Privacy Policy

AI Interview Analyzer sp. z o.o., ul. Kaliny Jędrusik 6/53, 01-748 Warszawa, Poland ('we', 'us', 'our') is the data controller responsible for your personal data. We are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws. For any privacy-related inquiries, contact us at contact@aiinterviewanalyzer.com.

We collect the following categories of personal data: (1) Account data — name, email address, company name, and role when you register; (2) Interview data — audio recordings, transcripts, AI-generated analysis, scores, and reports created through the platform; (3) Candidate data — name, email, and consent records for interview candidates; (4) Usage data — pages visited, features used, and technical logs for service improvement; (5) Payment data — billing details processed securely through Stripe (we do not store credit card numbers); (6) Contact data — information you provide when contacting us through the contact form.

We process personal data for the following purposes: (1) Providing our interview analysis service, including transcription, AI analysis, and report generation; (2) Managing your account and organization; (3) Processing payments and managing subscriptions; (4) Sending transactional emails (consent requests, feedback, password resets); (5) Improving our service based on aggregated, anonymized usage patterns; (6) Complying with legal obligations. We do NOT use your data for advertising, profiling, or selling to third parties.

We process your data under the following legal bases: (1) Contract performance — to provide the services you have subscribed to (Art. 6(1)(b) GDPR); (2) Legitimate interest — for service improvement and security (Art. 6(1)(f) GDPR); (3) Consent — for interview recording and analysis of candidate data (Art. 6(1)(a) GDPR); (4) Legal obligation — for tax, accounting, and compliance purposes (Art. 6(1)(c) GDPR). Before any interview, candidates provide explicit GDPR consent for both recording and AI-powered analysis through a mandatory consent flow integrated into the platform.

We use the following third-party processors, all of which are GDPR-compliant: (1) Microsoft Azure (West Europe, Sweden Central) — cloud hosting, AI processing (Azure OpenAI, Azure Speech Services), and data storage; (2) Stripe (EU) — payment processing; (3) Fakturownia — invoice generation (EU-based); (4) SSL0.home.pl — email delivery (Poland, EU). Microsoft Azure does not train its AI models on your data. All processing occurs within the EU.

We retain candidate data for a configurable period set by each organization (default: 12 months from the date a hiring decision is made). This period can also be adjusted per individual candidate when needed. All interview-related data — audio recordings, transcripts, AI-generated reports, and candidate documents — is treated as a unit and deleted together when the retention period expires. Before automatic deletion, candidates receive a warning email with the option to request an extension. Organizations can adjust the default retention period in their settings. Account data is retained while your account is active and deleted within 30 days of account closure. Payment records are retained for 7 years as required by EU tax law. Consent records are retained as long as the associated candidate data exists.

Under GDPR, you have the right to: (1) Access — request a copy of all personal data we hold about you; (2) Rectification — correct inaccurate personal data; (3) Erasure — request deletion of your data ('right to be forgotten'); (4) Restriction — limit how we process your data; (5) Portability — receive your data in a machine-readable format; (6) Object — object to processing based on legitimate interest; (7) Withdraw consent — withdraw consent at any time without affecting prior processing. To exercise any of these rights, email us at contact@aiinterviewanalyzer.com. We will respond within 30 days.

We implement industry-standard security measures including: (1) Encryption at rest (AES-256) for all stored data; (2) Encryption in transit (TLS 1.2+) for all data transfers; (3) Private Azure Virtual Network endpoints; (4) Role-based access control; (5) Regular security audits; (6) PII detection and redaction capabilities. Despite our best efforts, no system is 100% secure. In the event of a data breach, we will notify affected users and the relevant Data Protection Authority within 72 hours as required by GDPR.

For privacy inquiries, data access requests, or complaints, contact AI Interview Analyzer sp. z o.o., ul. Kaliny Jędrusik 6/53, 01-748 Warszawa, Poland, at contact@aiinterviewanalyzer.com. You also have the right to lodge a complaint with your local Data Protection Authority.