Privacy Policy

1. Introduction and Scope

Kairos ("Company," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy ("Policy") governs the collection, use, disclosure, and protection of information collected through our website, browser extension, mobile applications, and services (collectively, "Services").

This Policy applies to all users of our Services, including visitors to our website, users of our AI-powered job search and career optimization platform, and customers of our products and services. By using our Services, you acknowledge that you have read and understood this Policy and agree to the collection, use, and disclosure of your information as described herein.

2. Information We Collect

2.1 Personal Information

We may collect the following categories of personal information:

• Identifiers: Name, email address, phone number, and unique identifiers
• Professional Information: Job title, company, industry, work experience, skills, qualifications, resume content, and job application data
• Account Information: Username, password, account preferences, service plan details, and security questions
• Communication Data: Messages, feedback, support requests, and other communications with us
• Browser Extension Data: Job descriptions viewed, application status, and interaction data from job boards when using our browser extension
• Payment Information: When you register for an account, a corresponding account is automatically created in the Stripe payment processing system. Stripe collects and processes payment information, including credit card details, billing addresses, and transaction history, in accordance with Stripe's Privacy Policy. We do not store your full credit card information on our servers; all payment processing is handled securely by Stripe.

2.2 Technical Information

We automatically collect certain technical information when you use our Services:

• Device Information: IP address, device type, operating system, browser type, and device identifiers
• Usage Data: Pages visited, features used, time spent on Services, job searches performed, applications tracked, and interaction patterns
• Log Data: Server logs, error reports, and performance metrics
• Cookies and Similar Technologies: As described in our Cookie Policy

2.3 AI and Machine Learning Data

As an AI-powered job search and career optimization platform, we may collect and process data to improve our artificial intelligence systems:

• Training Data: Anonymized and aggregated data used to train and improve our AI models for resume analysis, job matching, and interview preparation
• User Interactions: How users interact with our AI features, including resume analysis results, job matching scores, and interview preparation usage
• Performance Metrics: Data related to the accuracy and effectiveness of our AI systems in matching resumes to job descriptions and providing career insights

Third-Party AI Services: Our AI-powered features utilize third-party artificial intelligence and machine learning services. When you use these features, your data (including resumes, job descriptions, application information, and other content) is transmitted to and processed by these third-party AI service providers. Cognixis AI is not responsible for, and disclaims all liability related to, any information collected, processed, stored, or used by third-party AI service providers. This includes data collection practices, data retention policies, data security measures, training data usage, and any other use of your information by AI service providers. You acknowledge that by using our AI-powered features, your information may be subject to the privacy policies, terms of service, and data handling practices of these third-party AI providers, which are beyond our direct control.

AI Data Collection Disclaimer: Third-party AI service providers may collect, process, and use your information for various purposes, including but not limited to model training, service improvement, and analytics. Cognixis AI does not control, monitor, or assume responsibility for how third-party AI providers collect, use, or protect your information. The specific AI service providers we utilize may change from time to time, and we are not obligated to disclose the identity of these providers or their specific data handling practices.

Privacy Protection Measures: Cognixis AI implements comprehensive privacy protection measures and utilizes available configuration settings designed to prevent the use of customer data for AI model training, data sharing, or other purposes beyond the direct provision of our Services. We employ industry-standard privacy controls, data processing agreements, and technical safeguards to protect your information. However, we cannot guarantee or warrant that third-party AI service providers will fully comply with these settings or restrictions, as their data handling practices are beyond our direct control. While we take all reasonable steps to protect your privacy, you acknowledge that absolute control over third-party AI provider data practices cannot be guaranteed.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Provision: To provide, maintain, and improve our Services, including resume analysis, job matching, application tracking, and interview preparation
• AI Enhancement: To train, develop, and improve our artificial intelligence systems for better job matching, resume optimization, and career insights
• Personalization: To customize your experience, provide relevant job recommendations, and tailor interview preparation materials
• Communication: To respond to your inquiries, provide customer support, and send service-related notifications
• Security: To protect against fraud, abuse, and security threats
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Business Operations: To conduct business analytics, improve our operations, and manage service plans and subscriptions
• Browser Extension Functionality: To enable the browser extension to analyze job postings, match resumes, and track applications on job boards

Legal Basis: We process your information based on legitimate business interests, contractual obligations, legal requirements, and your consent where applicable.

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. However, we may share your information in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our Services, including cloud hosting (AWS), payment processing (Stripe), and analytics services
• AI Service Providers: With third-party artificial intelligence and machine learning service providers to process your data for AI-powered features such as resume analysis, job matching, interview preparation, and company intelligence. These AI providers may collect, process, and store your information in accordance with their own privacy policies and terms of service. The specific AI service providers we utilize may change from time to time, and we are not obligated to disclose the identity of these providers
• Legal Requirements: When required by law, regulation, or legal process
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Protection of Rights: To protect our rights, property, or safety, or that of our users
• Consent: With your explicit consent or at your direction
• Job Board Integration: When using our browser extension, job descriptions and application data may be processed to provide matching and tracking features

Data Processing Agreements: All third-party service providers are bound by strict data processing agreements and security requirements. We ensure that service providers like Stripe (for payment processing) and AWS (for cloud infrastructure) maintain appropriate security measures. For AI service providers, we implement privacy protection measures and utilize available configuration settings designed to prevent the use of customer data for AI model training or data sharing. However, we are not responsible for the privacy practices, data handling, or security measures of third-party AI service providers, and you acknowledge that your information may be subject to the privacy policies and terms of service of these AI providers. The specific AI service providers we utilize may change from time to time, and we are not obligated to disclose the identity of these providers. While we take all reasonable steps to protect your privacy through technical safeguards and contractual agreements, we cannot guarantee that third-party AI providers will fully comply with these restrictions, as their data handling practices are beyond our direct control.

Stripe Account Creation: When you register for a Kairos account, a corresponding customer account is automatically created in the Stripe payment processing system. This Stripe account is used exclusively for managing your subscription payments and billing. Stripe collects and processes your payment information in accordance with Stripe's Privacy Policy and Terms of Service. You may access your Stripe account information through your Kairos account settings or directly through Stripe's customer portal. We share with Stripe only the information necessary to process payments and manage your subscription.

5. Data Security and Protection

We implement comprehensive security measures to protect your information:

• Encryption: All data is encrypted in transit and at rest using industry-standard encryption protocols (TLS 1.2+ for data in transit, AES-256 for data at rest)
• Access Controls: Strict access controls and authentication mechanisms, including JWT-based authentication and role-based access control
• Security Monitoring: Continuous monitoring and threat detection systems
• Regular Audits: Periodic security assessments and penetration testing
• Employee Training: Regular security training for all employees
• AWS Security: Our infrastructure uses AWS security best practices, including VPC isolation, security groups, and encrypted storage

Data Breach Response: In the unlikely event of a data breach, we will notify affected users and relevant authorities as required by law, typically within 72 hours of becoming aware of the breach.

6. Your Rights and Choices

You have certain rights regarding your personal information:

• Access: Request access to your personal information, including resumes, job applications, and analysis data
• Correction: Request correction of inaccurate information, such as updating your profile or resume details
• Deletion: Request deletion of your personal information, including account deletion and removal of stored resumes
• Portability: Request a copy of your data in a portable format (e.g., export your job applications and resume data)
• Restriction: Request restriction of processing in certain circumstances
• Objection: Object to certain types of processing, such as marketing communications
• Opt-Out: Opt out of certain data collection practices, such as analytics cookies (see our Cookie Policy)

Exercise of Rights: To exercise these rights, contact us at support@cognixisai.com. We will respond to your request within 30 days. For account deletion, you can also use the account deletion feature in your Settings page.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws through:

• Adequacy Decisions: Transfers to countries with adequate data protection
• Standard Contractual Clauses: EU-approved data transfer agreements
• Certification Schemes: Industry-recognized privacy certifications
• Consent: Your explicit consent where required
• AWS Data Centers: Our data is stored in AWS data centers, which maintain compliance with various international data protection standards

Data Residency: By default, your data is stored in AWS data centers in the United States. If you are located in the EU, you may request that your data be processed in EU-based data centers where available.

8. Children's Privacy

Our Services are not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us immediately at support@cognixisai.com, and we will take steps to delete such information.

Age Verification: By using our Services, you represent and warrant that you are at least 18 years old and have the legal capacity to enter into binding agreements.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated Policy on our website
• Sending you an email notification
• Displaying a prominent notice on our Services

Continued Use: Your continued use of our Services after any changes constitutes acceptance of the updated Policy.

Review: We encourage you to review this Policy periodically to stay informed about how we collect, use, and protect your information.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Protection Officer: For EU residents, you may also contact our Data Protection Officer at legal@cognixisai.com.

Privacy Requests: For requests related to your privacy rights (access, deletion, portability, etc.), please email support@cognixisai.com with "Privacy Request" in the subject line.

Legal Disclaimer