Privacy Policy

Talvin AI (“we,” “our,” or “the platform”) is committed to protecting the privacy of our users and clients. This privacy policy explains how we collect, use, store, and share information, as well as the rights you have concerning your data, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Information We Collect

We collect the following types of data:

1.1 Personal Data: When you sign up or use our platform, we collect personal details such as your name and email address.

1.2 Company/Employer Data: When an organization uses our platform, we collect data related to the company, including company name, contact person details, billing information, and usage data related to the platform’s features. This data is used to provide and manage our services, for billing, and to communicate with our client organizations.

1.3 Interview Data: If you participate in an AI interview through the platform, we collect additional information such as audio recordings and video (if enabled by the employer). These data are collected with your explicit consent.

1.4 Cookies and Tracking Data: We use cookies and tracking technologies, including Microsoft Clarity, Google Analytics, PostHog, and Mixpanel, to enhance user experience, analyze trends, track user movements around the platform, and gather demographic information about our user base. For more details, please refer to our Cookie Policy.

2. Data Retention Policy

We retain personal data and interview data (video & audio recordings) for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The specific retention periods are determined by the nature of the data and the purpose of its processing. Generally, data is retained until it is deleted either by the employer or by the job seeker. However, we implement the following specific retention guidelines:

• Interview Data (Video/Audio): This data is retained for a period of 12 months from the date of collection, or until the associated employer or job seeker explicitly requests its deletion, whichever comes first. This period allows employers to complete their recruitment processes and for job seekers to access their data.
• Personal Data: Personal data, such as name, email, and job details, is retained for 24 months after the last active use of the platform or until an explicit deletion request is received.
• Company/Employer Data: Data related to client organizations is retained for the duration of the contractual relationship and for a period of 7 years thereafter to comply with legal and accounting obligations.

Deletion Protocols:

• User-Initiated Deletion: Job seekers and employers can request the deletion of their accounts and associated data by emailing [email protected]. We will process such requests promptly and delete data from our active databases. Residual copies may remain on backup systems for a limited period before being permanently purged, in accordance with our data backup and recovery policies.
• Automated Deletion: We are developing automated systems for data deletion based on the retention periods outlined above. Currently, deletion beyond user-initiated requests is managed manually to ensure compliance and data integrity. Future updates will include an admin panel for more streamlined data management and deletion.

3. Data Storage Region

All collected data is securely stored on Amazon AWS servers located in Singapore. We ensure that all data transfers and storage comply with applicable data protection laws, including GDPR, by implementing appropriate safeguards such as Standard Contractual Clauses (SCCs) where necessary.

4. Data Sharing with Integrations

We do not sell or share your data with any third parties for their independent use. The only third parties with whom your data may be shared are those integrations explicitly authorized by you or your employer, such as Applicant Tracking Systems (ATS) products. When you or your employer integrates Talvin AI with an ATS, relevant data (e.g., candidate profiles, interview scores, video links) may be transferred to that ATS to facilitate your recruitment workflow. We ensure that such data sharing is governed by appropriate data processing agreements and that these third-party integrations maintain adequate data protection standards.

5. User Rights (GDPR)

In accordance with the General Data Protection Regulation (GDPR), users have the following rights regarding their personal data:

• Right to be Informed (Art. 12, 13, 14): You have the right to be informed about the collection and use of your personal data. This Privacy Policy serves to fulfill this obligation.
• Right of Access (Art. 15): You have the right to request access to the personal data we hold about you. We will provide a copy of your data in a commonly used electronic format.
• Right to Rectification (Art. 16): You have the right to request that inaccurate or incomplete personal data concerning you be corrected or completed without undue delay.
• Right to Erasure (‘Right to be Forgotten’) (Art. 17): You have the right to request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
• Right to Restriction of Processing (Art. 18): You have the right to request the restriction of processing of your personal data under certain conditions, for example, if you contest the accuracy of the data.
• Right to Data Portability (Art. 20): You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller without hindrance.
• Right to Object (Art. 21): You have the right to object to the processing of your personal data in certain situations, including processing for direct marketing purposes.
• Rights in relation to Automated Decision Making and Profiling (Art. 22): You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month.

6. Security Measures

We take data security seriously and implement robust technical and organizational measures to protect your personal and company data from unauthorized access, disclosure, alteration, and destruction. Our security measures include:

• Encryption: All data, both in transit and at rest, is encrypted using industry-standard encryption protocols.
• Access Controls: Strict access controls are in place to ensure that only authorized personnel have access to personal data, based on the principle of least privilege.
• Regular Audits and Assessments: We conduct regular security audits and vulnerability assessments to identify and address potential weaknesses.
• Employee Training: Our employees receive regular training on data protection and security best practices.
• Compliance Efforts: Talvin AI is actively working towards obtaining compliance with GDPR and SOC-2 Type 2 standards, demonstrating our commitment to maintaining high levels of data security and privacy.

7. Changes to This Privacy Policy and Re-Consent

We update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any changes will be posted on this page with an updated “Last updated” date. In the event of significant changes, we will notify users via email and require re-consent to the updated policy to ensure continued compliance and transparency.

8. AI Model Training and Intellectual Property

8.1 Use of Customer Data for AI Model Training: We confirm that we do not use customer data (including personal data, company data, or interview data) for training external, publicly available AI models. Your data is used solely for providing and improving the Talvin AI platform and its features for you and your organization.

8.2 Internal Model Fine-Tuning and IP Ownership: We may fine-tune our internal AI models using anonymized and aggregated data to enhance the performance and accuracy of our services. This fine-tuning is conducted in a manner that does not identify individuals or organizations. Any intellectual property generated through the fine-tuning of our internal models remains the exclusive property of Talvin AI.

9. Legal Compliance

We comply with all relevant data protection laws, including the General Data Protection Regulation (GDPR). Our platform is designed to ensure that your data remains secure and is processed according to industry standards and legal requirements.