The General Data Protection Regulation 2016 (GDPR) is one of the most significant pieces of legislation affecting the way that InterviewZen, operating as a subsidiary and DBA of Telemore AI LLC, carries out its information processing activities. Significant fines are applicable if a breach is deemed to have occurred under the GDPR, which is designed to protect the personal data of citizens of the European Union. It is InterviewZen’s policy to ensure that our compliance with the GDPR, The California Consumer Privacy Act (CCPA), and other relevant legislation is clear and demonstrable at all times.
There are a total of 26 definitions listed within Article 4 – Definitions of the GDPR, and it is not appropriate to reproduce them all here. However, the most fundamental definitions with respect to this policy are as follows:
InterviewZen collects several types of information to provide and improve our technical interview assessment service:
Account Information: When you register, we collect your name, email address, password, and billing details for hiring managers and organizations.
Interview Recordings: We collect screen recordings, video recordings, and audio during interview sessions to enable assessment and review capabilities.
Coding Responses: We store candidate code submissions, answers to technical questions, and problem-solving approaches submitted during interviews.
Behavioral Analytics: We collect typing patterns, keystroke timing, cursor movements, and other behavioral metrics during interviews for assessment purposes.
Usage Information: We collect information about how you interact with our Service, including log data, device information, IP address, browser type, and interview session data.
Communications: We store communications you have with our customer support team and interview-related correspondence.
Under the GDPR, we rely on the following legal bases to process your personal data:
Contract Performance: We process account information, interview recordings, and candidate assessments as necessary to perform our contract with you (providing the InterviewZen technical interview platform service).
Organizations using InterviewZen are responsible for ensuring they have appropriate legal basis and candidate consent for conducting recorded technical interviews and behavioral monitoring.
InterviewZen uses advanced analytics to provide comprehensive technical interview assessments:
Behavioral Analysis: Our systems analyze typing patterns, keystroke dynamics, cursor movements, and coding behavior to provide insights into candidate problem-solving approaches and technical competency.
Security Monitoring: During interviews, we monitor for potential security violations, suspicious activity, or attempts to circumvent interview integrity (such as unauthorized external assistance).
Code Quality Assessment: We analyze code submissions for quality, approach, efficiency, and adherence to best practices to help hiring managers make informed decisions.
Privacy-First Analytics: All behavioral analytics are processed to assess technical competency only. We do not use this data for any purpose beyond the specific interview assessment.
Human Review: Interview recordings and assessments may be reviewed by hiring managers and authorized personnel. Automated systems flag potential integrity issues, but final hiring decisions remain with human reviewers.
Our technical interview platform includes measures to ensure fair and secure interview processes:
Cheating Detection: We employ automated systems to detect potential cheating behaviors, unauthorized assistance, or attempts to compromise interview integrity.
Candidate Responsibility: Candidates are responsible for maintaining interview integrity and following all guidelines provided. Any detected violations may result in interview termination and reporting to hiring organizations.
Reporting Mechanisms: We provide ways for candidates and hiring managers to report technical issues, inappropriate behavior, or concerns about interview fairness.
Session Security: All interview sessions use secure, time-limited access tokens and device fingerprinting to prevent unauthorized access or session sharing.
Privacy Protection: While we monitor interviews for integrity purposes, we implement measures to limit data collection to only what is necessary for technical assessment and maintain strict access controls.
We implement and maintain appropriate technical and organizational security measures to protect your personal data:
Encryption: All data is encrypted both at rest and in transit using industry-standard encryption protocols (AES-256 and TLS 1.3).
Access Controls: We enforce strict role-based access controls and multi-factor authentication for all staff accessing systems containing personal data.
Monitoring and Testing: We conduct regular security monitoring, vulnerability scanning, and penetration testing of our systems.
Incident Response: We maintain a comprehensive incident response plan with designated responsibilities to quickly address any potential security events.
Vendor Assessment: We thoroughly vet all third-party service providers for appropriate security practices before engaging them.
These security measures are regularly reviewed and updated to address new threats and vulnerabilities. While we implement best practices for security, no system can guarantee absolute security. We encourage users to help by maintaining strong passwords and reporting any suspicious activities.
Personal data shall be:
InterviewZen must ensure that it complies with all these principles both in the processing it currently carries out and as part of the introduction of new methods of processing such as new IT systems. We implement industry best practices for information security management as part of that commitment.
InterviewZen retains different types of data for varying periods based on business needs and legal requirements:
Account Information: We retain your account information for as long as your account is active and for a period thereafter to comply with legal obligations, resolve disputes, and enforce agreements.
Interview Recordings: Screen recordings, video recordings, and audio from interview sessions are retained according to your organization’s data retention settings, typically ranging from immediate deletion to several months for hiring decision purposes.
Candidate Assessments: Interview responses, code submissions, and behavioral analytics are retained for the duration specified by the hiring organization, allowing for thorough assessment and potential appeals processes.
Interview Sessions: Complete interview session data is retained as long as your account is active and according to your organization’s retention policies.
Assessment Data: Typing patterns, keystroke analytics, and other behavioral metrics are retained only as long as necessary for interview assessment and are deleted when the interview data is purged.
System Logs: For security, compliance, and operational integrity purposes, system logs are retained for 10 years. These logs contain technical information about service operation but do not include interview recordings or candidate assessment data.
Upon subscription termination, you may request prompt deletion of all your data (except system logs required for security and compliance) by contacting [email protected], and we will complete this deletion within 30 days of your request.
When you request deletion of your personal data:
Verification: We will verify your identity through appropriate means, which may include confirming through your registered email address or requesting additional verification information.
Confirmation: Upon completion of the deletion process, we will provide confirmation of deletion.
Data deletion is a permanent action and cannot be reversed once completed.
The data subject also has rights. These consist of:
“To protect the integrity and security of our internal systems, we may limit access to specific details about how your data is processed, where such disclosure would compromise proprietary methods or allow for system manipulation. We are committed to balancing transparency with the need to maintain secure and reliable services.”
Each of these rights must be supported by appropriate procedures within Telemore AI LLC that allow the required action to be taken within the timescales stated in the regulations.
Under applicable privacy laws, you have the right to receive your personal data in a structured, commonly used, and machine-readable format:
Data provided through our portability process is designed to be easily transferable to other services where technically feasible.
If you have concerns about any automated processing of your data, please contact us at [email protected].
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information:
Right to Know: You have the right to request information about the personal information we collect, use, disclose, and sell.
Right to Delete: You have the right to request deletion of personal information we have collected about you, subject to certain exceptions necessary for providing our service or legal compliance.
Right to Opt-Out: While InterviewZen does not sell personal information as traditionally defined, California residents have the right to opt-out of certain data sharing practices classified as “sales” under the CCPA.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
To exercise these rights, please contact us at [email protected]. We will respond to verifiable consumer requests within 45 days. You may make a request up to twice within a 12-month period.
For verification purposes, we may need to request specific information to confirm your identity. This is a security measure to ensure personal information is not disclosed to unauthorized individuals.
InterviewZen’s services are designed for users who are at least 18 years of age. We do not knowingly collect personal information from individuals under 18 years old.
If we learn that we have collected personal information from a person under 18, we will promptly delete that information. If you believe we might have collected information from a person under 18, please contact us at [email protected].
For EU users, where the age of consent for data processing may vary between 13-16 years depending on the member state, we require parental consent for users under 16 years of age.
Unless it is necessary for a reason allowable in the regulations, consent must be obtained from a data subject to collect and process their data. In the case of children below the age of 16 (Note – this age may be lower in individual EU member states), parental consent must be obtained. Transparent information about our usage of their personal data must be provided to data subjects at the time that consent is obtained, and their rights regarding their data explained, such as the right to withdraw consent. This information must be provided in an accessible form, written in clear language, and free of charge.
If the personal data are not obtained directly from the data subject, then this information must be provided within a reasonable period after the data are obtained and definitely within one month.
Telemore uses cookies and similar technologies to enhance your experience, analyze usage, and deliver content and advertisements:
Essential Cookies: These cookies are necessary for the website to function and cannot be disabled. They help with basic functionality and security features.
Analytical/Performance Cookies: These cookies allow us to recognize and count visitors, understand how visitors navigate our site, and improve the website’s functionality.
Functionality Cookies: These cookies enable the website to provide enhanced functionality and personalization based on your preferences and choices.
Targeting/Advertising Cookies: We may use these cookies to deliver advertisements relevant to you and your interests.
Other Tracking Technologies: We also use web beacons, pixels, and local storage to collect information about how you interact with our services.
You can manage your cookie preferences through your browser settings or our cookie preference center. Please note that disabling certain cookies may affect the functionality of our Service.
For more information about cookies, including how to see what cookies have been set and how to manage or delete them, visit www.allaboutcookies.org.
InterviewZen has adopted the principle of privacy by design and will ensure that the definition and planning of all new or significantly changed systems that collect or process personal data will be subject to due consideration of privacy issues, including the completion of one or more privacy (also known as data protection) impact assessments.
The privacy impact assessment will include:
Use of techniques such as data minimization and pseudo-anonymization will be considered where applicable and appropriate.
To provide our Service, InterviewZen works with trusted third-party service providers who may process your data:
Amazon Web Services (AWS): Our primary infrastructure provider hosts all InterviewZen services and data. AWS maintains industry-leading security practices and complies with major security certifications including ISO 27001, SOC 2, and GDPR requirements.
AWS Services: We utilize various AWS services for secure data processing, analytics, and infrastructure management. All data processed through AWS services is subject to AWS’s comprehensive security controls and enterprise-grade privacy protections.
Payment Processors: We use industry-standard payment processors to handle subscription payments. We do not store complete credit card information on our servers.
These service providers are contractually obligated to handle your data in compliance with applicable privacy laws and our instructions. We regularly review their security and privacy practices to ensure compliance with our standards.
For more information on AWS’s data security and privacy practices, you can visit their privacy policy at AWS Privacy Policy.
InterviewZen works with third-party service providers who may process personal data on our behalf to deliver our services. Our current key sub-processors include:
We maintain a complete and up-to-date list of our sub-processors at [interviewzen.com/subprocessors]. This list includes the name and location of each sub-processor, as well as the services they provide.
Before engaging any new sub-processor, we conduct due diligence to ensure they provide appropriate privacy and security guarantees. All our sub-processors are bound by data processing agreements that require them to process personal data only according to our instructions and implement appropriate security measures.
If you wish to object to our use of a particular sub-processor, please contact us at [email protected].
InterviewZen is based in the United States and processes data on servers primarily located in the United States. However, we may transfer, process, and store data in other countries where our service providers maintain facilities:
Transfer Mechanisms: When transferring data from the European Economic Area (EEA), United Kingdom, or Switzerland to countries that do not have adequate data protection as determined by the European Commission, we rely on legal mechanisms such as Standard Contractual Clauses (SCCs), adequacy decisions where available, or legitimate interests.
AWS Global Infrastructure: As our primary infrastructure provider, AWS operates data centers globally. Your data may be replicated across different AWS regions for redundancy and disaster recovery purposes, always maintaining appropriate safeguards.
Security Measures: Regardless of where your data is processed, we maintain appropriate technical and organizational safeguards to protect your personal information according to the standards required by applicable laws.
Data Protection Impact Assessments: Where required by law, we conduct data protection impact assessments for cross-border transfers to ensure adequate protection of transferred data.
If you have questions about our international data practices, please contact us at [email protected].
A defined role of Data Protection Officer (DPO) is required under the GDPR if an organization is a public authority, if it performs large-scale monitoring, or if it processes particularly sensitive types of data on a large scale. Based on these criteria, InterviewZen does not require a Data Protection Officer to be appointed.
It is InterviewZen’s policy to be fair and proportionate when considering the actions to be taken to inform affected parties regarding breaches of personal data. In line with the GDPR, where a breach is known to have occurred which is likely to result in a risk to the rights and freedoms of individuals, the relevant supervisory authority will be informed within 72 hours.
InterviewZen maintains comprehensive records to demonstrate our compliance with data protection principles:
Regular Reviews: We conduct periodic reviews of our privacy practices, typically annually or when there are significant changes to our services or applicable laws.
These accountability measures help ensure consistent application of privacy principles throughout our operations and demonstrate our commitment to responsible data handling.
If you have any questions, concerns, or requests regarding your personal data or this Privacy Policy, you can reach our privacy team through the following channels:
Email: [email protected]
Postal Address: InterviewZen (subsidiary of Telemore AI LLC) Privacy Department [Your physical address] [City, State ZIP]
Data Subject Requests: For formal data subject requests (access, deletion, etc.), please use our dedicated form at [interviewzen.com/privacy-request] or email [email protected] with the subject line “Data Subject Request.”
We aim to respond to all privacy inquiries within 30 days. For complex requests or in cases where additional verification is needed, we may extend this response time and will notify you accordingly.
If you are located in the European Economic Area and believe we have not adequately addressed your privacy concerns, you have the right to contact your local data protection authority.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors:
Effective Date: The revised Privacy Policy will be effective immediately upon posting, or at a later date as specified in the notification.
Review of Changes: We will include a summary of material changes and maintain an archive of previous versions accessible upon request.
We encourage you to periodically review this Privacy Policy to stay informed about our data practices.
The following actions are undertaken to ensure that InterviewZen complies at all times with the accountability principle of the GDPR:
These actions are reviewed regularly as part of the information security management process.