Benchflo by Cavius Technologies
Privacy

Privacy policy.

Last updated: 2026-06-05

This is a plain-English summary of what BenchFlo collects, how it uses that data and the controls you have. The legally binding version is the one signed in your Master Service Agreement. This page is a reader's guide.

1. Who we are

BenchFlo is a product of Cavius Technologies. When you sign up, your firm becomes a “tenant”, an isolated account in our multi-tenant platform. Your data is stored in the tenant you control.

2. What we store

  • Your firm's operational data: requirements, consultants, submissions, placements, vendors, contracts.
  • PII about your consultants: names, addresses, email, phone, SSN, DOB, passport, driver's license, visa documents.
  • Authentication data: email, hashed password (bcrypt), session tokens.
  • Communication metadata: Graph message IDs, outbound email timestamps, inbox subscription state.
  • Usage telemetry: page views, API errors (aggregated). No mouse tracking, no session replay.

3. Where we store it

Primary storage is DigitalOcean Managed Postgres in the NYC3 region, United States. Object storage (resumes, generated documents) is DigitalOcean Spaces (S3-compatible) in NYC3. Everything at rest is encrypted with AES-256. PII columns (SSN, passport, driver's license) receive an additional Fernet envelope encryption.

4. How data is isolated

Every tenant-scoped row has a tenant_idcolumn. PostgreSQL row-level-security policies enforce isolation at the database layer, not just in application code. A bug in our Python layer cannot leak another firm's data.

5. Who can see your data

  • Users you've invited to your tenant (admin / recruiter / HR / rep / consultant roles).
  • BenchFlo platform admins (Cavius staff), access is logged and requires a ticketed reason.
  • Subprocessors for narrow purposes (see §7).
  • Nobody else, ever. We do not sell data. We do not train AI models on your data.

6. Third-party AI

BenchFlo uses third-party AI models for email classification, JD parsing, bench matching and resume tailoring. Text sent to AI providers is subject to their commercial data terms, specifically, it is NOT used to train their models. Your data does not leave the United States during AI calls.

7. Subprocessors

  • DigitalOcean, compute, database, object storage, Kubernetes.
  • Third-party AI provider, model inference.
  • Microsoft (Graph API), email ingestion and outbound, only with your explicit OAuth consent.
  • Infisical, encrypted secrets management.
  • Cloudflare (optional), DNS and edge TLS, no log retention of your API traffic.

8. Retention

We retain operational data as long as your tenant is active. On termination, data is exported and then deleted within 30 days unless you request longer retention (e.g., for ongoing I-9 compliance obligations). Compliance retention windows (I-9: 3 years from hire or 1 year from termination; W-4: 4 years after filing) are honoured on your behalf.

9. Your rights

  • Access: log in and see everything, any time.
  • Export: CSV export for every core entity, on request for the full set.
  • Deletion: we honour deletion requests from your admins within 7 business days.
  • Correction: every field is editable by the appropriate role.

10. Security incident reporting

If you suspect a security incident, email security@benchflo.com. We commit to initial acknowledgement within 24 hours and a public incident report (if material) within 72 hours of confirmation.

11. Contact

Questions about this policy: hello@benchflo.com.