Legal

Privacy Policy

Last updated: April 2026

1. Who we are

TAOps Consulting is the data controller for personal data collected through the Interview Kit Generator. If you have any questions about how we handle your data, please contact us at info@taopsconsulting.com.

2. What data we collect

When you use the Interview Kit Generator, we collect the following personal data:

Data Purpose Legal basis
Name and work email address Account creation and login Contract performance
Organisation name Labelling kits and team context Contract performance
Interview kit content (role details, interview structure, signals, questions) Generating and storing your interview kits Contract performance
Team member email addresses (if applicable) Sending team invitations Legitimate interests
Usage data (login times, kit generation events) Security and product improvement Legitimate interests

The Interview Kit Generator does not collect, process, or store any candidate personal data. Kits contain role structures, competency signals, and interview questions — not information about specific candidates.

3. How we use your data

We use your personal data solely to:

  • Provide you with access to the Interview Kit Generator
  • Generate, store, and share your interview kits
  • Enable team collaboration on kit libraries
  • Send transactional emails (account confirmation, password reset, team invitations)
  • Respond to support requests
  • Improve the product based on aggregated, anonymised usage patterns

We do not use your data for advertising, profiling, or automated decision-making that produces legal or similarly significant effects.

4. Data retention

We retain your data for the following periods:

  • Account data (name, email) — retained while your account is active, or for up to 2 years after last login
  • Interview kit data — retained for the duration of your active subscription, plus 12 months to allow access to historical kits
  • Payment records — retained for 7 years in accordance with financial record-keeping requirements

You may request deletion of your account and kit data at any time (see Section 7).

5. Who we share data with

We share your data only with trusted third-party service providers necessary to operate the Interview Kit Generator:

  • Supabase — database and authentication (data stored in EU region)
  • Stripe — payment processing (subject to Stripe's own privacy policy)
  • Anthropic (Claude API) — AI generation of interview questions (role and signal data is sent to generate kit content; no data is retained by Anthropic for training without consent)
  • Vercel — hosting and serverless infrastructure (EU region where available)

We do not sell, rent, or otherwise share your personal data with third parties for their own purposes.

6. Data security

We take reasonable technical and organisational measures to protect your personal data, including:

  • Encrypted data transmission (HTTPS)
  • Secure authentication with email verification
  • Row-level security policies ensuring users can only access their own data
  • Access controls limiting who can access production data

No method of transmission or storage is 100% secure. If you become aware of any security issue, please contact us immediately at info@taopsconsulting.com.

7. Your rights

Under GDPR and applicable data protection law, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your personal data ("right to be forgotten")
  • Portability — export your interview kits in a machine-readable format via your Account page
  • Restriction — request that we limit processing of your data
  • Objection — object to processing based on legitimate interests

To exercise any of these rights, please contact us at info@taopsconsulting.com. We will respond within 30 days. You can also delete your account directly from your Account page.

8. Cookies

The Interview Kit Generator uses cookies solely for authentication purposes — to keep you logged in securely. We do not use advertising, tracking, or analytics cookies.

Authentication cookies are essential for the tool to function and cannot be disabled while using the service.

9. International transfers

Your data is stored within the European Union where possible. Where any transfer outside the EU is necessary (for example, for payment processing via Stripe, or AI generation via Anthropic), we ensure appropriate safeguards are in place in accordance with GDPR requirements.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by displaying a notice within the tool. Continued use after changes are published constitutes acceptance of the updated policy.

11. Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with your local data protection authority. In the EU, you can find your national authority at edpb.europa.eu.

We would always prefer to resolve concerns directly — please contact us first at info@taopsconsulting.com.