Last Updated: March 3, 2026

At Work In The Mitten (WITM), we handle talent data with the same level of precision expected from Michigan's industrial workforce. Our data governance framework is designed to comply with the Michigan Personal Data Privacy Act (SB 359) and other applicable federal and state statutes.

1. Data Collection & Provenance

We collect personal data directly from you via our Talent Collective onboarding interface. This includes your name, email, phone number, LinkedIn URL, industry, and regional preferences. Because we maintain a direct relationship with you, we are not a 'Data Broker' under the Michigan Data Broker Registry definitions. We collect only the data necessary to facilitate career matching.

2. Third-Party Sharing & Chain of Custody

WITM discloses specific candidate profile data to prospective employers for the purpose of matchmaking and recruitment. Once your data is shared with a third-party employer, that entity becomes an independent data controller. At that point, the employer assumes full, independent responsibility for its own compliance with privacy and data retention laws.

3. Telecommunications Consent (TCPA/10DLC)

By providing your mobile number and opting in, you provide prior express written consent to receive recurring automated promotional and informational text messages (including job alerts, scout reports, and platform updates) from WITM. Consent is not a condition of platform registration or employment. Reply STOP to cancel or revoke consent, HELP for assistance. Message frequency varies. Message and data rates may apply.

4. Consumer Rights & Statutory Opt-Outs

Under SB 359, you have the right to access, correct, delete, and obtain structured copies of your personal data. We automatically recognize and honor Global Privacy Control (GPC) signals as valid requests to opt-out of data sales and automated profiling. You can manage your preferences or request data deletion via our administrative dashboard.

5. Data Retention & Security Architecture

Your data is retained strictly for as long as is reasonably necessary to fulfill its matchmaking purpose. We utilize reasonable security measures within our SvelteKit and Appwrite Cloud infrastructure to mitigate unauthorized access and data breaches. We do not sell your contact information to unrelated third-party marketers.