of Personal Data processed in connection with the Site.
1.2 How to contact us. Privacy requests and questions: hello@applyft.co
1.3 Registered office/contact address. Griva Digeni, 78, 2nd floor, Flat/Office B1, Neapoli, 3101, Limassol, Cyprus.
1.5 Scope. This Policy applies when you:
1.6 Third-party sites. This Policy does not apply to third-party websites or services linked from the Site. Those parties process data under their own policies.
2.1 "Personal Data" means any information relating to an identified or identifiable natural person.
2.2 "Processing" means any operation performed on Personal Data, whether automated or not (e.g., collection, storage, use, disclosure, deletion).
2.3 "EEA" means the European Economic Area.
2.4 "Special Categories of Personal Data" means data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic/biometric data, health data, sex life/sexual orientation (as defined in Article 9 GDPR).
We process different categories of Personal Data depending on how you interact with the Site:
3.1 Communications and inquiry data: your name, email address, company/role (if provided), subject line, message content, and any attachments or other information you voluntarily provide when you contact us.
3.2 Recruitment/candidate data (if you apply through the Site): your name, email address, phone number, Linkedin profile link, CV/resume, cover letter (if applicable) and related communications.
3.3 Technical, usage, and device data (collected automatically): IP address, device identifiers, browser type and version, operating system, language, time zone, approximate location derived from IP (at city/region level), referring URLs, pages visited, clickstream, session duration, and error logs.
3.4 Cookie and similar technology data: identifiers and events collected via cookies/local storage/pixels (where implemented). See Section 9 and our Cookie Policy.
3.5 Security data: logs and metadata used to prevent fraud, detect attacks, and maintain the security and integrity of the Site and our systems (e.g., suspicious traffic patterns, rate limiting events).
Special Categories. We do not request Special Categories of Personal Data via the Site. If you choose to provide such data, we will only process it where lawful and with appropriate safeguards.
4.1 Directly from you. When you submit forms, email us, apply for a role, or otherwise communicate with us.
4.2 Automatically. Through server logs, security tooling, and (where enabled) cookies and similar technologies.
4.3 From third parties (limited). Only where relevant and lawful, such as:
We process Personal Data only where we have a lawful basis. The main purposes and bases are:
5.1 Responding to inquiries; relationship management
Purpose: to respond to your questions, provide requested information, and maintain records of correspondence.
Legal basis: Legitimate interests (Art. 6(1)(f)) - operating our business, communicating with stakeholders.
5.2 Site operation, functionality, and improvement
Purpose: to operate the Site, provide functionality, measure performance, troubleshoot issues, and improve user experience.
Legal basis: Legitimate interests (Art. 6(1)(f)); and Consent (Art. 6(1)(a)) for non-essential cookies/trackers where required.
5.3 Security, fraud prevention, and abuse monitoring
Purpose: to protect the Site and users, prevent fraud and abuse, detect and respond to security incidents, and enforce access controls.
Legal basis: Legitimate interests (Art. 6(1)(f)) and/or Legal obligation (Art. 6(1)(c)) where applicable.
5.4 Recruitment (where applicable)
Purpose: to evaluate candidates, manage interviews/assessments, make hiring decisions, and communicate outcomes.
Legal basis: Pre-contract steps (Art. 6(1)(b)) and/or Legitimate interests (Art. 6(1)(f)) - hiring and talent management; Legal obligation (Art. 6(1)(c)) - where specific record-keeping or compliance duties apply.
5.5 Compliance; legal claims
Purpose: to comply with applicable laws, respond to lawful requests, and establish/exercise/defend legal claims.
Legal basis: Legal obligation (Art. 6(1)(c)) and/or Legitimate interests (Art. 6(1)(f)).
Where we rely on legitimate interests (Art. 6(1)(f)), we consider and balance our interests against your rights and freedoms, including applying data minimisation, access controls, retention limits, and giving you the right to object.
7.1 Browsing. You can browse parts of the Site without providing direct identifiers; however, technical data (e.g., IP address) is typically processed for delivery and security.
7.2 Contacting us. If you do not provide at least an email address and message, we may be unable to respond.
7.3 Recruitment. If you do not provide necessary information, we may be unable to assess your application.
We may disclose Personal Data to:
8.1 Processors/service providers acting on our documented instructions (e.g., website hosting, cloud infrastructure, email providers, security providers, recruitment systems). We implement appropriate contractual protections, including data processing agreements where required.
8.2 Professional advisers (lawyers, auditors, accountants, insurers) where necessary for compliance and risk management.
8.3 Authorities and third parties where required by law, court order, or where necessary to protect rights, security, and integrity of systems.
We do not sell Personal Data as a business model.
9.1 Use of cookies. We may use cookies and similar technologies for essential functionality, security, and (where enabled) analytics/marketing.
9.2 Consent. Where required, non-essential cookies will be set only after you provide consent through a cookie banner/consent mechanism.
9.3 More information. Please see our Cookie Policy for details of categories, purposes, and preference controls.
10.1 Your Personal Data may be processed outside the EEA if our vendors operate internationally.
10.2 Where required, we implement appropriate safeguards such as:
11.1 We retain Personal Data no longer than necessary for the purposes described above and in accordance with applicable laws.
11.2 Retention schedule:
11.3 We may retain data longer where necessary for legal claims, compliance, audits, or dispute resolution, and will restrict access during extended retention.
We implement appropriate technical and organisational measures designed to protect Personal Data, including (where appropriate): access controls, least-privilege permissions, logging/monitoring, secure backups, vulnerability management, and incident response procedures. No security measure guarantees absolute protection.
We do not intend to make decisions based solely on automated processing (including profiling) that produce legal effects or similarly significant effects for you in connection with the Site, unless we provide notice and a lawful basis where required.
Subject to conditions and exceptions under GDPR, you have the right to:
To exercise rights, contact hello@applyft.co
You may lodge a complaint with the competent supervisory authority in Cyprus (Commissioner for Personal Data Protection) or with the authority in your EU Member State of residence/work (where applicable).
The Site is not directed to children and we do not knowingly collect Personal Data from children. If you believe a child has provided Personal Data to us, contact us so we can address it.
We may update this Policy from time to time by posting an updated version on the Site with a new Effective date. Material changes may be highlighted on the Site.
This Policy, and any dispute or claim (including non-contractual disputes/claims) arising out of or in connection with it, is governed by the laws of the Republic of Cyprus, and the courts of Cyprus shall have jurisdiction, subject to any mandatory rights available to you under applicable law.
This Cookie Policy explains how cookies and similar technologies may be used on https://applyft.co
Cookies are small text files placed on your device when you visit a website. Similar technologies include pixels, local storage, and device identifiers.
We use:
2.1 Strictly necessary cookies (essential): required to operate the Site, enable core functionality, and maintain security (e.g., load balancing, fraud prevention, request integrity).
2.2 Analytics cookies: measure traffic and usage to improve the Site.
3.1 Strictly necessary cookies may be set without consent where permitted, because they are required to provide the Site functionality you request.
3.2 All other cookies (analytics) will be set only where we have a lawful basis, where required.
4.1 Browser controls. You can block/delete cookies through your browser settings. Blocking strictly necessary cookies may cause parts of the Site to malfunction.
If we embed third-party services, those providers may set cookies and process data under their own policies. We will identify such providers in the cookie table and (where required) collect consent before setting their cookies.
We may update this Cookie Policy by posting a new version with an updated effective date.
This Cookie Policy is governed by the laws of the Republic of Cyprus and disputes shall be subject to the jurisdiction of the Cyprus courts, subject to mandatory rights under applicable law.