# Privacy Policy for interview.codes
Last Updated: October 24, 2024
## 1. Introduction
interview.codes ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and browser extension (collectively, the "Service").
## 2. Information We Collect
### 2.1. Information You Provide
We collect information that you voluntarily provide when using our Service:
- Account information (name, email, password)
- Profile data (professional experience, preferences)
- Payment information (processed through secure third-party providers)
- User-generated content (code solutions, comments, notes)
- Communication preferences
### 2.2. Automatically Collected Information
We automatically collect certain information when you use our Service:
- Device information (browser type, operating system)
- IP address and location data
- Usage patterns and interactions
- Performance data and error logs
- Browser extension interaction data
- Problem-solving patterns and statistics
### 2.3. Third-Party Data Collection
Our service integrates with:
- Supabase for data storage and authentication
- OpenAI for generating hints and solutions
- Analytics providers for usage tracking
- Payment processors (if applicable)
## 3. How We Use Your Information
### 3.1. Primary Uses
We use your information to:
- Provide and maintain our Service
- Generate personalized hints and solutions
- Track your progress and learning patterns
- Authenticate your identity
- Process payments and transactions
- Send service updates and notifications
### 3.2. Secondary Uses
We may also use your information to:
- Improve our Service
- Analyze usage patterns
- Develop new features
- Prevent fraud and abuse
- Comply with legal obligations
## 4. Data Storage and Security
### 4.1. Data Storage
- User data is primarily stored on Supabase servers
- Encrypted in transit and at rest
- Regular backups are maintained
- Data retention policies are implemented
### 4.2. Security Measures
We implement industry-standard security measures:
- SSL/TLS encryption
- Regular security audits
- Access controls and authentication
- Secure data transmission protocols
- Regular security updates
## 5. Data Sharing and Disclosure
### 5.1. Third-Party Service Providers
We share data with:
- Supabase for database services
- OpenAI for AI-powered features
- Analytics providers
- Payment processors
- Cloud hosting providers
### 5.2. Legal Requirements
We may disclose information:
- To comply with laws
- To respond to legal requests
- To protect our rights
- In connection with a business transfer
## 6. Your Privacy Rights
### 6.1. Access and Control
You have the right to:
- Access your personal data
- Correct inaccurate data
- Request data deletion
- Export your data
- Opt-out of certain data collection
- Withdraw consent
### 6.2. Regional Rights
Additional rights for specific regions:
#### European Union (GDPR)
- Right to be forgotten
- Data portability
- Restriction of processing
- Object to processing
#### California (CCPA/CPRA)
- Right to know
- Right to delete
- Right to opt-out of sale
- Non-discrimination rights
## 7. Browser Extension Privacy
### 7.1. Extension Permissions
Our browser extension requires:
- Access to specific coding websites
- Local storage permissions
- Network access
- Tab access for problem identification
### 7.2. Extension Data Collection
The extension collects:
- Problem-solving patterns
- Code snippets
- Interaction data
- Performance metrics
## 8. Children's Privacy
- We do not knowingly collect data from users under 13
- Parents can request data deletion
- Age verification may be required
- Special protections for users under 16
## 9. International Data Transfers
### 9.1. Data Transfer Mechanisms
- Standard contractual clauses
- Adequacy decisions
- Privacy Shield (where applicable)
- Appropriate safeguards
### 9.2. International Processing
- Data may be processed in multiple jurisdictions
- Equivalent level of protection maintained
- Compliance with local regulations
- Transparent processing practices
## 10. Changes to Privacy Policy
### 10.1. Update Process
- Regular policy reviews
- Notification of material changes
- Email notifications for significant updates
- 30-day notice when possible
### 10.2. Version Control
- Policy version history maintained
- Previous versions accessible
- Change log available
- Effective dates clearly marked
## 11. Data Retention
### 11.1. Retention Periods
- Account data: Duration of account plus 30 days
- Usage data: 12 months
- Payment information: As required by law
- Communication records: 24 months
### 11.2. Data Deletion
- Automatic deletion after retention period
- Manual deletion upon request
- Backup retention policies
- Archive management
## 12. Contact Information
For privacy-related inquiries:
- Privacy Officer: [Name]
- Email: [Email Address]
- Address: [Physical Address]
- Phone: [Phone Number]
## 13. Cookie Management
Please refer to our separate Cookie Policy for detailed information about our use of cookies and similar technologies.
## 14. Compliance
### 14.1. Regulatory Compliance
We comply with:
- GDPR
- CCPA/CPRA
- Other applicable privacy laws
### 14.2. Industry Standards
We adhere to:
- ISO 27001
- SOC 2 principles
- Industry best practices
- Privacy by design principles
## 15. Dispute Resolution
### 15.1. Process
- Internal complaint procedure
- Response within 30 days
- Alternative dispute resolution
- Jurisdiction and venue
### 15.2. Remedies
- Correction of violations
- Data subject rights
- Compensation where applicable
- Regulatory reporting
## 16. Additional Information
For more information about our privacy practices, please:
- Review our Terms of Service
- Contact our Privacy Officer
- Visit our Help Center
- Submit a support ticket