1. Introduction
Simpatico HR Consultancy ("Company", "we", "us") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform ("Service").
2. Information We Collect
Account Information: Name, email address, phone number, company name, and role when you register.
Employee Data: Information you upload about your employees, including names, contact details, salary information, attendance records, and documents. You are the data controller for this information.
Candidate Data: Resumes, application details, assessment results, and interview recordings submitted through the recruitment process.
Payment Information: Billing details are processed securely by Razorpay, our PCI DSS Level 1 certified payment gateway. We do not store credit card numbers on our servers.
Usage Data: Log data, browser type, device information, and feature usage analytics to improve the Service.
3. How We Use Your Information
- To provide, maintain, and improve the Service
- To process payments and manage subscriptions
- To send transactional emails (payslips, interview invitations, notifications)
- To provide AI-powered features (resume screening, assessment generation)
- To respond to support requests and communicate updates
- To ensure platform security and prevent fraud
4. Data Storage & Security
Your data is stored on secure cloud infrastructure provided by Supabase (PostgreSQL) with the following protections:
- Encryption: Data is encrypted in transit (TLS 1.3) and at rest
- Row-Level Security (RLS): Database policies ensure strict tenant isolation
- Multi-Tenant Isolation: Each organization's data is completely isolated from others
- Access Controls: Role-based access with JWT authentication via Cloudflare Workers
5. AI & Data Processing
Our AI features (resume screening, assessment generation, AI assistant) use Cloudflare AI and Google Gemini. Your data processed by AI is:
- Used only for the specific feature requested
- Not used to train third-party AI models
- Processed in compliance with our data processing agreements with AI providers
6. Data Sharing
We do not sell your data. We share information only with:
- Payment Processors: Razorpay (PCI DSS Level 1 Certified), for billing purposes
- Infrastructure Providers: Supabase, Cloudflare (under strict data processing agreements)
- Email Services: Resend, for transactional emails you initiate
- Legal Requirements: When required by law or to protect our rights
7. Data Retention
We retain your data for as long as your account is active. Upon account termination, you may request data export within 30 days. After 90 days of account termination, data is permanently deleted from our systems.
8. Your Rights
You have the right to:
- Access, correct, or delete your personal data
- Export your data in standard formats
- Withdraw consent for non-essential data processing
- Object to automated decision-making
- Lodge a complaint with a supervisory authority
9. Cookies
We use essential cookies for authentication and session management. We do not use third-party tracking cookies. Local storage is used for session tokens and user preferences.
10. International Transfers
Your data may be processed in regions where our infrastructure providers operate. We ensure appropriate safeguards are in place for all international data transfers, including Razorpay's payment processing service which handles payment compliance.
11. Children's Privacy
The Service is not intended for individuals under 18 years of age. We do not knowingly collect information from children.
12. Changes to This Policy
We may update this policy periodically. Material changes will be communicated via email. Continued use of the Service constitutes acceptance of the updated policy.
13. Contact Us
For privacy inquiries or data requests, contact:
Simpatico HR Consultancy — Data Protection
Email: simpaticohrconsultancy@gmail.com
Website: simpaticohrconsultancy.com