Privacy Policy

InterviewProof AI ("InterviewProof," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application at interviewproof.ai (the "Service").

1. Information We Collect

Account Information

When you create an account, we collect your email address and authentication credentials. If you sign in via Google or GitHub OAuth, we receive your name, email address, and profile picture from those providers.

Uploaded Content

To provide our diagnostic service, you upload your resume and job description text. This content is processed to generate your interview readiness report and is stored securely in our database.

Payment Information

Payment processing is handled entirely by Stripe. We do not store your credit card number, CVV, or full billing details on our servers. We receive a transaction ID and confirmation of payment from Stripe.

Usage Data

We collect anonymized usage data including pages visited, features used, and general interaction patterns to improve the Service. We use Vercel Analytics for this purpose, which does not use cookies and does not track personally identifiable information.

2. How We Use Your Information

• Providing the Service: Your resume and job description are processed by our AI analysis pipeline to generate interview diagnostics, risk assessments, and personalized recommendations.
• AI Processing: We use OpenAI and Anthropic (Claude) APIs to analyze your uploaded content. Your data is sent to these providers solely for the purpose of generating your report. Neither OpenAI nor Anthropic retains your data for training purposes under our enterprise agreements.
• Account Management: To authenticate you, manage your credits balance, and provide access to your reports.
• Communication: To send transactional emails related to your account (e.g., magic link sign-in, purchase confirmations).
• Improvement: To analyze aggregate, anonymized usage patterns to improve our scoring algorithms and user experience.

3. Data Storage and Security

Your data is stored in a Supabase-hosted PostgreSQL database with Row Level Security (RLS) enabled, ensuring that users can only access their own data. All data is encrypted at rest and in transit using TLS 1.2+.

We implement industry-standard security measures including:

• Row Level Security policies on all database tables
• Encrypted connections (HTTPS/TLS) for all data in transit
• Secure, httpOnly session cookies
• Environment variable isolation for API keys and secrets
• Regular dependency audits and security updates

4. Third-Party Services

We share data with the following third-party services only as necessary:

• Supabase: Database hosting, authentication, and storage.
• Stripe: Payment processing and subscription management.
• OpenAI: Resume/JD extraction, practice question generation, and embedding computation.
• Anthropic (Claude): Primary analysis engine for generating diagnostic reports.
• Vercel: Application hosting and anonymized analytics.

5. Data Retention

We retain your account data and reports for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us at ramez@interviewproof.ai. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.

6. Cookies

InterviewProof uses minimal cookies strictly necessary for the Service to function:

• Authentication cookies: Secure session cookies managed by Supabase Auth to keep you signed in.
• Theme preference: A localStorage entry (not a cookie) to remember your dark/light mode selection.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

7. Your Rights (GDPR / CCPA / PIPEDA)

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Under GDPR (European Economic Area)

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate data.
• Right to Erasure: Request deletion of your personal data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing of your data for certain purposes.

Under CCPA (California)

• Right to Know: Request disclosure of the categories and specific pieces of personal information collected.
• Right to Delete: Request deletion of personal information.
• Right to Opt-Out: We do not sell your personal information.
• Right to Non-Discrimination: You will not be discriminated against for exercising your privacy rights.

Under PIPEDA (Canada)

• Right of Access: Request access to the personal information we hold about you.
• Right to Correction: Request correction of inaccurate or incomplete personal information.
• Right to Withdraw Consent: Withdraw your consent for the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions.
• Right to Complain: File a complaint with the Office of the Privacy Commissioner of Canada if you believe your privacy rights have been violated.

To exercise any of these rights, contact us at ramez@interviewproof.ai. We will respond within 30 days.

8. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitutes acceptance of the revised policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: ramez@interviewproof.ai
• Contact page: interviewproof.ai/contact