Skip to main content
All CollectionsCo-pilot
Co-pilot: Privacy and Security
Co-pilot: Privacy and Security

We have summarised the frequently asked questions regarding the usage of the Teamtailor Co-pilot feature.

Evelina Lundmarck avatar
Written by Evelina Lundmarck
Updated over a month ago

Co-pilot is a set of features in Teamtailor, powered by OpenAI's GPT AI models, that helps you in your daily recruiting tasks.

Co-pilot is provided as an Add-on feature, meaning that only Company Admins can activate it. This is in order to facilitate an active decision-making process when beginning to use the feature, and to ensure that you at any time can disable it. When activated, the admins of your company account can decide which tasks Co-pilot should be supporting you in. Please see the full list of task specific features in our Co-pilot overview.

Now, let's provide you with answers to the questions that brought you to this article 🤗

If we use Co-pilot, will our personal data be transferred outside the EU?

Yes, OpenAI will process the personal data worldwide. We have entered into so-called Standard Contractual Clauses with OpenAI to protect the personal data in transfer.

We have also assessed the risks of transfers outside the EU when deciding to use OpenAI as our sub processor, in our so-called Transfer Impact Assessment. We can share this assessment with you if you like. Please just reach out to support@teamtailor.com or your dedicated Customer success manager.

How are you protecting the information shared when using Co-pilot?

We have reviewed OpenAI's data protection and data security measures, based on the information they provide in their Trust Portal. It states, among other things, that OpenAI operates according to a structured security program, and that their security program and controls are audited by an external party according to the SOC 2 standard.

We have chosen to only use OpenAI's API (meaning the public version of Chat GPT is not being used) to ensure that OpenAI processes all the data they receive from us as a data processor, and does not use it for any of their own purposes (e.g. training their AI models)

We have entered into an agreement with OpenAI regarding our use of their service, including a DPA that meets the GDPR’s requirements.

All communication between Teamtailor and OpenAI is encrypted with TLS v1.2.

We have ensured that there is a reasonable limitation in how long OpenAI retains the data they receive from us - they save it for 30 days, for troubleshooting purposes.

Q: Does Co-pilot support and/or have the option of human supervision?

*Open AI applies human intervention in the design and development of its models, for more information about this see https://openai.com/index/our-approach-to-alignment-research/.
Regarding human intervention when using the results of the model, it's up to each Teamtailor customer to decide to what extent they want to rely on the suggestions made by the service. In this context, we want to highlight that, as the AI-based features in Co-pilot look today, they*:

  • Do not include any automatic exclusion of applicants for a certain job

  • Are intended to be used as support for communication with candidates and for decision making in the hiring process - but are not intended to be used for actual decisions that significantly affect a candidate. A decision that significantly affects a candidate (such as whether to disqualify or hire them) is not made by the function, it’s made by the person hiring, and not solely based on these features.

What personal data will OpenAI be processing if we use Co-pilot?

OpenAI will be processing different types of personal data depending on which Co-pilot feature you decide to use. Many of them will involve both candidate- and user data.

Please be aware that Co-pilot, like all of our services, is under continuous development, and the data points shared are likely to change over time. However, please see below table to get an overview of the data shared per feature:

Co-pilot feature:

Candidate data

User data

candidate resume (in text form)

potential data that exists in the job ad

candidate ID, job applications, answers, resume text, messages, locations, reviews, notes, scores, video meeting summaries

none

name, transcribed version of the interview generated from Rev.ai

transcribed version of the interview generated from Rev.ai

name, transcribed version of the interview generated from Rev.ai

name, transcribed version of the interview generated from Rev.ai

none

potential data that exists in already existing job descriptions

name, interview information, scores, stage, reject reason, job applied for, potential data in previously sent messages

email, name and titles of all meeting attendees, potential data in previously sent messages

none

potential data that exists in the job description

none

potential data that exists in the job description

none

potential data that exists in the job description

none

none

Still having questions? Please reach out to support@teamtailor.com or your dedicated Customer Success Manager 💘

Did this answer your question?