Privacy Policy

• Identifiers — legal name, email address, residential city/state, account ID, IP address, and device identifiers.
• Professional and Employment Information — prior employer name(s), job title(s), employment dates, departure status (RIF, voluntary, involuntary), and the contact information of any verifying Manager.
• Performance Evaluation Information — Manager Attestation ratings and commentary, HRIS-derived performance scores, milestone descriptions, and tenure metadata.
• Identity Verification Information — government-issued photo identification and selfie/biometric template, collected and processed by Didit, our identity verification partner. Layover does not retain biometric data; see § 3.
• Document Hashes — SHA-256 cryptographic hashes of uploaded employment documents. Raw documents are not retained; see § 2.
• Payment Information — payment card details, billing address, and transaction records, collected and processed directly by Stripe. Layover does not store payment card numbers.
• Usage Information — pages visited, features used, timestamps, error logs, and rate-limit signals.

Personal information is collected from: (a) the Candidate, (b) the verifying Manager, (c) the Recruiter, (d) third-party identity verification (Didit), and (e) automated system logs.

The system verifies the document, logs the mathematical proof via SHA-256 hash into our Cryptographic Ledger, and immediately burns the raw files.

We do not retain, host, or store raw, unredacted personnel files on our servers. The mint is the moment original documents leave Layover’s infrastructure.

• Layover utilizes the Didit API to conduct KYC/AML Document and Selfie Verification.
• Layover does not store biometric data locally; identity authentication is handled securely via Didit webhooks post-Stripe checkout. Refer to Didit’s privacy policy for their retention practices.

If a Candidate engages “Private Flight” or Stealth Mode, Layover blurs visual assets and replaces the candidate’s legal name with a mathematically generated Passenger Alias (e.g., CLR-X79BQ). All public routing utilizes an anonymous UUID stealth_token to defend against Open Source Intelligence (OSINT) reverse-searching.

Verified Corporate Recruiters utilizing the Private Flight protocol will have their specific name and LinkedIn profile masked behind a generic “Verified Corporate Recruiter” alias during initial outreach.

A Candidate’s unredacted Verified Performance Record is only unsealed and disclosed to a Recruiter upon (a) explicit authorization from the Candidate (Manual Clearance), or (b) the Candidate’s pre-authorized settings triggering a secure decryption event (Auto-Clearance).

As defined under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), Layover does not sell personal information and does not share personal information for cross-context behavioral advertising.

• Right to Access — you may request a copy of the personal information Layover holds about you.
• Right to Deletion — you may request deletion of your personal information, subject to the legal-records retention obligations described in the Retention Schedule.
• Right to Correction — you may request correction of inaccurate personal information.
• Right to Portability — you may request a machine-readable copy of your personal information for transfer to another service.
• Right to Non-Discrimination — Layover will not deny services, charge different prices, or provide a different level of quality because you exercised any of these rights.

• sb-* — Supabase Auth session cookies. HttpOnly, Secure, SameSite=Lax. Used to maintain authenticated sessions across requests.
• Stripe Checkout cookies — set directly by Stripe during the checkout flow; subject to Stripe’s privacy policy.
• Sentry session identifiers — browser-side, used to thread error events to a single user session.

Layover does not currently use analytics, advertising, or social-media tracking cookies. Any future addition of such cookies will require an updated Cookie Policy and, where applicable, user consent.