Legal FAQ

Frequently Asked Questions

This FAQ is written primarily for the legal, compliance, and procurement teams that evaluate Verif_Hire before it is approved for use.

Regulatory Classification

Is Verif_Hire a Consumer Reporting Agency (CRA) under the FCRA?

No. Verif_Hire does not assemble or evaluate information bearing on a consumer's credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living (15 U.S.C. § 1681a(d)(1)). Verif_Hire verifies infrastructure-level metadata, not personal information about the candidate. On that basis, Verif_Hire is not a CRA and its output is not a "consumer report."

Do we need to comply with the FCRA to use Verif_Hire?

Because Verif_Hire does not produce consumer reports, the FCRA's disclosure, authorization, and adverse-action provisions for consumer reports do not apply to the tool's output. That said, if your organization treats any third-party input as FCRA-adjacent as a matter of internal policy, Verif_Hire integrates cleanly into an existing FCRA-compliant workflow. We recommend confirming the classification with your own counsel.

Does Verif_Hire produce investigative consumer reports?

No. Investigative consumer reports, under FCRA § 1681a(e), include information gathered through personal interviews with neighbors, friends, associates, or acquaintances. Verif_Hire conducts no interviews and collects no personal information about the candidate from any source.

Is Verif_Hire an "Automated Employment Decision Tool" (AEDT) under NYC Local Law 144?

No. LL 144 regulates tools that substantially assist or replace discretionary employment decision-making through machine learning, statistical modeling, data analytics, or artificial intelligence. Verif_Hire performs deterministic metadata lookups and string matching against a public list of high-risk email domains. It does not score, rank, or predict anything about the candidate, and therefore does not meet the LL 144 definition of an AEDT.

Does Verif_Hire use AI or machine learning?

No. There is no model, no training data, no inference. Every check is a deterministic lookup that returns the same result given the same input.

Is Verif_Hire a signals intelligence tool or a decision-making tool?

Verif_Hire is purely a signals intelligence tool. It aggregates deterministic, factual observations from FCRA-compliant infrastructure data sources and presents them to the user. It uses no AI, no machine learning, no predictive models, no scoring algorithms, and no decision-making logic of any kind. It does not rank candidates, filter candidates, recommend candidates, or take any action on behalf of the user. Every hiring decision - including whether to advance, interview, reject, or further investigate a candidate - remains with the human decision-maker.

Does Verif_Hire fall under the Illinois AI Video Interview Act or similar state AI-in-hiring laws?

No. Verif_Hire does not process video, audio, interview content, or any candidate-created media. It verifies whether a phone number and email address are real and reachable.

Is Verif_Hire regulated under the EU AI Act?

The EU AI Act regulates AI systems. Verif_Hire is not an AI system under Article 3(1) of the Act because it does not infer, predict, recommend, or generate outputs using machine-based techniques. Its outputs are deterministic verifications of provided metadata.

Hiring Decisions & Adverse Action

Does Verif_Hire make hiring decisions?

No. Verif_Hire is purely an informational verification tool. It surfaces observations about whether provided contact information is reachable and consistent. Every hiring decision remains with your organization's human decision-makers.

Can a Verif_Hire result be used as the sole basis for rejecting a candidate?

We strongly recommend against that, and Verif_Hire is not designed to support it. Treat Verif_Hire output as one data point that may warrant a conversation with the candidate, not a standalone verdict.

If we decide not to advance a candidate based on Verif_Hire, does FCRA adverse action apply?

FCRA's statutory adverse-action requirements attach to consumer reports. Because Verif_Hire does not produce consumer reports, the FCRA steps are not triggered as a matter of law. As a best practice, however, we recommend following your existing adverse-action procedure regardless.

Does Verif_Hire replace a background check?

No. Verif_Hire does not pull criminal records, credit history, employment history, education verification, or reference checks. It is a narrow identity verification tool that sits upstream of any traditional background check.

Data Collection & Privacy

What candidate data does Verif_Hire process?

Verif_Hire processes the candidate's name, phone number, and email address in-flight to perform its checks. The phone number is sent to our server, which proxies the request to an FCRA-compliant infrastructure data provider for verification. The email domain is compared to a list of known high-risk email providers client-side on the user's device. The candidate's name is not transmitted to any third party.

Is any candidate data stored on Verif_Hire servers?

No. Every verification is stateless. Phone and email lookups are processed in-flight and discarded. Verification results are rendered in the user's browser extension and never written to our database. No candidate profile, dossier, or file is ever created.

Are resumes uploaded to Verif_Hire's servers?

No. The optional resume upload feature parses PDF and DOCX files entirely in the user's browser using local JavaScript libraries. The resume file never leaves the user's device.

Do you share or sell candidate data?

No. Verif_Hire does not sell candidate data and does not share it beyond the single technical lookup to the infrastructure data provider, which uses it strictly to return the verification result and does not retain it beyond request processing.

Do you use candidate data to train machine learning models?

No. Verif_Hire uses no machine learning, and candidate data is not retained to train anything.

Who are your subprocessors?

• Infrastructure data provider - FCRA-compliant metadata verification.
• Identity graph provider - identity cross-reference verification.
• Cloudflare Workers - stateless edge compute for proxying the verification request and managing license keys.
• Resend - transactional email delivery for license keys sent to the hiring user (not the candidate).
• Stripe - payment processing for the hiring user's subscription.

Candidate PII flows only through our infrastructure data provider and identity graph provider, and transiently through Cloudflare Workers (proxying). It does not flow through Resend or Stripe.

Where is Verif_Hire's infrastructure hosted?

On Cloudflare's global edge network. Because we are stateless, there is no persistent database of candidate information in any region.

Data Privacy Regulations

Does Verif_Hire comply with CCPA/CPRA?

Verif_Hire does not "sell" or "share" personal information as those terms are defined under CCPA. Candidate data is processed transiently to fulfill the verification request initiated by the hiring organization. The hiring organization remains the business responsible for providing applicable CCPA notices to its candidates.

What about GDPR?

For candidates in the EU/UK, the hiring organization is the data controller and Verif_Hire acts as a data processor for the brief moment of the verification request. Verif_Hire retains no candidate data, so there are no ongoing GDPR storage-limitation obligations on our side. We can sign a standard Data Processing Addendum on request.

Can a candidate request deletion of their data?

Because Verif_Hire does not retain candidate data, there is no stored personal information to delete. Verification outputs exist only in the user's browser extension view and are not saved to our servers.

Do you comply with state biometric privacy laws (BIPA, Texas CUBI, Washington)?

Verif_Hire does not collect, process, or store any biometric data.

EEOC, Bias, and Fair Employment

Does Verif_Hire create disparate impact risk?

Verif_Hire evaluates contact-infrastructure metadata. These attributes are not protected characteristics under federal, state, or local employment law. We are not aware of any data indicating that the metadata attributes checked by Verif_Hire correlate with a protected class. That said, we recommend you use Verif_Hire uniformly across candidates for a given role and never treat a flag as determinative.

Is Verif_Hire EEOC-compliant?

Verif_Hire itself does not evaluate protected characteristics. Compliance with EEOC guidance is a function of your overall hiring process.

Audit Trail & Documentation

Do verifications generate an audit trail?

Yes. Every verification produces a unique report ID in the format VH-XXXXXX. Your recruiters can record this ID alongside the candidate file for internal documentation. The report ID links to the observations surfaced at the time of the check.

Can our legal team review Verif_Hire's methodology?

Yes. The Compliance Guide documents data sources, the three result tiers (All Information Verified, Review Recommended, Likely Fraudulent), and the recommended workflow. We're happy to walk your team through specifics over email or a call.

Procurement & Contracting

Can Verif_Hire sign a Data Processing Agreement (DPA)?

Yes. Email admin@verif-hire.com and we'll provide our standard DPA or review yours.

Do you have a SOC 2 report or ISO 27001 certification?

Not at this time. Our architecture is designed to minimize the attack surface by holding no candidate data. We are happy to complete a security questionnaire and can speak to our security posture on request.

Do you sign a Business Associate Agreement (BAA)?

No. Verif_Hire is not designed to process Protected Health Information and does not sign BAAs. The data in scope is name, phone, and email - none of which constitutes PHI.

Who is responsible for ensuring our use of Verif_Hire complies with applicable laws?

The hiring organization is responsible for ensuring its hiring workflow - including any verification tooling - complies with applicable federal, state, and local law. Verif_Hire is a tool, not legal advice. We recommend having your legal team review our Compliance Guide before rolling out the extension to hiring teams.