Privacy Policy

Last updated: May 18th, 2026

1. Introduction

OneTeam is an AI-powered hiring platform designed to help restaurants find, screen, and hire employees more efficiently.

This Privacy Policy explains how OneTeam AI, Inc. (“OneTeam”, “we”, “us”, “our”) collects, uses, shares, and protects personal information when you use our website, applications, and services (collectively, the “Services”).

This policy applies to:

• Restaurant owners, managers, and staff using OneTeam
• Job candidates interacting with OneTeam
• Visitors to our website

2. Who We Are

OneTeam AI, Inc. is a company incorporated in Delaware, USA, and registered at 134 N 4th St, Brooklyn, NY 11249, United States. You can reach us at support@oneteam.is.

If you are located in the European Economic Area (EEA), OneTeam is the data controller for your personal information.

When we process candidate data on behalf of a restaurant using OneTeam, that restaurant is the data controller and OneTeam acts as a data processor. In such cases, the restaurant is responsible for the handling of your application data, and you should contact that restaurant directly to exercise certain rights.

3. Information We Collect

We collect personal information directly from you, automatically through your use of the Services, and from third parties.

3.1 Information from businesses (restaurants)

When a business signs up, we may collect:

• Business name
• Location address
• Manager or owner contact details
• Hiring preferences
• Job descriptions and compensation ranges
• Communication history with candidates

3.2 Information from job candidates

When candidates apply or interact with OneTeam, we may collect:

• Name
• Phone number
• Email address
• Work history and skills
• Availability and preferences
• Location or proximity information
• Interview responses
• Resume or application materials

3.3 AI interaction data

We collect data generated through interactions with our AI features, including:

• Chat conversations
• Screening responses
• Scheduling interactions
• Notes generated during hiring processes

3.4 Technical and usage data

We automatically collect certain information, such as:

• IP address
• Device and browser type
• Pages visited
• Time spent on pages
• Cookies and similar technologies

3.5 Information from other sources

We may receive information about you from:

• Publicly available sources (such as professional profiles)
• Third-party integrations you connect to OneTeam, including Google Workspace APIs (Gmail API and Google Calendar API), and similar email or calendar providers
• Analytics or marketing partners
• Referrals or invitations from other users

We may combine this information with data you provide to improve our Services.

4. How We Use Information

We use personal information to:

Core service functions

• Match candidates with relevant job opportunities
• Screen and rank applicants using AI tools
• Schedule interviews
• Facilitate communication between candidates and businesses
• Generate hiring recommendations

Operational purposes

• Provide customer support
• Improve our platform and AI systems
• Monitor system performance and security
• Prevent fraud or misuse

Communications

• Send service-related notifications
• Send interview and offer updates
• Send marketing messages (only where permitted)

5. Legal Bases for Processing (EEA/UK Users)

If you are located in the EEA or UK, we process your personal data based on:

• Contract: To provide hiring and job-matching services
• Legitimate interests: To improve our platform, AI systems, and hiring outcomes
• Consent: For marketing communications or certain cookies

6. How AI Is Used

OneTeam uses artificial intelligence to assist with hiring processes, including:

• Matching candidates to job opportunities
• Screening and ranking applicants
• Recommending interview candidates
• Assisting with scheduling and communication

AI systems are designed to support decision-making and are not intended to make final employment decisions without human oversight. Final hiring decisions are made by the business using OneTeam.

Use of de-identified data

We may use aggregated, anonymized, or de-identified data to:

• Improve our AI systems
• Train and evaluate models
• Develop new features
• Conduct research and analytics

We do not attempt to re-identify anonymized data.

This de-identified-data use does not apply to data obtained through Google Workspace APIs. OneTeam does not use Google Workspace APIs data to develop, improve, or train generalized AI and/or ML models, even after aggregation or de-identification. See “Google User Data” below.

7. How We Share Information

We may share personal information with:

Businesses using OneTeam

• Candidate profiles are shared with restaurants for hiring purposes.

Service providers

We work with trusted third-party providers for:

• Cloud hosting
• Email delivery
• Analytics
• Calendar integrations
• Payment processing

These providers are only permitted to use data to provide services to us.

Legal and safety reasons

We may disclose information if required to:

• Comply with laws or legal processes
• Enforce our terms
• Protect rights, safety, or property

Business transfers

If OneTeam is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your personal information may be transferred as part of that transaction, subject to standard confidentiality obligations.

8. Google User Data

OneTeam integrates with Google Workspace APIs, including the Gmail API and the Google Calendar API, so that hiring managers can sync candidate-related email into OneTeam and schedule interviews on their own Google Calendar. When you connect a Google account, we request only the narrowest scopes required for these features.

Scopes we request

Google Calendar integration

• https://www.googleapis.com/auth/calendar.events — to create, view, update, and delete interview events on the connected calendar, including adding the candidate as an attendee. We do not access events that OneTeam did not create beyond what is required to avoid scheduling conflicts.
• https://www.googleapis.com/auth/userinfo.email and https://www.googleapis.com/auth/userinfo.profile — to identify the connected Google account and display the account email and name inside the OneTeam Integrations settings.

Gmail integration

• https://www.googleapis.com/auth/gmail.readonly — to read messages and their attachments from the connected mailbox, so OneTeam can surface candidate communications (such as applications, resumes, and replies) within the hiring workflow. OneTeam does not send, modify, or delete mail with this scope.
• https://www.googleapis.com/auth/userinfo.email and https://www.googleapis.com/auth/userinfo.profile — to identify the connected Gmail account and display the account email and name inside the OneTeam Integrations settings.

We will only request additional Google scopes if and when a new feature requires them, and we will update this Privacy Policy and the OAuth consent screen accordingly.

Limited Use

OneTeam’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, OneTeam:

• Uses Google user data only to provide or improve user-facing features that are prominent in the OneTeam product interface.
• Does not transfer Google user data to others except as needed to provide or improve those user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets where the acquirer is bound by equivalent restrictions.
• Does not use or transfer Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising.
• Does not allow humans to read Google user data unless we have obtained your affirmative agreement to view specific messages, it is necessary for security purposes (such as investigating abuse), it is required by law, or the data has been aggregated and is used for internal operations in compliance with applicable privacy laws.
• Does not use Google Workspace APIs data to develop, improve, or train generalized AI and/or ML models. Google user data is used solely to power the specific user-facing features described above.

Storage, retention, and deletion

OneTeam stores OAuth refresh tokens and the minimum metadata required to perform the actions you initiate (for example, identifiers of events we created on your calendar or messages we sent on your behalf). Google user data in transit is protected with TLS, and tokens at rest are encrypted.

You may disconnect your Google account at any time from Settings → Integrations. When you disconnect, OneTeam revokes its OAuth tokens and deletes cached Google user data within 30 days, except where we are legally required to retain a record (for example, audit logs of administrative actions).

Third-party sub-processors

OneTeam may rely on cloud infrastructure providers (for example, hosting and database providers) to process Google user data on our behalf, strictly to operate the Services. These providers are contractually bound to use the data only to provide services to OneTeam and to maintain appropriate security safeguards.

Questions about Google data

To ask about, access, or request deletion of Google user data processed by OneTeam, email support@oneteam.is.

9. International Data Transfers

Your information may be processed in countries outside your own, including the United States.

Where required, we use appropriate safeguards such as:

• Standard Contractual Clauses
• Other approved transfer mechanisms

10. Data Retention

We retain personal data only as long as necessary.

Typical retention periods:

• Candidate profiles: up to 24 months after last activity
• Business account data: while the account is active
• Communication records: as needed for support and legal compliance

We may retain certain data longer if required by law.

11. Your Privacy Rights

Depending on your location, you may have the right to:

• Access your personal data
• Correct inaccurate information
• Request deletion
• Restrict processing
• Object to certain uses
• Request data portability
• Object to the use of your personal data for AI improvement or analytics

To exercise your rights, contact support@oneteam.is

12. California Privacy Rights

If you are a California resident, you may have the right to:

• Know what personal information we collect
• Request deletion of your data
• Opt out of the sale or sharing of personal data (if applicable)
• Not be discriminated against for exercising your rights

We do not sell personal information as defined under California law.

13. Cookies and Tracking

We use cookies and similar technologies to:

• Keep you signed in
• Understand how the platform is used
• Improve performance

Where required by law, we display a cookie consent banner and collect consent before placing non-essential cookies. You can control cookies through your browser settings.

14. Data Security

We implement reasonable technical and organizational measures to protect personal data, including:

• Encrypted connections
• Access controls
• Secure infrastructure

However, no system is completely secure, and you are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

15. Children’s Privacy

OneTeam is not intended for individuals under 16 (or under the minimum age required by applicable law). We do not knowingly collect personal data from children.

16. Changes to This Privacy Policy

We may update this policy from time to time.

If we make significant changes, we will:

• Update the “Last updated” date
• Provide notice where required

17. Contact Us

If you have questions about this Privacy Policy or your data:

Email: support@oneteam.is
Company: OneTeam AI, Inc.
Address: 134 N 4th St, Brooklyn, NY 11249, United States