Terms of Service

These Terms of Service (the "Terms") govern Customer's access to and use of Attia ATS, an applicant tracking and recruiting workflow platform provided by [Insert Attia legal entity] ("Attia," "we," "us," or "our").

By accepting an Order, creating an account, clicking to accept these Terms, or using the Service, Customer agrees to these Terms. The individual accepting these Terms represents that they have authority to bind the company or organization they represent ("Customer"). If the individual does not have that authority, or if Customer does not agree to these Terms, Customer must not use the Service.

These Terms are intended for business customers. Candidate-facing notices, privacy disclosures, and data processing terms are handled separately as described below. Capitalized terms have the meanings set out in these Terms.

1. The Service#

"Service" means Attia ATS, including related websites, applications, APIs, documentation, templates, support materials, and hosted functionality.

"Users" means Customer's employees, contractors, recruiters, administrators, hiring team members, and other individuals Customer authorizes to access or use the Service.

"Candidates" means job applicants, prospective applicants, referrals, or other individuals whose information is submitted to or processed through the Service in connection with recruiting or hiring.

"Customer Data" means data, content, files, records, and information submitted to or processed through the Service by or on behalf of Customer, including Candidate Data.

"Candidate Data" means personal data and recruiting records relating to Candidates, including resumes, applications, profiles, communications, interview notes, evaluations, attachments, pipeline status, and hiring workflow information.

"Account Data" means account, billing, usage, security, support, and administrative information relating to Customer and Users.

"Order" means an ordering page, order form, checkout flow, or other ordering document that references these Terms.

"DPA" means Attia's data processing addendum available at attia.app/dpa or another data processing agreement entered into by the parties.

Subject to these Terms and the applicable Order, Attia grants Customer a limited, non-exclusive, non-transferable right to access and use the Service during the subscription term for Customer's internal recruiting and hiring operations. Customer may allow Users to access the Service solely for Customer's benefit and in accordance with these Terms.

Attia may improve or modify the Service from time to time, provided that Attia will not materially reduce the core functionality of a paid subscription during the then-current subscription term.

Customer is responsible for managing Users, roles, permissions, authentication settings, and account security. Customer must promptly remove access for Users who no longer need access. Attia is not responsible for permissions configured by Customer or its Users except to the extent caused by Attia's breach of these Terms.

The Service does not provide legal, employment, recruiting, tax, or compliance advice. Customer is responsible for how it uses the Service and for decisions made through or based on the Service.

2. Customer Responsibilities for Recruiting and Hiring#

Customer is solely responsible for its job postings, recruiting practices, selection criteria, Candidate communications, interview processes, offers, rejections, retention practices, and hiring decisions.

Customer will use the Service in compliance with all laws and regulations applicable to Customer's recruiting and hiring activities. These may include employment, labor, anti-discrimination, equal employment opportunity, accessibility, disability accommodation, immigration, background-check, pay-transparency, recordkeeping, consumer-reporting, and privacy and data protection laws.

Customer will not use the Service to unlawfully discriminate against Candidates or employees, or to create, publish, or apply selection criteria that are unlawful, discriminatory, or not job-related where job-relatedness is required by law. Customer is responsible for any legally required accessibility measures, reasonable accommodations, alternative application methods, notices, and review processes.

Customer is responsible for providing any notices, obtaining any consents or authorizations, responding to Candidate requests, and maintaining any records required by applicable law. Customer must ensure that it has a lawful basis and all necessary rights to submit Candidate Data to the Service and to instruct Attia to process it.

3. Candidates and Job Postings#

Customer is responsible for the accuracy, legality, and completeness of all job postings and Candidate-facing content submitted through the Service. Customer will not post jobs or send communications that are unlawful, misleading, discriminatory, harassing, fraudulent, or infringe third-party rights.

If Candidates access Candidate-facing portions of the Service, Attia may process Candidate Data on Customer's behalf, and Customer remains responsible for its relationship with Candidates unless Attia separately states otherwise in a Candidate-facing policy.

Customer will not submit sensitive personal data to the Service unless it is reasonably necessary for Customer's lawful recruiting or hiring process and Customer has satisfied all applicable legal requirements. Sensitive personal data may include government identifiers, health or disability information, demographic information, biometric data, background-check information, immigration information, or other regulated data.

4. Data, Privacy, and Security#

As between the parties, Customer owns Customer Data. Customer grants Attia and its subprocessors a limited right to host, process, transmit, display, and use Customer Data only as necessary to provide, secure, support, and improve the Service; comply with law; prevent misuse; and as otherwise permitted by Customer, these Terms, or the DPA.

If Customer Data includes personal data that Attia processes on Customer's behalf, the DPA applies and controls for data-processing matters. The DPA should include subprocessors, international transfer terms, security measures, incident notice, deletion and return, audit rights, and assistance with data subject requests. Customer should not use the Service for production Candidate Data unless the applicable DPA and privacy disclosures have been reviewed and approved.

Attia's Privacy Policy at attia.app/privacy describes how Attia processes personal data for its own purposes, such as account administration, billing, security, support, analytics, and marketing. Customer is responsible for its own Candidate-facing privacy notices and any notices required for Customer's recruiting and hiring activities.

Attia may collect usage, diagnostic, performance, security, and operational data relating to the Service ("Service Data"). Attia may use Service Data to operate, analyze, secure, and improve the Service. Attia may use aggregated or de-identified Service Data for lawful business purposes, provided it does not identify Customer, Users, or Candidates and Attia does not attempt to re-identify de-identified data except as permitted by law for security or compliance testing.

Attia will maintain reasonable administrative, technical, and organizational safeguards designed to protect Customer Data. Customer is responsible for maintaining secure devices, networks, credentials, identity-provider settings, access controls, exports, and backups under Customer's control.

Attia will notify Customer without undue delay after becoming aware of a confirmed breach of security that compromises Customer Data, as required by the DPA or applicable law. Customer is responsible for notifying Candidates, regulators, or other third parties where Customer is legally required to do so.

Following termination or workspace deletion, Attia will make Customer Data available for export for [Confirm period], then delete or de-identify Customer Data within [Confirm period], except for backups, legal retention, security logs, dispute records, or other data Attia is permitted or required to retain. Customer is responsible for configuring retention periods and legal holds for Candidate Data where the Service offers those controls.

5. Automated Features and AI Tools#

This section applies only if the Service includes automated, algorithmic, AI-assisted, ranking, matching, parsing, recommendation, summary, screening, or similar features ("Automated Features").

Automated Features are decision-support tools only. Customer must not rely on Automated Features as the sole basis for hiring, rejection, promotion, compensation, or other employment decisions where prohibited by law or where human review is required.

Customer is responsible for evaluating whether its use of Automated Features is lawful for each role and jurisdiction, including any required notices, consents, bias audits, impact assessments, validations, accommodations, appeal rights, human review, and recordkeeping.

Attia does not warrant that Automated Features will be error-free, unbiased, or legally sufficient for Customer's specific hiring process. Customer should independently review outputs before taking action. If Attia is legally required to provide documentation or assistance relating to Automated Features, Attia will do so as required by applicable law and any applicable Order or DPA.

6. Acceptable Use and Restrictions#

Customer will not, and will not permit Users or third parties to:

• access or use the Service unlawfully or for purposes outside these Terms;
• interfere with, disrupt, overload, scan, probe, or test the Service except as expressly authorized by Attia;
• introduce malware or harmful code;
• attempt to gain unauthorized access to the Service or other customers' data;
• reverse engineer the Service except to the extent restrictions are prohibited by law;
• resell, sublicense, or make the Service available to third parties except as permitted in an Order;
• use the Service to build or benchmark a competing product, except to the extent this restriction is prohibited by law;
• submit unlawful, discriminatory, harassing, infringing, deceptive, or harmful content;
• upload sensitive personal data not reasonably necessary for recruiting or not permitted under Customer's lawful basis and instructions;
• use the Service in violation of sanctions, export-control, anti-bribery, or anti-corruption laws.

Attia may set and enforce reasonable usage limits for the Service and APIs. If Customer's use threatens the security, integrity, availability, or lawful operation of the Service, Attia may suspend access as described in Section 9.

7. Third-Party Services and Integrations#

The Service may interoperate with third-party services such as job boards, email providers, calendar providers, HRIS systems, identity providers, analytics tools, background-check vendors, assessment vendors, video interview tools, AI providers, or APIs ("Third-Party Services").

Customer chooses whether to enable Third-Party Services and is responsible for its relationship with those providers. Customer authorizes Attia to access and exchange Customer Data with enabled Third-Party Services as necessary to provide the integration.

Third-Party Services are governed by their own terms and privacy policies. Attia is not responsible for Third-Party Services, except to the extent Attia is responsible under these Terms, the DPA, or applicable law for its own acts or omissions.

8. Fees, Billing, and Taxes#

Customer will pay the fees stated in the applicable Order ("Fees"). All Fees will be paid in the currency stated in the Order or, if no currency is specified, U.S. dollars. Fees are non-cancelable and non-refundable except as expressly stated in these Terms, the Order, or required by law.

Customer authorizes Attia or its third-party payment processor ("Payment Processor") to charge Customer's selected payment method for authorized Fees, including recurring Fees where authorized by Customer through an Order. Customer must keep payment information current. Attia may make reasonable payment reattempts as permitted by law and payment-network rules.

Payment processing is subject to the Payment Processor's terms and privacy policy. Attia may correct billing errors or mistakes, even if payment has been requested or received.

Fees do not include taxes, levies, duties, or similar governmental assessments ("Taxes"). Customer is responsible for Taxes associated with its purchases, excluding taxes based on Attia's income, property, or employees. If Attia is legally required to collect Taxes, Attia may invoice Customer for those amounts unless Customer provides a valid exemption certificate.

Subscriptions renew as stated in the Order. Attia may change Fees for a renewal term by giving notice before the renewal date, unless the Order states otherwise. Customer may cancel renewal through account settings, by contacting billing@attia.app, or through another cancellation method Attia makes available. Cancellation is effective when submitted through an available cancellation method, but Customer remains responsible for Fees incurred before cancellation takes effect.

If Customer believes Attia billed Customer incorrectly, Customer must contact Attia within sixty (60) days after the first billing statement on which the issue appeared. Attia will review the dispute in good faith. Attia may suspend access to the Service for overdue undisputed amounts after reasonable notice.

9. Term and Termination#

These Terms begin when Customer first accepts them and continue while Customer uses the Service or has an active Order. Each subscription term is stated in the applicable Order. If these Terms terminate, all Orders terminate unless the parties agree otherwise.

Attia may suspend access to the Service if Customer's use creates a security, legal, operational, or availability risk; if Customer materially breaches these Terms; or if Fees are overdue. Where reasonable, Attia will provide notice, limit the suspension to the affected accounts or activity, and restore access promptly after the issue is resolved.

Either party may terminate these Terms or an Order if the other party materially breaches and does not cure within thirty (30) days after written notice. Attia may terminate immediately where required by law or where continued access would create a material security or legal risk.

Upon termination, Customer's right to use the Service ends. Customer remains responsible for Fees incurred before termination and any non-cancelable Fees stated in an Order. If Customer terminates because of Attia's uncured material breach, Attia will refund any prepaid unused Fees for the terminated portion of the subscription term.

Sections that by their nature should survive will survive, including payment obligations, confidentiality, ownership, data provisions, disclaimers, liability limits, indemnities, and general terms.

10. Ownership and Feedback#

Attia owns the Service, software, documentation, templates, know-how, designs, workflows, and related technology (collectively, "Attia Materials"). Attia retains all right, title, and interest in and to the Attia Materials, including all related intellectual property rights. No rights are granted except as expressly stated in these Terms.

Except for the rights granted to Attia in these Terms and the DPA, Customer retains all right, title, and interest in Customer Data and Customer's pre-existing materials.

Customer may provide suggestions, comments, or other feedback about the Service ("Feedback"). Attia may use Feedback without restriction, provided Attia does not identify Customer as the source without consent and does not use Customer Data or Candidate Data except as permitted by these Terms or the DPA.

11. Confidentiality#

Each party may disclose business, technical, financial, product, security, or other non-public information that reasonably should be understood to be confidential ("Confidential Information"). Attia's Confidential Information includes non-public information about the Service. Customer's Confidential Information includes Customer Data. The terms of Orders are Confidential Information of both parties.

Confidential Information does not include information that is public without breach, already known without confidentiality obligations, independently developed without use of Confidential Information, or lawfully received from a third party without confidentiality obligations.

The receiving party will protect the disclosing party's Confidential Information using at least reasonable care, use it only to perform under these Terms, and disclose it only to personnel, affiliates, contractors, advisors, and service providers who need to know it and are bound by appropriate confidentiality obligations.

The receiving party may disclose Confidential Information if required by law, provided it gives reasonable notice where legally permitted and reasonably cooperates with efforts to limit disclosure.

12. Warranties and Disclaimers#

Each party represents that it has authority to enter into these Terms.

Customer represents and warrants that it has all rights, notices, consents, lawful bases, and authorizations necessary for Attia to process Customer Data as permitted by these Terms and the DPA, and that Customer's use of the Service will comply with applicable law.

Except as expressly stated, the Service is provided "as is" and "as available." Attia disclaims implied warranties of merchantability, fitness for a particular purpose, title, and non-infringement to the maximum extent permitted by law.

Attia does not warrant that the Service will be uninterrupted, error-free, or that outputs will be complete, accurate, or sufficient for Customer's legal compliance. Some jurisdictions do not allow certain warranty disclaimers, so these disclaimers apply only to the extent permitted by law.

13. Indemnification#

Customer will defend and indemnify Attia from third-party claims arising from Customer Data, Customer's job postings or hiring decisions, Customer's unlawful use of the Service, Customer's breach of these Terms, or Customer's violation of applicable law.

Attia will defend Customer from third-party claims alleging that the Service, as provided by Attia and used according to these Terms, infringes intellectual property rights, and will pay resulting damages finally awarded or settlements approved by Attia. Attia has no obligation for claims arising from Customer Data, Third-Party Services, modifications not made by Attia, or use outside these Terms.

The indemnified party must provide prompt notice, reasonable cooperation, and control of the defense to the indemnifying party, subject to reasonable approval of settlements that impose obligations on the indemnified party.

14. Limitation of Liability#

To the maximum extent permitted by law, neither party will be liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for lost profits, lost revenues, loss of goodwill, or business interruption.

To the maximum extent permitted by law, Attia's total liability arising out of or related to the Service will not exceed the Fees paid or payable by Customer for the Service in the twelve (12) months before the event giving rise to the claim.

Nothing in these Terms limits liability that cannot legally be limited, including fraud, willful misconduct, or other non-waivable liability. [Counsel to confirm any additional carveouts for confidentiality, data security, indemnity, payment obligations, and applicable privacy or employment claims.]

15. Changes to These Terms#

Attia may update these Terms from time to time. For material changes, Attia will provide reasonable notice before the changes take effect by emailing Customer, notifying Customer through the Service, or posting the updated Terms at https://attia.app/terms. Changes will not materially reduce Customer's rights during an active paid subscription term unless required by law or necessary to address security, legal, or operational risk.

Continued use after changes take effect constitutes acceptance of the updated Terms. If Customer does not agree to material changes, Customer may stop using the Service and choose not to renew.

16. General Terms#

Attia may identify Customer and use Customer's name, logo, trademarks, or service marks on Attia.app and in marketing materials only with Customer's prior written consent.

Neither party will be liable for failure or delay caused by events beyond its reasonable control, except for payment obligations.

The parties are independent contractors. These Terms do not create an agency, partnership, joint venture, fiduciary, franchise, or employment relationship.

There are no third-party beneficiaries to these Terms, except that this does not limit any non-waivable rights Candidates, consumers, employees, or data subjects may have under applicable law.

Attia may provide notices by email, through the Service, or by posting to Attia.app. Notices to Customer will be sent to the email addresses associated with Customer's account. Legal notices to Attia must be sent to hello@attia.app and [Confirm legal notice address].

Neither party may assign these Terms without the other party's consent, except that Attia may assign these Terms in connection with a merger, acquisition, reorganization, or sale of substantially all of its assets. These Terms bind and benefit the parties and their permitted successors and assigns.

These Terms are governed by the laws of [Confirm jurisdiction], excluding conflict-of-law rules. The courts located in [Confirm venue] will have exclusive jurisdiction, except where applicable law requires otherwise. [Counsel to confirm jury trial waiver, prevailing-party fees, arbitration, class-action waiver, and consumer or employment-law limits before publication.]

If any provision is unenforceable, it will be modified to the minimum extent necessary and the remaining provisions will remain in effect. A party's failure to enforce a provision is not a waiver.

These Terms, the applicable Order, the DPA, and documents incorporated by reference are the entire agreement between Attia and Customer for the Service and supersede prior or contemporaneous agreements about the Service.