Website Logo Train for Job-Specific Interviews Train for Competency-Based Interviews New: Train for World Bank YPP Interview Sign Up

Privacy Policy

Introduction

At TrueInterviewAI, we provide a platform for individuals to practice and improve their job interview skills through AI-driven feedback. We understand the importance of privacy and are committed to protecting the personal data of our users. This Data Protection Policy outlines our practices concerning the collection, use, and protection of your data. We are dedicated to ensuring that your privacy is safeguarded and that any information you provide to us is handled in accordance with this policy.

Scope and Consent

This policy applies to all personal data collected through our website and services, including data collected via "Sign In with Google." By using our service, you consent to the collection, processing, and use of your data as described in this policy. This consent includes the understanding that we will use your data to provide and improve our services, ensure compliance with applicable laws, and enhance your user experience. If you do not agree with the terms of this policy, please do not use our services.

Data Collection and Use

What Data We Collect:

  • Audio Recordings: We receive audio recordings you make using our service. Video recordings are stored only on the client browser. When getting AI feedback, the user's recorded video is not uploaded. The video is solely for the user's better experience and ability to watch it before getting AI feedback. Only the audio components are uploaded to our server. Just after transcription is finished, the audio component is immediately deleted.
  • Transcriptions: We automatically transcribe these recordings and analyze the text to provide AI-driven feedback. The transcriptions help us generate personalized insights and recommendations to improve your interview skills.
  • Personal Information: We collect basic personal information for account setup and communication purposes. This may include your name, email address, and other contact details necessary to create and manage your account.
  • Google Profile Information: When you use "Sign In with Google," we collect information from your Google account, such as your name, email address, and profile picture, to facilitate account creation and personalization of your experience.
  • Usage Data: We collect information on how you interact with our services. This includes data on your usage patterns, the features you use, your answer scores and transcripts, and the actions you take while using our platform. This helps us understand user behavior, improve our current services accordingly, and provide new services based on the data to all users.

How We Use Your Data:

  • Providing Feedback: Your audio recordings and transcriptions are used to generate and offer personalized feedback. This feedback is designed to help you identify areas for improvement and develop your interview skills more effectively.
  • Improvement of Services: We analyze data in aggregate to improve our algorithms and enhance our services. By understanding common trends and patterns, we can continuously refine our models and provide more accurate and helpful feedback.
  • Communication: We use your personal information, including data from "Sign In with Google," to communicate with you about your account, provide customer support, and send you updates about our services. This ensures that you are always informed about important changes and can receive assistance when needed.
  • Security and Compliance: We use data to ensure the security of our services and comply with legal obligations. This includes monitoring for suspicious activity, preventing fraud, and ensuring that our practices meet regulatory requirements.

Data Sharing and Disclosure

We do not share your personal data with third parties, except as necessary to provide our services or when required by law. Any third-party processors we use will be bound by strict data protection agreements. These agreements ensure that your data is handled with the same level of care and protection that we provide. We only share information with trusted partners who assist us in operating our website, conducting our business, or providing services to you, and only when they agree to keep this information confidential.

In addition, we may share your data under the following circumstances:

  • Business Transfers: In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal data may be transferred as part of that transaction. We will ensure that the new entity follows this privacy policy or provides you with notice of any changes.
  • Legal Requirements: We may disclose your personal data to comply with applicable laws, regulations, legal processes, or government requests. This includes responding to court orders, subpoenas, or other legal requests and protecting our rights, property, and safety, as well as the rights, property, and safety of our users and the public.
  • Protection of Rights: We may share your data to enforce our terms of service, investigate potential violations, and detect, prevent, or address fraud, security, or technical issues. This helps us maintain the integrity and security of our services.

Data Security

We implement robust security measures to protect your data. We are committed to safeguarding your data against unauthorized access, alteration, disclosure, or destruction. Our security practices include encryption of sensitive data, regular security audits, and adherence to best practices for data protection.

Our security measures include:

  • Security Measures: We implement various security measures such as CSRF protection to prevent unauthorized actions and password hashing to securely store your passwords. We also use verification codes with expiration to ensure the validity of actions and robust Content Security Policy (CSP) measures to protect against a wide range of attacks, including cross-site scripting (XSS) and data injection.
  • Access Controls: We implement strict access controls to ensure that only authorized personnel have access to your data. This includes role-based access controls, multi-factor authentication, and regular access reviews.
  • Monitoring and Auditing: We regularly monitor our systems for security vulnerabilities and conduct security audits to identify and address potential risks. This helps us maintain the security and integrity of our services.

Data Retention and Deletion

Your data is retained only as long as necessary to provide you with our services or as required by law. You may request the deletion of your data at any time, and we will promptly remove your personal information and delete all associated content securely. However, your registration email will be retained in our database to prevent multiple registrations from the same email address and to prevent unfair benefit from the free trial offered to first-time users. We have implemented procedures to ensure that data is securely deleted when it is no longer needed, minimizing the risk of unauthorized access or misuse.

Our data retention and deletion practices include:

  • Data Minimization: We only collect and retain the minimum amount of data necessary to provide our services and fulfill our legal obligations. This helps reduce the risk of unauthorized access or misuse of your data.
  • Deletion Requests: If you request the deletion of your data, we will promptly remove your personal information from our systems and notify you once the deletion is complete. Please note that certain data may be retained for a limited period to comply with legal requirements or resolve disputes.

International Data Transfers

If we transfer your data internationally, we will ensure appropriate safeguards are in place to protect your privacy rights in accordance with this policy and applicable law. This includes using standard contractual clauses approved by relevant authorities or ensuring that the recipient country provides an adequate level of data protection. We are committed to maintaining the security and privacy of your data regardless of where it is processed.

Lawful Basis for Processing

Our lawful basis for processing data includes consent from the users, which is obtained through clear, affirmative actions during registration. Additionally, we process data based on legitimate interests, including providing and improving our services and providing a personalized user experience. We ensure that these interests do not override your rights and freedoms.

We rely on the following legal bases for processing your data:

  • Consent: We obtain your consent for specific processing activities to provide our services, such as collecting and using your audio recordings for feedback. You can withdraw your consent at any time by contacting us or deleting your account.
  • Contractual Necessity: We process your data to fulfill our contractual obligations to you, such as providing access to our services and delivering personalized feedback.
  • Legal Obligations: We process your data to comply with legal requirements, such as tax, accounting, and regulatory obligations. This ensures that we operate in accordance with applicable laws and regulations.
  • Legitimate Interests: We process your data based on our legitimate interests in providing and improving our services, maintaining security, and conducting business operations. We balance these interests against your privacy rights to ensure that they do not override your rights and freedoms.

Additional Data Subject Rights

Beyond the right to access, correct, or delete your data as outlined in this policy, you have the following rights:

  • Right to Object: You may object to the processing of your personal data under certain circumstances. If you object, we will cease processing your data unless we have compelling legitimate grounds to continue or if it is needed for legal reasons.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain conditions. This means that we will store your data but not use it for any other purpose until the restriction is lifted.
  • Right to Rectification: You have the right to request the correction of inaccurate or incomplete personal data. We will promptly update your data to ensure its accuracy and completeness.
  • Right to Erasure: Also known as the "right to be forgotten," you can request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent and no other legal basis for processing exists.
  • Right to Lodge a Complaint: If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. We encourage you to contact us first so we can address your concerns directly.

Additional Consumer Rights

You also have the right to:

  • Know the Categories of Information: You have the right to know the categories of information we collect and the purposes for which they are used. This transparency helps you understand how your data is being handled and why it is necessary.
  • Non-discrimination: You have the right to non-discrimination for exercising your rights. This means that we will not deny you services, charge you different prices, or provide you with a lower quality of services because you have exercised your privacy rights.

Categories of Collected Information

We collect information in the following categories:

  • Identifiers: Such as email addresses for account creation. This information is essential for setting up your account and communicating with you about our services.
  • Internet or Other Electronic Network Activity Information: Such as interaction with our service. This includes data on how you use our website and services, which helps us improve functionality and user experience.
  • Audio Recordings and Transcriptions: Your audio recordings and selected/added text input are used to provide personalized feedback and improve our services.
  • Technical Data: We collect information about the device you use to access our services, such as IP address, browser type, and operating system. This helps us ensure compatibility and optimize our services for different devices.

Consent for Minors

Our services are not provided to minors under the age of 16. If you become aware of a minor using our services, please contact us at support@trueinterviewai.com. We will take appropriate steps to address the situation and remove any personal information collected from the minor from our servers.

Cookie Policy

Our website uses cookies to enhance user experience, analyze site usage, and assist in our marketing efforts. Cookies are small text files that are stored on your device when you visit our website. They help us understand how you interact with our site and improve your browsing experience. More information about our use of cookies can be found in our Cookie Policy. You can manage your cookie preferences through your browser settings.

We use different types of cookies for various purposes:

  • Essential Cookies: These cookies are necessary for the website to function properly. They enable basic functionalities such as page navigation and access to secure areas of the site. Without these cookies, the website cannot function correctly.
  • Performance Cookies: These cookies collect information about how you use our website, such as which pages you visit and if you encounter any errors. This helps us improve the performance and functionality of our site.
  • Functional Cookies: These cookies allow us to remember your preferences and provide enhanced features.
  • Targeting Cookies: These cookies are used to deliver advertisements that are more relevant to you and your interests. They also help us measure the effectiveness of our advertising campaigns.

Updates to the Policy

We may update this policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will immediately post the updated policy on our website and, if the changes are significant, we will provide a more prominent notice (such as a notification email or a pop-up notification on our website). We encourage you to review this policy periodically to stay informed about how we are protecting your data.Your continued use of our services after any changes to this policy will constitute your acceptance of such changes.

Data Breach Notification

In the unlikely event of a data breach, we have procedures in place to promptly identify, assess, and mitigate the impact. We will notify affected users and relevant authorities as required by law. Our notification will include information about the breach, its impact, and steps taken to address it. We are committed to transparency and will provide timely updates as we learn more about the breach and its implications.

Our data breach response plan includes the following steps:

  • Identification and Containment: As soon as we detect a potential breach, we will take immediate steps to contain it and prevent further unauthorized access. This may involve isolating affected systems, suspending compromised accounts, and securing sensitive data.
  • Assessment and Notification: We will assess the scope and impact of the breach, including identifying the affected data and users. We will notify affected users and relevant authorities as required by law, providing detailed information about the breach and steps taken to address it.
  • Remediation and Prevention: We will implement measures to remediate the breach and prevent future occurrences. This may involve updating our security practices and enhancing our monitoring and detection capabilities.

Third-Party Links

Our website may contain links to third-party websites or services that are not owned or controlled by TrueInterviewAI. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to read the privacy policies of any third-party websites you visit to understand how they collect, use, and protect your data. Our inclusion of links to third-party websites does not imply endorsement of their practices or content.

Advertising and Analytics

We may use third-party service providers to serve advertisements and analyze usage data. These providers may use cookies, web beacons, and other technologies to collect information about your use of our services and other websites. This information is used to provide you with targeted advertisements and to analyze the effectiveness of our advertising campaigns.

Our advertising and analytics practices include:

  • Targeted Advertising: We use information about your interactions with our services to show you ads that are relevant to you. This helps us deliver a more personalized advertising experience.
  • Performance Measurement: We analyze the performance of our advertising campaigns to understand their effectiveness and optimize our marketing efforts. This includes measuring ad impressions, clicks, and conversions.
  • Third-Party Analytics: We use third-party analytics services to gather data on how users interact with our website and services. This helps us improve our platform and provide a better user experience.

Social Media Features

Our website may include social media features, such as the Facebook Like button and Twitter widgets. These features may collect information about your IP address and the pages you visit on our site, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing them.

Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIAs) for any new or significantly changed processing activities that may pose a high risk to your privacy rights. DPIAs help us identify and mitigate risks to your personal data and ensure that our practices comply with data protection laws. These assessments are an integral part of our commitment to safeguarding your privacy and ensuring that our services are secure and trustworthy.

Our DPIA process includes:

  • Identifying Processing Activities: We identify and document all data processing activities, including the types of data collected, the purposes of processing, and the entities involved.
  • Assessing Risks: We evaluate the potential risks to data subjects' privacy rights, including the likelihood and severity of harm. This helps us understand the impact of our processing activities and prioritize risk mitigation efforts.
  • Implementing Safeguards: We identify and implement appropriate technical and organizational measures to mitigate identified risks. This includes measures to protect data confidentiality, integrity, and availability.
  • Review and Documentation: We document the DPIA findings, including the identified risks, implemented safeguards, and residual risks. We regularly review and update DPIAs to ensure they remain current and effective.

Transparency and Accountability

We are committed to transparency and accountability in our data protection practices. We provide clear and accessible information about how we collect, use, and protect your data. We also regularly review and update our data protection policies and procedures to ensure they remain effective and compliant with applicable laws.

Our transparency and accountability measures include:

  • Clear Privacy Notices: We provide clear and concise privacy notices that explain how we collect, use, and protect your data. These notices are easily accessible on our website and during the account creation process.
  • Regular Audits: We conduct regular audits of our data protection practices to ensure compliance with this policy and applicable laws. This includes internal audits and third-party assessments to identify areas for improvement.
  • User Rights Requests: We have procedures in place to handle user rights requests promptly and efficiently. This includes requests for access, correction, deletion, and data portability.
  • Reporting and Accountability: We maintain records of our data processing activities and report to relevant authorities as required by law. This helps us demonstrate our compliance with data protection obligations and ensures accountability.

Third-Party Processors

We use third-party processors to help us provide our services. These processors may have access to your data only to perform specific tasks on our behalf and are obligated to protect your information and use it only for the purposes for which it was disclosed. We carefully select and monitor our processors to ensure they comply with our data protection standards and legal requirements.

Our third-party processor practices include:

  • Due Diligence: We conduct thorough due diligence before engaging third-party processors. This includes evaluating their data protection practices, security measures, and compliance with applicable laws.
  • Data Processing Agreements: We enter into data processing agreements with all third-party processors. These agreements outline the processors' responsibilities, including data protection obligations and restrictions on data use.
  • Regular Audits: We regularly audit our third-party processors to ensure they comply with our data protection standards.
  • Termination of Contracts: We reserve the right to terminate contracts with third-party processors who fail to meet our data protection standards. This ensures that we only work with partners who prioritize data security and privacy.

Data Anonymization and Aggregation

We may anonymize and aggregate your data for various purposes, including research, analytics, and improving our services. Anonymized data cannot be linked back to you and is not considered personal data under data protection laws. Aggregated data combines information from multiple users and helps us understand trends and patterns without identifying individual users.

Our data anonymization and aggregation practices include:

  • Anonymization Techniques: We use advanced anonymization techniques to ensure that your data cannot be linked back to you.
  • Aggregation Methods: We combine data from multiple users to create aggregated datasets. This helps us analyze trends and patterns without identifying individual users.
  • Use of Anonymized Data: We use anonymized and aggregated data for various purposes, including improving our AI algorithms, conducting research, and generating insights. This data is not considered personal data and is not subject to data protection laws.

Contact Information

If you have any questions or concerns regarding your data or this policy, please contact us at support@trueinterviewai.com. We are committed to addressing your inquiries promptly and transparently and ensuring that your privacy is protected.