Data Protection Notice

Wigiwork processes personal and company information in order to:

• operate an anonymous professional network;
• verify identity, hiring authority, and business legitimacy;
• protect candidate anonymity and confidentiality;
• prevent fraud, identity abuse, and unauthorized access;
• comply with international laws and sanctions;
• maintain a secure environment for candidates and employers.

We apply strict technical, administrative, and organizational safeguards across all data processing activities.

2.1 Candidate Verification

To protect anonymous identities and prevent misuse, Wigiwork may require:

• email verification
• mobile number verification
• identity documents, where legally required or necessary for safety, compliance, or fraud-prevention purposes

Verification documents are used only for verification, safety, compliance, and fraud-prevention purposes.

Verification documents are deleted or irreversibly anonymized shortly after verification is completed, unless retention is required for legal, regulatory, fraud-prevention, audit, payment, or compliance obligations.

Wigiwork does not use identity documents for ranking, recommendations, matching, or visibility decisions.

2.2 Employer & Recruiter Verification

Employers and recruiters may be required to provide:

• business registration documents
• proof of hiring authority
• recruiter authorization documents
• agency/employer agreements
• compliance documentation

Verification ensures legitimate recruitment activity and prevents unauthorized access to candidate information.

Wigiwork applies verification processes to employers, recruiters, and organizations to confirm legitimacy and hiring authority.

However, Wigiwork does not guarantee that all users or organizations are fully verified at all times, and identity, affiliation, or representation may be misrepresented despite reasonable safeguards.

Users acknowledge that interactions with employers, recruiters, or third parties are undertaken at their own discretion and risk.

Wigiwork is not responsible for any loss, damage, or misrepresentation arising from interactions with employers or recruiters who provide inaccurate, misleading, or fraudulent information.

2.3 Trusted Third-Party Verification Providers

Wigiwork may use trusted third-party verification services to confirm identity, business legitimacy, or recruiter authorization.

Only the minimum information required is shared, and providers operate under strict confidentiality agreements.

For security reasons, Wigiwork does not disclose verification methods, criteria, provider details, or internal fraud-detection logic.

Wigiwork may rely on automated systems, third-party services, and internal review processes to assess identity, affiliation, and risk, and such processes may not detect all cases of misrepresentation or fraud.

To maintain trust, prevent conflicts of interest, and protect candidate anonymity, recruiters and staffing agencies must:

• accurately disclose all employer clients they represent;
• identify the specific hiring client for each job posting, search, or hiring action performed on Wigiwork;
• provide documentation or verification upon request.

Failure to disclose this information may result in restricted access, suspension, termination, or legal action.

4.1 Purpose-Driven Safety Measures

Wigiwork uses automated and manual processes to:

• prevent identity misuse and multi-account manipulation;
• detect suspicious or harmful behavior;
• apply geographic, risk-based, and compliance restrictions;
• protect anonymous candidate profiles;
• enforce NDA-Safe™ confidentiality rules.

These measures are essential for platform integrity and user protection.

4.2 Non-Disclosure of Detection Methods

To prevent evasion and protect system integrity, Wigiwork does not disclose:

• fraud detection methods;
• risk signals or behavioral indicators;
• model logic or assessment criteria;
• geographic or identity-evaluation techniques.

Attempting to reverse-engineer, probe, bypass, or interfere with these systems is strictly prohibited.

4.3 Legal Basis (GDPR)

Fraud-prevention and safety processing is performed under:

• GDPR Art. 6(1)(f) — legitimate interest
• UK GDPR equivalent
• and other applicable global laws

5.1 Geographic Restrictions

Wigiwork may block or restrict access from regions subject to:

• international sanctions (OFAC, EU, UK, UN)
• export-control laws
• political instability
• elevated fraud or safety risk
• regional compliance requirements

These restrictions apply to:

• users located in prohibited regions;
• users masking location via VPN/proxy;
• activity indicating access from a restricted location.

5.2 Region-Based Verification

Certain countries or regions may require additional verification before allowing access to candidate or employer tools.

The exact criteria are not disclosed for safety and compliance reasons.

5.3 Platform-Determined Location

Wigiwork may determine, adjust, or verify a user's apparent location based on information necessary for compliance, safety, or fraud prevention.
This determination may differ from the location the user provides.

Wigiwork may restrict or deny access based on its internal assessment.
Wigiwork is not required to disclose detection methods, criteria, signals, or findings used to determine location or compliance status.

Wigiwork follows strict data minimisation principles:

• Anonymous profiles by default
• Identity shown only with candidate approval
• No identity used in ranking, matching, or recommendations
• Only data required for platform operation and safety is collected
• Optional profile fields remain optional
• Sensitive data is minimized or avoided wherever possible

Wigiwork is designed to separate identity data from professional and behavioral data wherever possible to reduce exposure and maintain anonymity.

6A. WigiPic Processing

Wigiwork may allow users to upload a photo to generate a WigiPic™ avatar.
Any uploaded photo is processed once, solely for the purpose of producing the avatar, and is then permanently deleted immediately after generation and not stored, retained, or reused by Wigiwork. Wigiwork does not retain, store, analyze, or reuse uploaded photos.

WigiPics are stylized, symbolic illustrations designed for anonymity and are not intended to resemble a user's actual appearance. Wigiwork does not:

• create or store biometric identifiers,
• perform facial recognition or mapping,
• infer gender, ethnicity, age, attractiveness, or any protected trait from uploaded photos or generated avatars.

WigiPic data is used only as part of the anonymous identity layer and remains subject to all confidentiality and NDA-Safe™ protections.

7.1 Retention for Platform Operation

Data is retained only as necessary for platform operation, security, compliance, and fraud prevention.

• operate accounts
• prevent fraud
• comply with law
• support audit and reporting requirements
• maintain platform integrity

7.2 Account Deletion

Users may request account deletion at any time.

When deletion is requested:

• the account enters a 30-day deletion period;
• employer access ends immediately;
• identity access and associated permissions are removed;
• logging back in during the 30-day period may reactivate the account.

After 30 days, the account is permanently deleted or irreversibly anonymized and cannot be restored, subject to legal, regulatory, fraud-prevention, tax, payment, audit, and compliance obligations.

Identity-reset data is not restored after deletion.

7.3 Backup & Logs

Encrypted backups and system logs:

• follow lawful retention schedules;
• are not used for active processing;
• are deleted or anonymized when legally permitted.

7.4 Company Data Retention

Company Data (job posts, business documents, hiring actions) is retained only for:

• active employer accounts
• compliance requirements
• fraud prevention
• audit and financial reporting

Employers may request deletion where legally allowed.

When a candidate approves access to their profile, such access is granted to the employer organization associated with the requesting account, and not solely to the individual user initiating the request.

Access may be exercised, assigned, or transferred internally between authorized employees, recruiters, or agents of that organization for legitimate hiring and evaluation purposes.

Wigiwork is not required to notify candidates of internal reassignment or changes in the individual representative handling a profile within the same organization.

Wigiwork does not control or monitor how employer organizations manage internal access beyond enforcing platform-level permissions.

Candidates acknowledge and agree that granting access permits the employer organization, and its authorized personnel, to view approved information within the platform.

Wigi-DNA™ is an invisible, tamper-resistant digital marker applied to images and documents to:

• detect unauthorized copying or redistribution;
• enforce NDA-Safe™ confidentiality;
• support investigations of misuse.

Wigi-DNA™ does not contain personal identifiers.

Users may not attempt to alter, remove, bypass, or interfere with Wigi-DNA™ protections.

Wigiwork restricts access to personal and company data to authorized personnel involved in:

• verification
• fraud prevention
• compliance
• customer support
• operational maintenance

Internal access is logged, monitored, audited, and controlled under strict confidentiality and security obligations.

Data may be transferred or stored in:

• the United States
• the European Union
• the United Kingdom
• the UAE
• Singapore
• Canada
• Australia
• Ukraine
• India

Wigiwork uses Standard Contractual Clauses (SCCs) and equivalent safeguards for international transfers.

EU user data remains in the EU; US user data remains in the US.

Users may access their rights described in:

• Privacy Policy – Section 9
• Your Privacy Rights Notice

These rights include:

• access
• correction
• deletion
• portability
• restriction
• objection
• consent withdrawal
• opt-out (where applicable)

Requests: [email protected]

Verification may be required and requests may be limited where permitted by law or where necessary for security, fraud prevention, or compliance.

Wigiwork may restrict, suspend, or terminate access to protect confidentiality, platform integrity, user anonymity, security, and compliance with applicable laws.

• candidate anonymity
• confidentiality
• platform integrity
• safety
• compliance and legal obligations

Actions may include:

• organization-wide bans
• revocation of employer verification
• suspension of accounts
• removal of access
• preservation of evidence
• reporting to authorities where required

This Notice may be updated to reflect:

• changes in law
• platform changes
• safety or compliance improvements
• operational updates

Revisions will include a new effective date.

For data protection inquiries:

Wigiwork Inc.
Email: [email protected]
HQ: San Francisco Bay Area
Operations: Dubai
Engineering: Europe (Ukraine - Czechia)

Wigiwork processes personal data solely to operate, secure, and improve the platform and does not permit the use of personal data in a manner that would expose identity or compromise its anonymity-first design.