How AI is used at Obizworks-HR
We use AI to help our recruiters surface the right candidates for the right roles. Every score and recommendation is reviewed by a human before any candidate reaches a client. Read on for exactly what AI does, what it doesn’t do, and your rights.
Last updated: 2026-05-23 · Version 1.0 · Governance program
1. What our AI does
Obizworks-HR runs AI on candidate profiles in three places:
Resume parsing
When you upload a CV, AI reads it and extracts your name, contact, skills, education, and work history into structured fields. This runs on our own servers in Pakistan — no data leaves our network for this step.
Model: Ollama qwen2.5:3b (open-weights, runs locally)
Candidate screening
When a job opens, AI compares your profile against the job description and produces a score (1–10), a verdict (recommended / maybe / not recommended), a summary, and notes on strengths and gaps. A recruiter then reviews before any candidate proceeds.
Model varies per job: Ollama (free, local) / Google Gemini / Anthropic Claude. Default is Ollama.
Anonymous summaries
If a recruiter shortlists you for a client, AI generates a name-and-contact-redacted summary for the client to review. Your identifying details stay hidden until the client confirms interest and you accept an interview.
Same model pool as screening.
2. What our AI doesn’t do
Equally important — the things AI is not permitted to do, structurally:
3. Your rights as a candidate
You can use any of these at any time, from your candidate dashboard or by emailing us. Each one has a guaranteed response window.
Right of explanation
Ask why an AI scored you the way it did. You’ll get the AI’s reasoning in plain language plus the recruiter’s perspective, within 10 business days.
Right to human review
Have a recruiter manually re-evaluate any AI decision. The new evaluation may move you back into the pipeline or confirm the original outcome — with stated reasoning. Within 10 business days.
Right of access
Download everything we hold about you — profile data, all AI scores and reasoning, every application’s history. Delivered as machine-readable JSON or CSV within 30 days.
Right to erasure
Permanently delete your account and all personal data. Aggregated AI cost / bias metrics retain anonymized references for audit purposes, but no PII remains. Within 30 days.
Right to withdraw
Remove yourself from any specific application without erasing your whole account. Withdraw from one job, stay considered for others. Immediate effect.
4. AI vendors we use
Three vendors are in active use, each governance-approved with a Data Processing Agreement on file. A fourth was experimentally configured but is paused pending governance review.
| Vendor | Used for | Region | Cost / call | Status |
|---|---|---|---|---|
| Ollama qwen2.5:3b | Parsing · Default screening | On-host (Pakistan) | $0.00 | Active |
| Google Gemini 2.0 Flash | Screening (alternate) | US (multi-region available) | ~$0.0002 | Active |
| Anthropic Claude Sonnet 4 | Screening (premium) | US | ~$0.005 | Active |
| Zhipu GLM | Screening (under review) | China | ~$0.0006 | Paused |
Recruiters choose the model per job. The default is Ollama (free, on-host); cloud models are used only when explicitly selected and confirmed.
5. Where your data goes
When AI runs against your profile, here’s exactly what travels and where:
All cloud AI traffic is HTTPS / TLS 1.3. Vendor contracts prohibit retraining on your data. Vendor-side data retention is governed by each vendor’s standard data-handling policy (Anthropic: 30 days for abuse monitoring; Google: similar; Ollama: not applicable as runs locally).
6. How long we keep AI data
Different data types have different retention windows:
| Data type | Retention | When deleted |
|---|---|---|
| Your profile + CV | While your account exists | On erasure request (30 days) |
| AI score per application | 7 years | Or sooner on erasure (anonymized to preserve audit trail) |
| AI prompt / response payloads | 7 years | Anonymized on erasure; required for right-of-explanation queries |
| Hash-chained audit log | 7 years | Never user-deletable (compliance requirement); anonymized references on erasure |
| Anonymous bias metrics | Indefinitely | No PII; retained for fairness audits |
7. How we monitor bias
AI used in hiring can produce disparate outcomes across demographic groups even without explicitly using protected attributes (race, gender, age, etc.). We monitor for this and act on it:
Quarterly bias audit
Every three months we run a four-fifths-rule analysis: are selection rates across inferred groups (e.g., gender inferred from name, age band inferred from graduation year) within 80% of the highest group? Any flag triggers a manual review.
Audit results published
Quarterly audit summaries are published on our public bias-audit page (regulatory requirement under NYC Local Law 144 if hiring for NYC roles). You can read past quarter results before applying.
Adversarial testing
Before any model change goes live, we run the same job description through a synthetic candidate set with varied implicit signals (names, locations) and verify the AI’s scoring isn’t correlated with those signals.
8. Our governance program
Obizworks-HR operates under the Obizworks AI Governance program (Azure-hosted). The program reviews and approves:
- Which AI vendors and models we can use
- What data we send to vendors and under what contractual terms
- Cost guardrails (monthly caps, per-call limits, confirm thresholds)
- Bias monitoring methodology and cadence
- Audit log retention and immutability requirements
- Candidate-rights service-level commitments (the §3 SLAs above)
- Required compliance artifacts (DPIAs, NYC LL 144 notices, EEOC documentation)
The governance program independently re-attests our compliance posture on an annual cadence. Material changes (new vendor, new model, new use case, new geography) trigger interim re-review.
9. Contact us
Questions about AI, your data, or this disclosure:
Privacy & data rights
For: erasure, access, explanation, withdrawal requests
AI Governance program
For: bias concerns, compliance questions, escalations
General questions
For: everything else
If you’re unhappy with our response to a data-rights request, you have the right to escalate to a regulatory authority. For Pakistan residents, the relevant authority depends on the data category. For EU residents, your country’s Data Protection Authority. For US residents, your state Attorney General. We can help you identify the right contact if needed.
Want to test how the AI sees you, before applying?
Create a free candidate profile →