Privacy Policy

Depending on feature use, the product may process account data, login data, contact-request data, wallet and billing data, interview session data, transcripts, evaluation content, and uploaded or recorded audio.

Technical metadata may include timestamps, session identifiers, device or browser context, security and abuse-prevention signals, and application logs required for secure operation.

Possible processing purposes include account creation and authentication, session management, interview execution, evaluation generation, speech processing, email delivery, customer communication, billing and credit management, abuse prevention, and operational monitoring.

Exact legal bases per processing activity, retention periods, and role assignments must still be confirmed for the active deployment: TO BE VERIFIED.

The application uses essential cookies for secure sessions, locale handling, and storing privacy choices. Optional product analytics remains disabled until the user explicitly opts in through the consent banner or footer settings entry.

The current product baseline contains integrations for Amazon Web Services infrastructure and optional AI / speech services, as well as Cognito-based federated authentication. The exact active provider set, regions, and processing chain in production: TO BE VERIFIED.

The current codebase does not use a third-party marketing analytics SDK. The active optional analytics baseline is a first-party product-funnel signal path that only runs after consent.

Users may have rights to access, rectification, erasure, restriction, portability, objection, and complaint depending on applicable law.

The concrete rights-handling process, supervisory authority reference, retention schedule, and international-transfer wording: TO BE VERIFIED.

• Controller identity and privacy contact: TO BE VERIFIED.
• Processor inventory with active providers only: TO BE VERIFIED.
• Cookie and consent baseline: essential session / locale / consent storage plus optional consent-gated product analytics.

The privacy baseline is mainly anchored in the following provisions.

• EU: GDPR Article 13 for information provided when personal data are collected from the data subject.
• EU: GDPR Article 14 for information obligations where personal data were not obtained directly from the data subject.
• EU: GDPR Articles 15 to 21 for core data-subject rights such as access, rectification, erasure, restriction, portability, and objection.
• EU: GDPR Article 32 for security of processing.