Privacy Policy

Last updated: 20/02/2026

This Policy explains how we process personal data when you use Africa (candidates and company representatives).

1. Data Controller

Juan Castillo Capital S.L.U.
Tax ID (NIF): B40550774
Calle Floresta 26, 46022 Valencia, Spain
Support: dev@talk2.africa | Legal: legal@talk2.africa | Phone: +34 692 818 856

2. What Data We Process

2.1. Candidates

• Identification and contact: name (if provided), phone number (derived from messaging), and optionally email/LinkedIn/CV.
• Application data: message content, answers, and transcripts.
• Audio: if you send voice notes, they are transcribed.
• City of residence (if provided) to assess in-person availability or other logistical requirements.
• Minimal technical metadata (e.g., date/time of interaction, internal identifiers).

2.2. Companies / Representatives

• Name, position, professional contact details, and data needed to verify representation.

3. Sensitive Data

We do not request sensitive data (health, religion, union membership, etc.). If such data appears, we try to minimize it and not use it for unnecessary purposes. However, if a user decides to share it voluntarily, it may remain in the conversation; we recommend avoiding this.

4. Purposes and Legal Bases

4.1. Managing Your Application for a Specific Job

• Purpose: to conduct the interview and prepare a transcript/summary for the company offering the position.
• Legal basis: provision of the requested service and, where applicable, consent (e.g., to share certain outputs with the company according to the flow).

4.2. Sharing Information with the Company

• Purpose: to provide the company with the transcript and/or summaries and/or suitability assessments.
• Legal basis: candidate consent (requested during the flow).

4.3. Sending You Future Opportunities (only with opt-in)

• Purpose: to send you messages about job offers that match your profile and interests.
• Legal basis: consent (opt-in), revocable at any time (e.g., by replying "delete my data" or requesting it through the same messaging channel).

4.4. Security, Fraud Prevention and Service Quality

• Purpose: to maintain security, prevent abuse, debug errors, internal metrics.
• Legal basis: legitimate interest (with minimization and proportionality measures).

5. Automated Decisions

Africa does not make automated decisions about hiring nor produce legal effects by itself. Hiring requires human intervention from the company.

6. Who We Share Data With

• With the company posting the job: transcript and/or summaries and/or suitability assessments, only if the candidate authorizes it.
• Providers ("data processors"): cloud/hosting infrastructure, messaging (WhatsApp Business Platform), analytics/security tools, and AI model providers to generate transcripts/summaries.
• Authorities: when there is a legal obligation.

7. International Transfers

Some providers may be located outside the EEA. Where applicable, we will use legal mechanisms such as Standard Contractual Clauses or other appropriate safeguards. (The specific list of providers may vary over time.)

8. Retention Periods

• Application for a specific job: up to 12 months from the closing of the offer or from your last related interaction (whichever is later), unless you request deletion earlier.
• Talent pool / future opportunities (if opt-in): indefinitely unless you withdraw your consent.
• Legal defense block: if necessary to address claims or fulfill obligations, we may retain minimal blocked information (not actively used) for up to 5 years.
• Deletion: you may request deletion at any time; if legal obligations exist, we may block the minimum necessary.

9. Individual Rights

You may exercise:

• Access, rectification, erasure, objection, restriction, portability (as applicable),
• Withdrawal of consent (without affecting the lawfulness of prior processing).

How to exercise them: by writing to legal@talk2.africa or through the same messaging channel.

10. Security

We apply reasonable technical and organizational measures: access controls, encryption in transit, access logs, data minimization, and internal policies. No system is infallible; we work to reduce risks.

11. Minors

The Service is intended for persons aged 18 and over.

12. Changes to This Policy

We may update it to reflect legal or Service changes. We will publish the last updated date.