Identification of Humaia AI

Humaia AI is identified by CAPE number C1168, expiring on 30/04/2025, and operates under the support structure PCE. The company is based at WeWork, 198 Av de France, 75013 Paris.

• SIRET: 423 194 307 00066
• APE: 9499Z
• Professional Liability Insurance: AXA, Client number 0693499104, Contract number 1353589504

Humaia AI can be contacted via email at: hello@humaia.ai .

Services Offered

Humaia AI provides a SaaS (Software as a Service) artificial intelligence solution ("the Platform") designed to optimize the search for suitable profiles for clients seeking to recruit ("Clients").

Information on the General Conditions

These general conditions ("General Conditions") form the sole document governing the contractual relationship between Humaia AI and the Client. They define the terms of use of the Services and the respective obligations of the parties. The General Conditions are accessible via a direct link at the bottom of the Platform's page. By checking a box on the registration form, the Client accepts the General Conditions. These may be supplemented by specific conditions, which will prevail in case of contradiction with the general conditions.

Conditions of Access to the Services

1. The Client must be a legal entity represented by an individual with the necessary authority to enter into a contract on its behalf.
2. The Client must be a professional, defined as any natural or legal person acting within the scope of their commercial, industrial, craft, liberal, or agricultural activity, including when acting on behalf of another professional.

How to Access and Subscribe to the Services

To utilize the Services, the Client may contact Humaia AI through any useful means, particularly via the contact details provided in the "Identification of Humaia AI" section. The Client will discuss their service needs, and Humaia AI reserves the right to refuse any subscription request that does not meet the conditions specified in the "Conditions of Access to the Services" section or for any other valid reason. After initial discussions, Humaia AI will send the Client an email link to subscribe to the Services online. The Client must complete the form provided through this link. Registration will result in the creation of an account in the Client's name ("Account"), enabling access to the Services with a username and password. Once the Client's Account is established, the Client can create user access ("Users") up to the number specified in the subscribed Services. The Client is responsible for creating user access, defining access rights, and ensuring appropriate use of the Platform by the Users.

Description of the Services

6.1. The Services

Before subscribing, the Client acknowledges the opportunity to review the characteristics and constraints of the Services, including technical requirements, on the Platform. The Client understands that using the Services necessitates an Internet connection, and Humaia AI is not responsible for the quality of this connection. The Services to which the Client subscribes are detailed on the Platform and include:

• Targeting Candidate Profiles: Humaia AI's Platform allows the Client to target candidate profiles that match the search criteria specified by the Client. The Client acknowledges that proposed profiles must have a LinkedIn profile. For each search, the Client must provide a job description and any other relevant information for the recruitment.
• Access to a Dashboard: The Client has access to a dashboard to create searches for candidate profiles ("Sourcing") and monitor candidate profiles proposed by Humaia AI ("Candidates") based on the criteria specified in the Sourcing. The Client can create Sourcing by entering details in natural language (English, French, or Spanish) on the Platform, uploading a PDF, or providing an HTML link with content in English, French, or Spanish.
• Access to Personalized Automated Messages: The Client can use Humaia AI-generated personalized messages to contact Candidates. The Client can contact Candidates via their LinkedIn account, which can be connected to the Platform, or by email.
• Access to Additional Information or Enriched Data: The Client may subscribe to additional options to receive estimates of a Candidate's remuneration or enriched data. Humaia AI reserves the right to offer additional Services. Any modifications to subscribed Services require a new subscription.

GDPR Compliance

Humaia AI complies with the General Data Protection Regulation (GDPR) regarding the collection, use, and retention of personal data from European Union member countries. The Client acknowledges and agrees to the following:

• Data Controller and Data Processor: Humaia AI acts as the data processor and the Client as the data controller.
• Data Processing Agreement (DPA): Humaia AI and the Client shall enter into a Data Processing Agreement outlining their respective obligations concerning data protection.
• Data Subject Rights: The Client will ensure that data subjects are informed of their rights under GDPR and facilitate the exercise of these rights in collaboration with Humaia AI.
• Security Measures: Humaia AI implements appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

CCPA Compliance

Humaia AI complies with the California Consumer Privacy Act (CCPA) regarding the collection, use, and retention of personal data from residents of California. The Client acknowledges and agrees to the following:

• Consumer Rights: Humaia AI ensures that California consumers can exercise their rights under the CCPA, including the right to know, delete, and opt-out of the sale of personal information.
• Data Collection Disclosure: Humaia AI will disclose the categories of personal information collected and the purposes for which this information is used.
• Non-Discrimination: Humaia AI will not discriminate against consumers who exercise their rights under the CCPA.

Security Standards

Humaia AI ensures compliance with recognized data security standards to protect the confidentiality, integrity, and availability of personal data. The Client acknowledges and agrees to the following:

• Encryption: All personal data processed by Humaia AI is encrypted both in transit and at rest.
• Access Controls: Humaia AI employs strict access controls to limit access to personal data to authorized personnel only.
• Security Audits: Regular security audits and assessments are conducted to identify and mitigate potential vulnerabilities.

Data Breach Notification

In the event of a data breach, Humaia AI will promptly notify the Client and, where applicable, the relevant supervisory authority and affected data subjects in accordance with GDPR, CCPA, and other applicable data protection laws. The notification will include:

• Nature of the Breach: A description of the nature of the personal data breach.
• Affected Data: Categories and approximate number of data subjects and data records affected.
• Consequences: Likely consequences of the data breach.
• Measures Taken: Measures taken or proposed to address the breach and mitigate its effects.

ARTICLE 18: List of Service Providers and Compliance

The Service Provider collaborates with several third-party service providers to deliver the services detailed in this contract. Each provider has been carefully selected for their commitment to data security and compliance with relevant regulations. Below is a personalized description of each supplier and their compliance status:

• OpenAI: OpenAI adheres strictly to all data security regulations, ensuring that all data is securely processed and stored in compliance with industry standards.
• Langchain: Langchain complies fully with data security regulations, implementing robust measures to protect the confidentiality and integrity of the data they handle.
• Stripe: Stripe, a renowned payment processor, complies with stringent data security standards, including PCI DSS, to protect sensitive financial data.
• Jitsi: Jitsi prioritizes data security, complying with relevant regulations to ensure the safe handling and transmission of data during video communications.
• Assembly AI: Assembly AI follows rigorous data security practices, ensuring compliance with industry regulations to protect data privacy and security.

These service providers have been vetted for their dedication to maintaining the highest standards of data security, ensuring that all data they process is protected according to best practices and regulatory requirements.

‍