Privacy Policy

1. Information We Collect

We collect information you provide directly: name, email, company name, and payment information when you create an account. We also collect usage data including pages visited, features used, and interaction patterns to improve our service.

For workspaces, we store data you input: candidate information, job descriptions, calendar events, contracts, and communication records. This data belongs to your workspace and is isolated via PostgreSQL Row-Level Security.

2. How We Use Your Data

We use your data to: provide and maintain the VUMY platform, process transactions, send service-related communications, improve our AI models (with anonymized data only), and comply with legal obligations. We never sell your personal data to third parties.

3. Data Security

We use industry-standard security measures: PostgreSQL RLS for tenant isolation, AES-256 encryption for secrets, X.509 certificates for e-signatures, and comprehensive audit logging. All data is transmitted over TLS 1.3.

4. Third-Party Services

We integrate with: Stripe (payments), Google (calendar sync), Microsoft (calendar sync), and AI providers (OpenAI, Anthropic) for Symphony. Each integration is governed by the respective provider's terms. We share only the minimum data required for each integration to function.

5. Your Rights

You have the right to: access your data, correct inaccuracies, request deletion, export your data, and withdraw consent for non-essential processing. Contact privacy@vumy.net for any data-related requests.

6. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we remove personal data within 30 days, except where retention is required by law. Anonymized usage data may be retained indefinitely for analytics.

7. Contact

For privacy inquiries, contact us at privacy@vumy.net.