Taltas is designed to help you comply with the General Data Protection Regulation.
When you use Taltas to evaluate candidates, you are the data controller. You determine the purposes and means of processing candidate data. Taltas acts as a data processor, processing candidate data only on your instructions. We have a Data Processing Agreement (DPA) available for all customers. Enterprise customers can request a signed DPA from their account manager.
Taltas supports two lawful bases for candidate data processing: legitimate interests (evaluating candidates for a role they applied to) and consent (where you configure Explorer Agents to obtain explicit consent at the start of screening conversations). We recommend documenting your chosen basis.
The Taltas platform includes tools to help you respond to data subject requests. From the Candidates dashboard, you can export all data held on a candidate (Article 20), delete a candidate record (Article 17), or view and correct stored information (Article 16).
Taltas processes data in the EU (AWS eu-west-1) and the US (AWS us-east-1). Cross-border transfers are covered by Standard Contractual Clauses. EU customers can request EU-only data residency (Enterprise plan).
To request a Data Processing Agreement or reach our DPO: dpo@taltas.ai Taltas Inc., 340 Pine Street, San Francisco, CA 94104