Last Updated: May 17, 2026 • Global Standard v2.5
1. Controller & Processor Roles
To understand how your data is handled, it is essential to distinguish between the two primary roles defined under global data protection laws (including GDPR and CCPA):
2. Information Architecture
We process the following categories of data to facilitate the recruitment engine:
HR administrator names, email addresses, and organizational credentials.
Resume content, professional history, and transcripts generated during screening sessions.
Handled by our Merchant of Record (MoR). We do not store full credit card details.
Processed via browser-native Web Speech APIs. We do not transmit raw audio to third-party AI voice providers.
System performance logs, IP addresses, and interaction telemetry.
3. Infrastructure & Sub-processors
We utilize high-performance, industry-standard third-party infrastructure to deliver the Service. This includes cloud hosting, database management, and large language model (LLM) inference engines.
Confidentiality of Stack: To maintain security and competitive advantage, we do not publicly list our specific infrastructure partners. However, in compliance with global regulations, a complete list of current sub-processors is available to authorized Customers upon written request.
Infrastructure Flexibility: We reserve the right to swap or migrate sub-processors at any time to maintain service levels. All partners are vetted for security standards commensurate with the data they process.
4. AI Data Usage Policy
Zero-Training Commitment:
We do NOT use Candidate resumes, personal information, or specific interview outcomes to train foundational AI models provided by our third-party infrastructure partners. Your data is used exclusively to generate the "Intelligence Quotient" and fit-score recommendations for your specific organization.
Data is processed semantically and stored in isolated vector environments to ensure that one organization’s talent data never influences the search results of another.
5. Payments & Merchant of Record
Our order process is conducted by our online reseller and Merchant of Record (MoR). The MoR handles all payment processing, global tax compliance, and related data collection.
When you make a purchase (including token top-ups), you are entering into a transaction with the MoR. Your payment information is subject to the MoR's specific privacy policy and security protocols.
6. Security & Global Transfers
We implement robust technical measures to protect data, including encryption at rest and in transit. Our **Secure Proxy Architecture** ensures that sensitive storage identifiers are never exposed to the public internet.
International Flows: Data may be processed in various global regions. By using the Service, you consent to the transfer of data across international borders as required to facilitate the AI infrastructure.
7. Data Subject Rights
Candidates seeking to exercise their rights (access, erasure, correction) should contact the HR department of the organization they applied to. As the Data Processor, we will facilitate such requests upon receiving valid instructions from the Data Controller (Our Customer).
8. Contact Information
For all privacy-related inquiries, please contact our legal operations team: