Privacy Policy

AuditVantage AI is operated by its owner as an independent software service. It is not yet registered as a separate legal company.

Privacy questions and data subject requests — contact details are published on our website when available..

This policy covers workspace owners, recruiters, and administrators who use AuditVantage AI, and personal data about job applicants contained in resumes and screening records you upload. It does not cover third-party websites linked from our service.

For candidate and applicant personal data uploaded to AuditVantage AI, your organization is typically the data controller and AuditVantage AI acts as a data processor processing data on your documented instructions via these Terms and our Privacy Policy.

Account information about your employees (recruiters) is generally processed where AuditVantage AI acts as an independent controller for account administration, billing, and security.

Account & workspace data: name, business email, organization name, authentication identifiers, role, and team membership.

Recruiting & candidate data: job descriptions, resume files (PDF/DOCX), extracted text, candidate evaluation outputs, skills, scores, status, recruiter notes, and contact details when present in a resume (email, phone).

Technical & usage data: IP address, browser type, device information, logs, plan usage, and security-related events necessary to operate and protect the service.

Billing data: subscription status and transaction metadata via our payment provider. We do not store full payment card numbers.

• Provide resume upload, storage, candidate evaluation, whitelabel client portals, and collaboration features.
• Authenticate users and enforce workspace access controls.
• Apply plan limits, trials, and fraud prevention.
• Process subscriptions and support requests.
• Improve reliability, security, and product quality.
• Comply with law and enforce our Terms.

We do not sell personal information. We do not use candidate data for cross-context behavioral advertising.

Resume text is transmitted over HTTPS (TLS) to OpenAI APIs to generate evaluation insights at your direction.

API requests use store: falseso inputs and outputs are not retained on OpenAI's platform for those calls, consistent with OpenAI's API data usage policies for API customers.

AI outputs are assistive only. You remain responsible for human review and lawful hiring decisions.

Where GDPR applies, we rely on:

• Contract — to deliver the service.
• Legitimate interests — security, abuse prevention, and product improvement.
• Legal obligation — where required.
• Consent — where required for non-essential cookies or marketing (if offered).

California residents may have rights to know, access, correct, and delete personal information. We do not sell or share personal information for cross-context behavioral advertising as defined under California law.

Requests — use the contact email published on our website..

We use TLS in transit, access controls, and providers that encrypt data at rest. No system is 100% secure — protect your credentials and limit workspace access.

When you delete a candidate or job, we purge resume files, AI analysis, database records, and share links (including links already sent to clients). Deletion is permanent. See our DPA for processor obligations.

Data may be processed in the US and other provider locations. Where required, we use Standard Contractual Clauses or equivalent safeguards.

Essential cookies are used for login and security only. No advertising cookies in the core product.

We will notify affected workspace owners without undue delay if a breach affects your data, as required by applicable law.

You may have access, correction, deletion, and portability rights. Contact us using the email published on our website. Candidates should contact the recruiting organization that collected their data.

Not directed to children under 16.

Posted updates on this page with a new effective date.