Custom LLM for Recruitment Agencies That Keeps Candidate Data Onshore
Recruitment runs on personal information: resumes, visa and work-rights evidence, police checks, salary history, off-the-record reference notes. Every one of those is protected under the Privacy Act 1988, and pasting them into a public chatbot is a disclosure most agencies cannot justify if asked. A private LLM gives your consultants the same screening, matching and summarisation speed, running on infrastructure you control in an Australian region or your own server room, where candidate PII never leaves your jurisdiction and is never used to train someone else's model.
Why Recruiters Cannot Paste Candidate Data Into Public AI Tools
Most agency directors already sense that dropping a candidate's resume into a consumer chatbot is a bad idea, but the reason matters, because it determines what a compliant alternative has to look like. The specific problem for recruitment is that three separate exemptions other industries lean on do not apply to you.
The Employee Records Exemption Does Not Cover Candidates
The Privacy Act's employee records exemption applies to records about your own current and former employees. A job applicant is neither. Every resume, cover letter, reference note and interview transcript your agency holds about a candidate is personal information carrying the full weight of the Australian Privacy Principles. The small business exemption is unreliable here too: an organisation that discloses personal information about individuals to others for a benefit or service generally sits outside it, and that describes the core business model of almost every recruitment agency in the country, regardless of turnover.
Public Chatbots Are a Cross-Border Disclosure
Under APP 8, when you send personal information to an overseas recipient you remain accountable for how that recipient handles it, and you must first take reasonable steps to ensure they comply with the APPs. Pasting a candidate's file into an offshore consumer AI tool is a disclosure, not a private note to yourself. APP 1 compounds the problem: your privacy policy must state that you disclose information overseas and name the likely countries. Most agency privacy policies say nothing of the kind, which quietly turns a productivity shortcut into a documented gap.
Sensitive Information Raises the Bar Again
Recruitment files routinely contain what the Privacy Act defines as sensitive information: criminal history from an ACIC nationally coordinated check, health information from a pre-employment medical, and sometimes race, religion or political opinion inferred from visa status or reference material. Sensitive information generally cannot be collected without consent, and its use is far more tightly constrained than ordinary personal information. Feeding a file containing a candidate's criminal history into a public model is a materially different act from asking it to tidy up a job ad, and it is exactly the distinction a regulator notices after the fact.
What a Private LLM Actually Does Inside a Recruitment Agency
The value is not a novelty chatbot in the corner. It is the four or five tasks consultants repeat dozens of times a day, done in seconds, over your own candidate database, without any of that data leaving your control.
Resume Screening and Shortlisting
The model reads the full resume against the actual role brief rather than keyword-matching, explains why each candidate was ranked where they were, and surfaces the gaps a consultant should probe in a screening call.
- Structured extraction from PDF, DOCX and scanned resumes including tables
- Ranking against the brief with a written rationale for every placement
- Explicit flagging of gaps, tenure patterns and unexplained employment breaks
- Configurable exclusion of protected attributes and their common proxies
Candidate Matching Across Your Existing Database
Most agencies are sitting on a decade of candidate records they cannot search properly. Semantic retrieval over your own database finds the people you already know, before you pay Seek or LinkedIn to find them again.
- Natural-language search across historical resumes, notes and placements
- Re-engagement lists built from prior candidates matching a new brief
- Skills-adjacent matching that surfaces transferable rather than literal experience
- Availability, location and work-rights filters applied at retrieval time
Job Ad and Client Brief Drafting
Drafting in your agency's voice from the intake call, with language screened for the discrimination risk that sits in seemingly harmless phrasing like "young and energetic" or "recent graduate".
- Ad drafts generated from intake notes in your house tone and format
- Inclusive-language checks against age, sex, disability and race discrimination risk
- Role-brief summaries written back to the client for confirmation
- Consistent formatting across Seek, LinkedIn and your own careers site
Interview and Reference Summarisation
Screening call and reference-check notes turned into structured, comparable summaries, so the consultant is listening to the candidate instead of typing, and the client submission writes itself.
- Structured summaries mapped to the specific criteria in the brief
- Client-ready submission drafts assembled from interview and reference notes
- Consistent candidate comparison tables across a shortlist
- Reference-check notes kept in your system, never in a public tool's history
ATS and CRM Integration
The model works where your consultants already work. We integrate with the recruitment platforms used across the Australian market rather than asking your team to adopt yet another screen.
- Agency ATS and CRM integration: JobAdder, Bullhorn, Vincere, Recruit Wizard
- In-house talent platforms: PageUp, LiveHire, Workday, SuccessFactors
- Read and write via documented APIs, respecting existing user permissions
- Back-office and payroll handoff to systems such as FastTrack360 or Astute Payroll
Compliance Guardrails and Audit Trail
Because the deployment is yours, you can prove what the system did. That evidence is what turns an AI screening process from a liability into a defensible one under both privacy and anti-discrimination law.
- Full query and retrieval logging for every candidate assessment
- Role-based access control mirroring your ATS permissions
- Deletion and correction workflows that reach the vector index, not just the ATS
- Retention rules applied per record so candidate data expires when it should
How We Deploy a Private LLM for a Recruitment Agency
A recruitment deployment starts with your candidate database and your compliance obligations, not with a model. The sequence below is the engagement, typically running eight to fourteen weeks end to end.
Data and Obligation Mapping
We inventory where candidate data actually lives, classify what is sensitive information, review your existing privacy collection notice and policy, and identify which APPs bite hardest for your specific agency model.
Architecture and Sovereignty Decision
Based on your data classification, client contracts and volumes, we select Australian-region cloud or on-premises, choose the model and embedding stack, and design retrieval over your ATS so answers cite the underlying record.
Build, Integrate and Evaluate
We index your candidate corpus, wire the ATS integration, and benchmark screening output against a test set of roles your consultants have already filled, so you can see accuracy on your own placements before go-live.
Rollout, Audit and Review
The system goes live with logging, access controls and a human-in-the-loop requirement for adverse decisions. We review outcomes for drift and disparate impact, and update your privacy documentation to match what the system actually does.
Sovereignty Choices, and When Private Deployment Is the Wrong Call
Two decisions determine whether this works for your agency: where the model runs, and whether the numbers justify building anything at all. We would rather tell you no than sell you a deployment you will regret.
Australian-Region Cloud vs On-Premises
Both keep candidate data in Australia. The difference is who holds the keys, what you can prove contractually, and how the cost curve behaves as volume grows.
- Australian-region cloud (AWS Sydney or Melbourne, Azure Australia East, Google australia-southeast1) suits most agencies and needs no capital outlay
- On-premises suits agencies handling government, defence or cleared candidates where contracts mandate physical control
- Cloud gives faster deployment and elastic capacity; on-premises removes the residual third-party processor from the disclosure chain entirely
- Hybrid is common: on-premises inference for sensitive files, Australian-region cloud for job ads and public-facing content
- Whichever you choose, the model weights are yours and no candidate record is used to train an external provider's model
When a Private LLM Is Not the Right Fit
Private deployment is a real investment. For some agencies, the honest answer is a managed enterprise subscription with a proper data processing agreement, or nothing at all yet.
- A boutique agency of three to five consultants rarely generates the volume to justify the build
- If your candidate data is scattered across inboxes and spreadsheets, fix the data foundation before adding AI on top
- If your ATS has no usable API, integration cost can exceed the value of the model itself
- If nobody in the business will own the human review of adverse screening decisions, do not automate screening
- If your genuine bottleneck is client development rather than candidate throughput, AI screening solves the wrong problem
Related Private AI Resources
LLM Security and Data Privacy
The security architecture underneath a sovereign deployment: encryption, access control, audit logging and the controls that make candidate PII defensible.
Review the security model →On-Premises LLM Deployment
Hardware, sizing and operational detail for agencies whose client contracts require the model to run inside their own network.
Explore on-premises deployment →Private LLM Cost Australia
The full cost structure: implementation, infrastructure and ongoing operation, with the break-even analysis against public API spend.
See the cost breakdown →Custom LLM for Professional Services
The adjacent build for consultancies and advisory firms, where the confidential data is client engagement material rather than candidate files.
Compare the professional services build →How to Choose an LLM Provider in Australia
The evaluation framework for comparing providers on data residency, training rights, contractual terms and exit risk before you commit.
Read the evaluation framework →Open Source LLM for Business
Why open-weight models are the foundation of a genuinely private deployment, and how they compare with proprietary alternatives on quality.
Understand open-source options →Frequently Asked Questions
It is safe when the model runs on infrastructure you control and unsafe when it does not, and that distinction is the whole point. A resume is a dense package of personal information: contact details, employment history, sometimes date of birth, visa status or health disclosures. On a private deployment in an Australian region or your own server room, that file is processed inside your existing security boundary, subject to your access controls, and logged. Nothing is retained by a third party and nothing contributes to training an external model. The residual risks are the ones you already manage under APP 11: access control, encryption, retention and staff conduct. On a public consumer tool, you add an offshore recipient, an opaque retention policy and a training-rights question you cannot answer to a client or a regulator.
We are not your lawyers, but the exposure is real and specific rather than theoretical. Sending a candidate's personal information to an offshore AI provider is a cross-border disclosure engaging APP 8, which makes you accountable for that recipient's handling of the data and requires reasonable steps beforehand to ensure APP compliance. APP 1 requires your privacy policy to disclose overseas disclosure and the likely countries. APP 6 limits use to the primary purpose of collection or a related purpose the candidate would reasonably expect, and most candidates do not expect their file to be pasted into a consumer chatbot. If the file contains a police check or medical information, APP 3 consent requirements for sensitive information apply as well. The practical risk is that the gap surfaces during a client security review, a candidate access request, or a breach assessment, when it is too late to fix.
Yes. JobAdder and Bullhorn both expose documented REST APIs, and they are the two platforms we see most often in the Australian agency market. We integrate by reading candidate and job records through the API, indexing them for retrieval, and writing structured output such as screening summaries or submission drafts back onto the record so the work lives in your system of truth rather than a side tool. The same approach applies to Vincere and Recruit Wizard on the agency side, and PageUp, LiveHire, Workday and SuccessFactors for in-house talent teams. Two practical constraints matter: the integration respects your existing ATS user permissions, so a consultant cannot retrieve candidates they could not already see; and if your platform has no usable API or you are on a heavily customised legacy build, integration effort can become the dominant cost of the project. We assess that in the first stage of scoping.
For a single, well-defined use case such as resume screening on a cloud-hosted Australian deployment with one ATS integration, implementation is typically $25,000 to $60,000. A medium deployment covering two or three use cases with retrieval over your full candidate database and an integration lands in the $60,000 to $120,000 range. Infrastructure is separate and ongoing: a small model handling roughly 500,000 tokens a day runs $800 to $2,000 per month on Australian-region cloud, and a medium model at around 2 million tokens a day runs $2,500 to $6,000 per month. Managed operation covering monitoring, updates and support is $1,500 to $4,000 per month. Those are genuine ranges, not entry prices with the real number hidden behind a call. Where your agency falls depends on consultant headcount, database size and how clean your existing data is.
For most agencies, Australian-region cloud is the right answer. It keeps candidate data onshore in AWS Sydney or Melbourne, Azure Australia East, or Google australia-southeast1, satisfies the data residency question that clients actually ask in security reviews, requires no capital outlay, and scales with your volume. On-premises becomes the right answer in a narrower set of cases: when you recruit for defence, national security or cleared roles and the client contract mandates physical control of the infrastructure; when you already run your own data centre and the marginal cost is low; or when your query volume is high enough that fixed hardware beats ongoing cloud spend, which typically takes around twenty-four months to cross over. A hybrid split is common and often the most sensible outcome: sensitive candidate files processed on-premises, everything else on Australian-region cloud.
This is the risk most agencies underestimate, and it is separate from privacy. A screening model that learns from your historical placements will learn your historical biases, and it can reconstruct protected attributes from proxies: a graduation year implies age, a career gap can imply parental leave or disability, a postcode can correlate with race. Under the Fair Work Act and the federal age, sex, disability and racial discrimination Acts, plus state law such as Victoria's Equal Opportunity Act 2010, the exposure is yours regardless of what the software did. We exclude protected attributes and known proxies from the ranking inputs, require a written rationale for every ranking so decisions are reviewable, keep a human accountable for any adverse decision, and test for disparate impact across the shortlist. From December 2026, privacy policies must also disclose where personal information feeds computer programs making decisions that significantly affect individuals, so your process will need to be describable in plain English anyway.
Give Your Consultants AI Speed Without Handing Over Your Candidate Database
Talk to us about a scoping engagement for your agency: we map where your candidate data lives, size the deployment against your consultant headcount and volumes, and give you an honest answer on whether a private LLM is worth building for you. Call +61 3 9999 7398 or send us the brief.