Loading Privacy Policy...
Privacy Protection

Privacy Policy

Your privacy is our priority. Learn how we collect, use, and protect your personal information

Last Updated: January 15, 2025
GDPR & CCPA Compliant

Table of Contents

1. Overview

This Privacy Policy describes how Codehub Software Solutions (OPC) Pvt. Ltd. ("Company", "we", "us", or "our") collects, uses, and protects your personal information when you use Oniew Interview Co-Pilot ("Service").

We are committed to protecting your privacy and ensuring transparency about our data practices. This policy applies to all users of our Service, regardless of location.

Key Privacy Principles

  • Privacy by Design: Privacy considerations are built into our Service from the ground up
  • Data Minimization: We only collect data necessary for Service functionality
  • Local Processing: Most data processing happens locally on your device
  • Transparency: We clearly explain what data we collect and why
  • User Control: You have control over your data and privacy settings

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Profile information (optional)
  • Authentication credentials (encrypted)
  • Account preferences and settings

2.2 Audio Data

Our Service processes audio for transcription and analysis:

  • Local Processing: Audio is primarily processed on your device using Apple's Speech Recognition
  • Cloud Processing: For enhanced features, audio may be processed via secure APIs (clearly disclosed)
  • No Storage: Audio data is not permanently stored unless explicitly saved by you
  • Encryption: All audio transmissions use end-to-end encryption

2.3 Screenshot Data

When using screenshot analysis features:

  • Screenshots are captured locally on your device
  • Images may be processed for AI analysis (with your consent)
  • No screenshots are permanently stored on our servers
  • All image data is deleted after processing

2.4 Usage Data

We collect limited usage analytics to improve the Service:

  • Feature usage patterns (anonymized)
  • Performance metrics
  • Error logs (no personal data)
  • Session duration and frequency

2.5 Device Information

  • Operating system and version
  • Device model and hardware information
  • IP address and location (approximate)
  • Browser type and version (for web access)

3. How We Use Your Information

3.1 Service Provision

  • Provide AI-powered interview assistance
  • Process audio and visual data for analysis
  • Maintain your account and preferences
  • Deliver requested features and functionality

3.2 Service Improvement

  • Analyze usage patterns to improve features
  • Identify and fix technical issues
  • Develop new features and capabilities
  • Optimize performance and user experience

3.3 Communication

  • Send service updates and announcements
  • Provide customer support
  • Deliver security notifications
  • Send marketing communications (with consent)

3.4 Legal and Security

  • Comply with legal obligations
  • Protect against fraud and abuse
  • Enforce our Terms of Service
  • Respond to legal requests

4. Data Processing Architecture

4.1 Local Processing

Most data processing occurs locally on your device:

  • Embedded AI: Local knowledge base and processing engine
  • Speech Recognition: Apple's on-device Speech framework
  • Data Privacy: Sensitive data never leaves your device unnecessarily
  • Offline Capability: Core features work without internet connection

4.2 Cloud Processing

Some features require cloud processing for enhanced functionality:

  • Advanced AI analysis (when enabled)
  • Real-time collaboration features
  • Cross-device synchronization
  • Enhanced natural language processing

4.3 Data Minimization

We implement strict data minimization practices:

  • Only collect data necessary for functionality
  • Process data at the lowest level possible
  • Automatically delete temporary data
  • Anonymize analytics and usage data

5. Data Sharing and Disclosure

5.1 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for commercial purposes.

5.2 Service Providers

We may share limited data with trusted service providers:

  • Cloud infrastructure providers (AWS, etc.)
  • Payment processors
  • Analytics services (anonymized data only)
  • Customer support platforms

5.3 Legal Requirements

We may disclose information when required by law:

  • Response to valid legal requests
  • Compliance with court orders
  • Protection of our rights and property
  • Prevention of illegal activities

5.4 Business Transfers

In case of merger, acquisition, or sale, user data may be transferred as part of the business assets, subject to the same privacy protections.

6. Data Security

6.1 Security Measures

We implement comprehensive security measures:

  • Encryption: End-to-end encryption for data transmission
  • Access Controls: Strict access limitations on a need-to-know basis
  • Regular Audits: Security assessments and penetration testing
  • Secure Infrastructure: Industry-standard cloud security practices

6.2 Data at Rest

  • All stored data is encrypted using AES-256
  • Database encryption with rotating keys
  • Secure backup and recovery procedures
  • Regular security monitoring and alerting

6.3 Data in Transit

  • TLS 1.3 encryption for all communications
  • Certificate pinning for mobile applications
  • Secure API endpoints with authentication
  • End-to-end encryption for sensitive data

6.4 Incident Response

In case of a security incident:

  • Immediate containment and assessment
  • Notification to affected users within 72 hours
  • Cooperation with law enforcement if required
  • Post-incident review and security improvements

7. Data Retention

7.1 Retention Periods

  • Account Data: Retained while account is active plus 30 days
  • Audio Data: Processed and deleted immediately (not stored)
  • Screenshot Data: Processed and deleted immediately (not stored)
  • Usage Analytics: Anonymized data retained for 2 years
  • Support Records: Retained for 3 years for customer service

7.2 Deletion Process

When data is scheduled for deletion:

  • Automatic deletion from active systems
  • Secure deletion from backups within 90 days
  • Cryptographic deletion where applicable
  • Verification of complete data removal

8. Your Privacy Rights

8.1 Access and Portability

  • Request a copy of your personal data
  • Export your data in machine-readable format
  • Access your account information and settings
  • View your privacy preferences

8.2 Correction and Updates

  • Update your account information
  • Correct inaccurate personal data
  • Modify your privacy preferences
  • Change communication settings

8.3 Deletion and Erasure

  • Delete your account and associated data
  • Request erasure of specific data
  • Withdraw consent for data processing
  • Object to certain types of processing

8.4 How to Exercise Rights

To exercise your privacy rights:

  • Access account settings in the application
  • Contact us at hello@oniew.com
  • Submit a request through our support system
  • Response within 30 days of verified request

9. Cookies and Tracking

9.1 Types of Cookies

  • Essential Cookies: Required for Service functionality
  • Analytics Cookies: Help us understand usage patterns
  • Preference Cookies: Remember your settings and preferences
  • Security Cookies: Protect against fraud and security threats

9.2 Cookie Management

You can control cookies through:

  • Browser settings and preferences
  • Our cookie consent banner
  • Privacy settings in the application
  • Third-party cookie management tools

9.3 Do Not Track

We respect Do Not Track signals and will not track users who have enabled this setting in their browsers.

10. Third-Party Services

10.1 Integrated Services

Our Service integrates with third-party services:

  • Apple Sign-In: Authentication service
  • OpenAI API: Enhanced AI processing (optional)
  • Cloud Providers: Infrastructure and hosting
  • Payment Processors: Secure payment handling

10.2 Third-Party Privacy

Each third-party service has its own privacy policy:

  • We carefully select privacy-conscious partners
  • Data sharing agreements include privacy protections
  • Regular review of third-party privacy practices
  • Option to disable third-party integrations

11. International Data Transfers

11.1 Global Service

As a global service, data may be transferred internationally:

  • Data centers in multiple regions for performance
  • Compliance with local data protection laws
  • Appropriate safeguards for international transfers
  • Standard contractual clauses for EU data

11.2 Regional Compliance

  • GDPR: Full compliance for EU users
  • CCPA: Privacy rights for California residents
  • Other Laws: Compliance with applicable local laws

12. Privacy Policy Updates

12.1 Policy Changes

We may update this Privacy Policy to reflect:

  • Changes in our data practices
  • New features or services
  • Legal or regulatory requirements
  • Industry best practices

12.2 Notification Process

For significant changes, we will:

  • Email registered users about changes
  • Display prominent notices in the application
  • Provide at least 30 days' notice before changes take effect
  • Obtain consent for material changes affecting data processing

13. Contact Information

For privacy-related questions or concerns, please contact us:

Data Protection Officer

hello@oniew.com

Codehub Software Solutions (OPC) Pvt. Ltd.

Bangalore, Karnataka, India

General Inquiries

hello@oniew.com

Response Times

  • Privacy Requests: Within 30 days
  • Data Breaches: Within 72 hours
  • General Inquiries: Within 5 business days
  • Urgent Issues: Within 24 hours

Last Updated: January 15, 2025

This Privacy Policy is effective as of the date listed above and applies to all users of the Oniew Interview Co-Pilot service.