1. About HireReady

HireReady is an AI-powered interview preparation platform designed to help job seekers practice and improve their interview skills through realistic mock interviews and personalized feedback. This Privacy Policy explains how we collect, use, and protect your personal data when you use our services. We are committed to protecting your privacy and handling your data transparently.

2. Who We Are

HireReady is created and operated by Richard Judge. For the purpose of the General Data Protection Regulation (GDPR), HireReady is the data controller for your personal information.

3. Information We Collect

When you create an account, we collect your email address and name to set up and manage your profile. During practice interviews, your text and audio responses are linked to your account so you can review them later. You may also upload your resume and paste job descriptions to personalize your sessions.

When you upload a resume during a practice session, it is processed in-memory to generate personalized interview questions. If you save your resume in your prep workspace, it is stored securely in our database so you can reuse it across sessions, and you can delete it at any time from your account. All uploads are protected during transit using SSL/TLS encryption.

We also collect technical information to operate and improve the service: usage analytics (page views, clicks, and feature usage), device and browser information, and IP address for fraud prevention. With your consent, we use PostHog to record pseudonymized session replays to identify usability issues — all form inputs are automatically masked and no sensitive data is captured. You can opt out at any time via the cookie consent banner.

4. How We Use Your Information

Under GDPR, we must have a valid legal basis to process your data. We use your interview data and preferences to deliver the core mock interview functionality (contractual necessity). We monitor technical information to prevent misuse, protect our services, and ensure everything runs smoothly (legitimate interest).

We only collect usage analytics and record session replays after you have given consent via our cookie banner. You can withdraw consent at any time — clearing your browser cookies will cause the banner to reappear. We will only send marketing communications or service updates if you have explicitly opted in.

5. Data Sharing and Third Parties

We do not sell, trade, or rent your personal data. We only share data with trusted third-party services that help us operate our platform, under strict confidentiality agreements.

Vercel and Supabase host our website, store your account data, and manage authentication. AI service providers (e.g. OpenAI) process your interview responses and generate feedback. PostHog and Google Analytics help us analyze platform usage and improve the service — PostHog data is processed in the EU, and analytics only runs after you consent via the cookie banner. Stripe securely processes payments for paid plans and handles your payment information directly — we do not store your card details.

We may also disclose information if required by law or in the event of a business transfer, where you would be notified.

6. Your Data Rights

Under GDPR, you have the right to access, rectify, or delete the personal data we hold about you. You can also object to processing for certain purposes, request restriction of processing, and request your data in a portable, machine-readable format. You can exercise these rights from the Account page or by contacting us.

7. Data Retention & Security

We keep your personal data for as long as your account is active. You may delete your account and associated data at any time from the Account page. When you delete your account, all personal data is permanently removed from our systems; we retain only a minimal timestamp record for audit purposes. Third-party processors we use for analytics (such as PostHog and Google Analytics) and billing (Stripe) retain data according to their own policies — to request deletion from those systems, contact us. Anonymised data may be kept longer for statistical purposes.

We use encryption in transit (SSL/TLS) and at rest, along with strict access controls to protect your data.

8. International Data Transfers

Some of our third-party providers are based outside the European Economic Area (EEA). When we transfer your data to these countries, we ensure it receives a similar degree of protection by using legal mechanisms like Standard Contractual Clauses (SCCs) approved by the European Commission.

9. Policy Updates

We may update this policy periodically. All changes will be posted on this page with a revised "Last updated" date. We will notify you of any significant changes.

10. Contact Us

For any questions, data requests, or privacy concerns, please reach out at gethireready.ai@gmail.com. We are committed to addressing your concerns promptly and transparently.