Privacy Policy
The short version: Vouchr is a tool you use to prove things about yourself — not a service that investigates you. Your verification is candidate-initiated and candidate-controlled: you connect your own accounts, you see exactly what your credential says, and you choose what to share with which employer. We don't sell your data, we don't run background checks on people, and verification is always a positive signal — never a filter that screens you out.
1.Who we are
Vouchr ("we," "us," "TryVouchr") operates a portable trust credential for hiring. Candidates build and own a verified identity credential through our free iOS app. Employers and recruiters request and review those credentials through the Vouchr Recruiter Console. This policy explains what data we handle for both sides and the choices you have.
2.Our privacy principles
- Candidate-owned. Your credential belongs to you. You create it, you hold it, and you decide who sees it.
- Candidate-initiated. If you can't initiate it yourself through your own accounts and devices, Vouchr doesn't do it. We do not run checks on people behind their backs.
- A positive signal, never a filter. Verification strengthens an application; it is never used to automatically reject people who can't or choose not to verify.
- Show our work, never overclaim. Your credential states which signals are present and what each one proves. "Phone verified" never masquerades as "employer verified."
- Data minimization. We collect the least we can, keep it the shortest time we can, and process as much as possible on your device.
3.Information we handle
Verification signals you initiate
When you choose to add a signal to your credential, we process only what's needed to confirm that signal:
- Real Human (Tier 1): a government identity document via Apple Wallet / verified ID, on-device biometric and device binding, and phone verification (line-type intelligence and a one-time passcode, via Twilio). Biometric matching happens on your device — we never receive your face or fingerprint data.
- Verified Professional (Tier 2): a work-email one-time passcode and optional professional links you connect yourself (e.g., a GitHub account via OAuth).
- Deeply Verified (Tier 3): for high-stakes steps only and only at your explicit request, payroll-grade employment and income verification through a provider you connect (e.g., Argyle or Plaid). Income is shared as a range, not an exact figure.
On-device data
Parameters such as preferences and biometric keys live exclusively in your device's Secure Enclave. Vouchr employees cannot access them.
Résumé vault & document integrity
If you store a résumé or document, we keep a cryptographic hash so an employer can confirm the file they received is unmodified. We share document contents only when you choose to.
Account & usage data
For recruiter accounts we store the information needed to operate the console (name, work email, company, role, billing). We also collect non-identifying usage statistics (e.g., crash logs, feature engagement) to improve the product.
4.How verification works
Employers screen candidates on the merits first. When they decide to advance you, they request verification — they do not verify you themselves. You complete the steps you choose on your own device, review the exact credential that results, and then decide whether to share it. The employer receives the result you approve; never your raw documents.
The employer requests; you decide. This keeps your credential candidate-initiated and keeps Vouchr out of background-check territory.
5.What we do not do
- We are not a consumer reporting agency and do not provide background checks. We give people tools to prove things about themselves; we don't investigate people.
- We do not sell, rent, or trade your personal information to marketers or data brokers. Our revenue comes from employer subscriptions and verification fees.
- We do not expose your exact income, your raw identity documents, or your biometric data.
- We do not let employers use a missing verification as an automatic reason to reject you.
6.How information is shared
Your credential is shared only when you choose to share it, and only the signals you approve. We use a small set of vetted processors to deliver verification — including Apple (Wallet / identity), Twilio (phone intelligence and one-time passcodes), GitHub (OAuth, if you connect it), and, for Tier-3 only, Argyle or Plaid. Each is used solely to confirm the signal you requested and is subject to its own privacy terms.
7.Security
Data in transit is protected with AES-256 encryption. Sensitive material is processed on-device in the Secure Enclave, and credentials are cryptographically signed. We retrieve point-in-time verification snapshots only when you initiate them; we do not maintain "always-on" connections to your accounts.
8.Your rights and control
- See before you share. Review the exact credential before authorizing any disclosure.
- Erasure. Delete your local data and cached credentials at any time from app settings.
- Privacy modes. Use Passive / "ghost" mode to keep your credential private until you actively choose to surface it.
- Access & portability. Depending on where you live, you may request a copy of your data or its deletion. Contact us and we'll honor applicable rights (including under GDPR and CCPA/CPRA).
9.Children
Vouchr is intended for people aged 18 and older and is not directed to children.
10.Changes & contact
We'll post updates to this page as the product evolves and revise the effective date above. Questions about privacy? Email privacy@tryvouchr.com.
See also our Terms of Service.