1. Introduction

This Privacy Policy describes how Petrova AI ("we," "us," or "Petrova") collects, uses, and protects information when you use our AI-powered interview and assessment platform at petrova.ai (the "Service"). We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

2. Information We Collect

Platform Users (Organizations):

• Name and contact information
• Organization/company details
• IP address and device information
• Account preferences and settings
• Usage analytics and platform interactions

Interview Participants:

• Name and contact information
• Email address and phone number
• Video and audio interview recordings
• Uploaded documents (resumes/CV)
• IP address and session data

3. How We Collect Information

We collect information through:

• Account registration and profile setup
• Interview recordings and participant submissions
• Document uploads and form submissions
• Platform usage and analytics tracking
• Customer support interactions
• Optional third-party service integrations

4. How We Use Your Information

We process your information for the following purposes:

• Providing AI-powered interview and assessment services
• Generating insights and analytics from interview data
• Facilitating communication between platform users and participants
• Improving our AI models and platform functionality
• Providing customer support and technical assistance
• Processing payments and managing subscriptions
• Sending important service updates and notifications
• Ensuring platform security and preventing fraud
• Complying with legal obligations

5. Legal Basis for Processing (GDPR)

Our legal basis for processing personal data includes:

• Contract Performance: To provide our interview and assessment services
• Legitimate Interest: To improve our platform, conduct analytics, and provide customer support
• Consent: For optional features, marketing communications, and third-party integrations
• Legal Obligation: To comply with applicable laws and regulations

6. Third-Party Service Providers

We work with trusted third-party providers to deliver our services:

• Communication Services: Twilio for voice capabilities
• Video Storage: AWS S3 for secure cloud storage of video recordings
• AI Processing: AWS SageMaker for AI model deployment, supplemented by select third-party AI services for enhanced language processing and analysis
• Database Hosting: MongoDB for enterprise-grade database services
• Payment Processing: Paddle for secure payment handling and subscription management
• Analytics: Google Analytics for platform usage insights and improvements
• Generative AI: OpenAI for generating interview questions, job descriptions, and other services
• Infrastructure: AWS EC2 for cloud hosting, AWS Lambda for serverless functions, and AWS CloudFront for content delivery

We maintain Data Processing Agreements (DPAs) with all providers handling personal data to ensure appropriate security and privacy protections.

7. Data Security

We implement comprehensive security measures including:

• End-to-end encryption for data in transit and at rest
• Multi-factor authentication and access controls
• Regular security audits and vulnerability assessments
• Employee security training and access restrictions
• Automated monitoring for suspicious activities
• Secure backup and disaster recovery procedures

8. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy:

• Active Accounts: Data is retained while your account remains active
• Interview Data: Retained according to customer requirements and legal obligations
• Deleted Accounts: Personal data is deleted within 30 days of account deletion
• Legal Requirements: Some data may be retained longer to comply with legal obligations

9. Your Privacy Rights

You have the following rights regarding your personal data:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete information
• Erasure: Request deletion of your personal data
• Restriction: Limit how we process your data
• Portability: Receive your data in a portable format
• Objection: Object to certain types of processing
• Withdraw Consent: Remove consent for optional processing activities

To exercise these rights, please contact us at support@petrova.io. We will respond within 30 days.

10. Customer Data Responsibilities

When you use Petrova AI, your organization acts as a data controller for interview participant data. You are responsible for:

• Obtaining appropriate consent from interview participants
• Providing participants with your own privacy notice
• Ensuring compliance with applicable data protection laws
• Handling participant data access requests and rights

We recommend reviewing your own privacy policies and practices to ensure they align with your use of our platform.

11. Cookies and Tracking

We use cookies and similar technologies for:

• Essential platform functionality and authentication
• Analytics to improve user experience
• Remembering your preferences and settings

You can manage cookie preferences through your browser settings or our cookie consent banner.

12. International Data Transfers

Your data may be processed in countries outside your residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions where applicable.

13. Children's Privacy

Petrova AI is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has provided personal information, please contact us immediately.

14. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you and relevant authorities as required by applicable law, typically within 72 hours of discovery.

15. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notification. Continued use of our services after changes constitutes acceptance of the updated policy.

16. Contact Information

For privacy-related questions or to exercise your rights, contact us at:

• Email: support@petrova.io

We are committed to resolving privacy concerns promptly and transparently.