RINT.io - Privacy Policy

Last Updated: December 18, 2025

Effective Date: December 18, 2025

---

TABLE OF CONTENTS

1. Introduction
2. Information We Collect
3. How We Use Your Information
4. Data Retention
5. How We Share Your Information
6. Data Security
7. International Data Transfers
8. Your Privacy Rights
9. Children's Privacy
10. Third-Party Links and Services
11. Your Choices Regarding Information
12. California Privacy Rights
13. CCPA-Specific Rights
14. GDPR-Specific Rights
15. Automated Decision-Making
16. Disclaimers Related to Data and AI
17. Changes to This Policy
18. Contact Us
19. Additional Legal Notices

---

1. INTRODUCTION

Welcome to RINT.io ("Company," "we," "us," "our," or the "App"). We are committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our mobile application and related services (collectively, the "Service").

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service. By downloading, installing, accessing, or using RINT.io, you acknowledge that you have read, understood, and agree to be bound by all the provisions of this Privacy Policy.

For users in the European Economic Area (EEA), United Kingdom, or other jurisdictions with specific data protection laws: This Privacy Policy is designed to comply with the General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and equivalent regulations. Your rights are detailed in Section 14.

---

2. INFORMATION WE COLLECT

2.1 Personal Data Collected Directly From You

When you use RINT.io, we may ask you to provide certain personally identifiable information:

• Account Information: Name, email address, password, date of birth (for age verification, minimum 13 years old)
• Profile Information: Job title, experience level, job role preferences
• Subscription Information: Payment information (processed securely through Apple App Store or Google Play Store - we do not store payment card details)
• Voice Data: Audio recordings and transcriptions of your interview practice responses
• Feedback and Communications: Any messages, feedback, or support requests you send to us

2.2 Usage Data Collected Automatically

When you interact with RINT.io, we automatically collect certain information:

• Device Information: Device type, operating system version, device unique identifier (for fraud prevention and trial abuse detection only), device language, device model, manufacturer
• Log Data: IP address, pages or features accessed, time and date of access, duration of usage, timestamps of actions, crash reports and error logs
• App Performance Data: App version, feature usage analytics, button taps, screen navigation paths, time spent on each screen, session duration
• Location Data: Approximate location based on IP address for analytics purposes only (no precise GPS location)
• Mobile Device Information: Operating system type, unique device identifier, mobile internet browser type, device state information, mobile network information

2.3 Voice Recording and Transcription Data

Important: RINT.io includes voice recording functionality to allow you to practice interview answers verbally.

Voice Recording Collection:

• Audio Files: When you use voice mode during an interview session, we collect your complete audio recording
• Transcription Data: Your audio is automatically transcribed using OpenAI's Whisper API
• Associated Metadata: Timestamp, session ID, language selected, interview role, question text, savagery level setting

Storage and Processing:

• Device Storage: Audio files are initially processed and stored locally on your device
• Cloud Processing: Transcriptions are generated through OpenAI's Whisper API; audio files are transmitted to OpenAI's servers for transcription purposes only
• Retention on Device: Audio files remain on your device and are associated with your session history
• Server Storage: We store only the transcribed text and associated session metadata on our servers, not the original audio files
• User Deletion Rights: You can delete your audio files and session data at any time through the app settings

Legal Basis for Voice Recording:

• Explicit Consent: You provide explicit consent to voice recording when you toggle the voice mode feature
• Legitimate Interest: We process voice data to provide core functionality and improve interview preparation quality
• Performance of Service: Voice recording is essential to deliver the interview practice experience

Third-Party Sharing for Transcription:

• OpenAI Integration: Audio and text transcriptions may be processed by OpenAI (Whisper API and GPT-4o)
• OpenAI Privacy: Your data is subject to OpenAI's Privacy Policy and Data Processing Agreements compliant with GDPR
• No Audio Training: OpenAI does not use your audio recordings or transcriptions to train its models

2.4 AI-Generated Content and Scoring Data

RINT.io uses AI to analyze your responses and generate:

• Cringe Scores: Automated scoring of your interview answers (0-100 scale)
• Hire Probability Scores: Real-time percentage indicating likelihood of interview success
• Feedback and Roasts: AI-generated commentary on your responses
• Coaching Recommendations: AI-generated suggestions for improving answers
• Session Results: Verdict classifications (HIRED, CALLBACK, MAYBE, REJECTED, WRECKED)
• Progress Analytics: Aggregated performance data showing improvement trends

Important Note on AI Scoring: All AI-generated scores, feedback, and recommendations are generated by artificial intelligence systems. They do not constitute professional career advice, guaranteed outcomes, or predictions of actual interview performance.

2.5 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

Functional Cookies (Required):

• Session management
• Security verification
• Language and preference settings

Analytics Cookies (Optional):

• Google Analytics for app performance monitoring
• Crash reporting for app stability
• Feature usage analytics

Important: We do NOT use device identifiers for advertising, cross-app tracking, or marketing purposes. Device identifiers are collected solely for fraud prevention and trial abuse detection.

---

3. HOW WE USE YOUR INFORMATION

3.1 Core Service Delivery

• Providing the Service: Delivering interview practice simulations, generating feedback and coaching, tracking your progress
• Account Management: Creating and maintaining your account, managing registration, providing access to app features
• Personalization: Customizing your experience based on your preferences and language selection
• Gamification: Maintaining achievements and streaks, calculating progress metrics

3.2 Service Improvement and Analytics

• Performance Analysis: Identifying usage trends, determining which features are valuable
• App Optimization: Improving app stability, speed, and functionality based on crash reports
• AI Model Refinement: Using anonymized feedback to improve AI scoring algorithms
• A/B Testing: Testing new features and improvements with user subsets
• Quality Assurance: Monitoring interview questions for relevance and accuracy

3.3 Communication

• Service Announcements: Notifying you of important app updates, security alerts, policy changes
• Push Notifications: Sending reminders to practice, celebrating streaks, new features (if enabled)
• Support: Responding to support requests, technical issues, feedback
• Marketing Communications: Sending newsletters about new features, tips, or special offers (if opted in)
• Legal Compliance: Sending required notifications related to privacy, terms of service, legal matters

3.4 Security and Legal Compliance

• Fraud Prevention: Detecting and preventing abusive behavior, account takeover, unauthorized access
• Trial Abuse Prevention: We collect device identifiers to prevent users from creating multiple accounts to abuse the free trial system. This is necessary to protect the integrity of our service and ensure fair access for all users.
• Legal Obligations: Complying with court orders, law enforcement requests, applicable laws
• Rights Protection: Protecting the legal rights, privacy, and safety of the Company, users, or the public
• Dispute Resolution: Investigating and resolving disputes or complaints
• Audit and Compliance: Maintaining records for audits, financial reporting, legal compliance

3.5 Automated Decision-Making and Profiling

Important Disclosure: RINT.io uses automated decision-making to:

• Generate your Cringe Score based on analysis of your response text
• Calculate your Hire Probability Score
• Determine your interview verdict
• Create your performance profile and progress analytics

Your Rights: These automated decisions do not have legal effects or similarly significant effects on you. They are provided for informational and entertainment purposes. You have the right to:

• Request a copy of the logic used in scoring (email: carlos@vibethink.io)
• Request human review of your results
• Request deletion of your data and associated scores

---

4. DATA RETENTION

4.1 Retention Schedules by Data Category

Data Type	Retention Period	Reason
Account Data (name, email, profile)	Duration of account + 90 days after deletion	Service provision; dispute resolution
Audio Recordings	Until user manually deletes or 1 year from last session	Service delivery; user control; GDPR compliance
Transcriptions & Session Data	Duration of account + 90 days after deletion	Analytics; progress tracking; user access rights
Scores and Feedback	Duration of account + 90 days after deletion	Progress tracking; improvement measurement
Usage and Analytics Data	24 months from collection	Performance analysis; trend identification
Payment Data	90 days after transaction completion	Tax/accounting requirements; dispute resolution
Support Communications	2 years from last communication	Support quality; dispute resolution
Log and Security Data	12 months	Security monitoring; breach investigation
Cookies and Tracking IDs	Duration of user session + 13 months	Analytics; user preference maintenance

4.2 Automated Deletion

• We implement automated deletion procedures for data that reaches its retention period
• Users can manually delete session data at any time from the app settings
• Deleted data is securely purged using cryptographic erasure or physical destruction
• Upon account deletion, all associated personal data (except what we are legally required to retain) is deleted within 30 days

4.3 Legal Retention Exceptions

We may retain Personal Data beyond the normal retention period if:

• Required by law or court order (tax records, employment records, etc.)
• Necessary to defend legal claims or disputes
• Required for fraud prevention or security purposes
• The user has not requested deletion

---

5. HOW WE SHARE YOUR INFORMATION

5.1 Service Providers and Third Parties

We work with carefully selected third-party service providers who process Personal Data on our behalf:

Service Provider	Purpose	Data Shared	Data Protection
OpenAI (Whisper & GPT-4o)	Voice transcription, AI feedback generation	Voice audio, transcription, session text	Data Processing Agreement; GDPR compliant; No model training
Apple App Store / Google Play Store	Payment processing, app distribution	Email, subscription status	Separate terms of service; PCI DSS compliant
Firebase / Cloud Infrastructure	App backend, data storage	Anonymized app metrics, error logs	Google Cloud infrastructure; GDPR safeguards
Google Analytics	App usage analytics	Anonymized user behavior, page views	Google's privacy controls; IP anonymization enabled
SendGrid / Twilio	Email and SMS notifications	Email address, phone number	GDPR Data Processing Agreements in place
Stripe / Paddle	Payment processing	Payment information (never stored by us)	PCI DSS Level 1 compliant; Tokenized payments

5.2 Legal and Law Enforcement

We may disclose Personal Data if required to do so by law or in response to:

• Valid legal process (court orders, subpoenas, search warrants)
• Government requests from public authorities
• Law enforcement investigations
• Prevention of fraud or criminal activity

In such cases, we will:

• Provide only the minimum necessary information
• Challenge requests we believe are overly broad or unlawful (where legally permitted)
• Notify users of legal requests where legally permissible (except in exigent circumstances)

5.3 Business Transfers

If RINT.io is involved in a merger, acquisition, bankruptcy, asset sale, or other business transfer:

• Personal Data may be transferred as part of that transaction
• We will provide notice to affected users before such transfer occurs
• The receiving organization will be bound by equivalent data protection obligations

5.4 With Your Explicit Consent

We may share specific Personal Data with third parties when you explicitly consent:

• Sharing session results on social media (user initiates)
• Integration with other career platforms (user authorizes)
• Participation in research studies (user opts in)

5.5 Aggregated and Anonymized Data

We may share aggregated, de-identified data that cannot reasonably identify you:

• Statistical trends
• Anonymous usage analytics
• Feature adoption rates
• Demographic trends (without identifying individuals)

5.6 No Unauthorized Sharing

We do NOT share your data with:

• ✗ Third-party advertisers
• ✗ Data brokers
• ✗ Marketing agencies
• ✗ Employers or recruiters
• ✗ Social media platforms
• ✗ Any third parties without explicit consent (except legally required)

---

6. DATA SECURITY

6.1 Security Measures We Implement

Technical Safeguards:

• Encryption in Transit: All data transmitted between your device and our servers uses HTTPS/TLS encryption
• Encryption at Rest: Sensitive data is encrypted on our servers using AES-256 encryption
• Access Controls: Role-based access controls limit employee access to Personal Data
• Authentication: Secure authentication mechanisms (OAuth with Apple/Google sign-in, password hashing)
• Regular Security Audits: Periodic penetration testing and security assessments
• Secure APIs: All third-party integrations use secure authentication tokens and API keys

Organizational Safeguards:

• Employee Training: Staff handling Personal Data receive privacy and security training
• Confidentiality Agreements: Employees sign confidentiality and data protection agreements
• Limited Access: Only necessary employees have access to Personal Data
• Incident Response Plan: Procedures in place for breach detection and response

6.2 User Responsibilities

You are also responsible for maintaining the security of your account:

• Keep your password confidential and change it regularly
• Do not share your login credentials with others
• Log out of the app when using shared devices
• Report suspicious activity immediately to support

6.3 Data Breach Notification

In the unlikely event of a confirmed data breach affecting your Personal Data:

• We will notify affected users without undue delay (typically within 72 hours)
• Notification will include details of the breach, affected data, and recommended actions
• We will notify relevant supervisory authorities as legally required
• We will cooperate fully with regulatory investigations

---

7. INTERNATIONAL DATA TRANSFERS

RINT.io is accessed worldwide, and your Personal Data may be transferred to, stored in, and processed in countries other than your country of residence.

7.1 Transfer Mechanisms

For users in the EEA, United Kingdom, or Switzerland:

Your Personal Data may be transferred to the United States (where OpenAI and our servers operate) and other countries. We rely on the following legal mechanisms:

• Standard Contractual Clauses (SCCs): EU-approved contractual terms that ensure adequate protection
• Adequacy Decisions: Where applicable
• Explicit Consent: You consent to transfers with knowledge that data may not have equivalent protection in some jurisdictions

7.2 Your Consent to Transfer

By using RINT.io and providing Personal Data, you acknowledge and consent to:

• Transfer of your data to countries outside your jurisdiction
• Processing of your data in the United States and other countries
• Potential access by US government agencies

If you are in the EEA or UK and do not consent to such transfers, you may not be able to use certain features (such as voice transcription or AI feedback).

7.3 Safeguards for International Transfers

We take all steps reasonably necessary to ensure that:

• Your data is treated securely
• Transfers occur only to organizations with adequate safeguards
• Standard Contractual Clauses are in place with all data processors
• You maintain the right to lodge complaints with relevant supervisory authorities

---

8. YOUR PRIVACY RIGHTS

Depending on your location, you have specific rights regarding your Personal Data. We respect and will honor these rights.

8.1 Rights for EEA, UK, and Swiss Residents (GDPR & UK GDPR)

You have the following rights under the General Data Protection Regulation:

8.1.1 Right to Access (Subject Access Request)

• You have the right to request a copy of the Personal Data we hold about you
• We will provide your data in a commonly used, machine-readable format
• Request must be submitted in writing to: carlos@vibethink.io
• Response timeframe: 30 calendar days

8.1.2 Right to Correction (Rectification)

• You can request correction of inaccurate or incomplete Personal Data
• We will correct errors and notify affected third parties where necessary
• Submit corrections through the app settings or contact: carlos@vibethink.io

8.1.3 Right to Deletion (Right to be Forgotten)

• You can request deletion of your Personal Data under certain circumstances
• Grounds for deletion: Data is no longer necessary, consent is withdrawn, you object to processing, data was processed unlawfully, legal obligation to delete exists
• Exceptions to deletion: Data needed for legal obligations, establishing/defending legal claims, public interest
• Submit deletion requests through the app or to: carlos@vibethink.io
• Response timeframe: 30 calendar days

8.1.4 Right to Restrict Processing

• You can request that we limit how we use your data while accuracy is verified
• During restriction, we will store the data but not actively process it
• Request must specify the reason for restriction
• Response timeframe: 30 calendar days

8.1.5 Right to Data Portability

• You have the right to receive your Personal Data in a portable, machine-readable format
• You can request transfer of your data to another organization
• Applies only to data you provided and that is processed based on consent or contract
• Submit requests to: carlos@vibethink.io
• Response timeframe: 30 calendar days

8.1.6 Right to Object to Processing

• You can object to our processing of your Personal Data if based on legitimate interests
• You can object to direct marketing communications
• You can object to automated decision-making
• Response timeframe: 30 calendar days

8.1.7 Right to Human Review of Automated Decisions

• You have the right to request human review of automated decisions
• This includes requests to understand the logic behind your Cringe Score
• Our support team will provide explanation and context
• You can request reconsideration of any automated scoring

8.1.8 Right to Withdraw Consent

• Where processing is based on your consent, you can withdraw consent at any time
• Withdrawal does not affect the lawfulness of processing before withdrawal
• Consent withdrawal is as simple as enabling/disabling a feature
• You can withdraw by contacting: carlos@vibethink.io

8.1.9 Right to Lodge a Complaint

• You have the right to lodge a complaint with a supervisory authority if you believe we have violated your privacy rights
• Relevant Supervisory Authorities:

- EEA: Your national Data Protection Authority

- United Kingdom: Information Commissioner's Office (ICO) - ico.org.uk

- Switzerland: Swiss Federal Data Protection and Information Commissioner (FDPIC)

8.2 Rights for California Residents (CCPA and CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act:

8.2.1 Right to Know

• You have the right to know what categories of Personal Information we collect
• You can request specific details about the Personal Information we hold
• Request must be submitted in writing to: carlos@vibethink.io
• Response timeframe: 45 calendar days (extendable by 45 days if complex)

8.2.2 Right to Delete

• You can request deletion of Personal Information we have collected
• Exceptions: We may retain data if necessary to complete a transaction, detect security incidents, comply with legal obligations
• Response timeframe: 45 calendar days

8.2.3 Right to Correct

• You can request correction of inaccurate Personal Information
• Response timeframe: 45 calendar days

8.2.4 Right to Opt-Out of Sales/Sharing

• You have the right to opt-out of any sale or sharing of your data
• Currently, RINT.io does not sell your Personal Data
• You can make opt-out requests at: carlos@vibethink.io

8.2.5 Right to Limit Use and Disclosure of Sensitive Personal Information

• You can limit our use of sensitive Personal Information (voice data, precise geolocation, financial info)
• We use sensitive data only to provide the Service and improve it
• We do not use it for any other purpose without your consent

8.2.6 Right to Non-Discrimination

• We will not discriminate against you for exercising your privacy rights
• We will not deny you service, charge higher prices, or provide lower quality service

8.3 Rights for Other Jurisdictions

Canada (PIPEDA):

• Right to access, correction, and deletion of personal information
• Right to understand how data is used
• Contact: carlos@vibethink.io

Australia (Privacy Act):

• Right to access personal information
• Right to request correction
• Right to lodge complaints with the Office of the Australian Information Commissioner
• Contact: carlos@vibethink.io

Japan (APPI):

• Right to confirm if your information is processed
• Right to request use discontinuance
• Contact: carlos@vibethink.io

---

9. CHILDREN'S PRIVACY

RINT.io is intended for users age 13 and older. We do not knowingly collect Personal Information from children under 13.

9.1 Age Restrictions

• You must be at least 13 years old to create an account
• Account creation requires date of birth verification
• If we discover we have collected data from a child under 13 without verifiable parental consent, we will delete that data immediately
• Parents/guardians concerned about their child's data should contact: carlos@vibethink.io

9.2 Parental Consent for Users 13-18

For users ages 13-18 in certain jurisdictions (where required):

• We may require parental or guardian consent before collecting Personal Information
• Parental consent is verified through app-based flows
• Parents have the right to review, request deletion of, or prevent further collection of their child's data
• Contact: carlos@vibethink.io

9.3 No Parental Controls Built-In

RINT.io does not include parental controls. Parents/guardians should monitor their child's use and can disable the app on their device if concerned.

---

10. THIRD-PARTY LINKS AND SERVICES

RINT.io may contain links to third-party websites, applications, and services that are not operated by us:

• Social media platforms (for sharing results)
• Career websites or job boards
• Learning resources
• Analytics platforms

We are not responsible for:

• Privacy practices of third-party services
• Content of third-party websites
• Data collection by third parties
• Security of third-party platforms

We strongly advise you to review the privacy policies of any third-party service before providing your information.

---

11. YOUR CHOICES REGARDING INFORMATION

11.1 How to Update or Delete Your Information

Update Information:

1. Open RINT.io and log in to your account
2. Go to Settings > Profile
3. Edit your name, experience level, or job preferences
4. Changes take effect immediately

Delete Information:

1. Go to Settings > Privacy & Data
2. Select "Delete Session Data" to remove specific sessions
3. Select "Delete All Data" to remove all session history
4. Select "Delete Account" to remove your entire account (this action is permanent)

Delete through email:

• Email us at: carlos@vibethink.io
• Subject line: "Data Deletion Request"
• Include your email address and specify what you want deleted

11.2 Marketing Communications

Opt-Out of Emails:

• Every marketing email contains an "Unsubscribe" link
• Click it to stop receiving marketing communications
• We will honor opt-out requests within 10 business days

Opt-Out of Push Notifications:

1. Go to Settings > Notifications
2. Toggle off "Practice Reminders," "Streak Notifications," or "New Features"
3. Or disable notifications at the operating system level

Opt-Out of Analytics:

1. Go to Settings > Privacy & Data
2. Toggle off "Share Usage Analytics"
3. Existing analytics data will not be deleted but will not be collected going forward

---

12. CALIFORNIA PRIVACY RIGHTS - "SHINE THE LIGHT" LAW

Under California Civil Code Section 1798.83, California residents have the right to request information about what Personal Information we share with third parties for their direct marketing purposes.

To request this information:

• Send an email to: carlos@vibethink.io
• Subject line: "California Shine the Light Request"
• Include your name and California resident confirmation
• Response timeframe: 30 calendar days

---

13. CCPA-SPECIFIC RIGHTS AND REQUESTS

13.1 Submitting CCPA Requests

To exercise your CCPA rights (access, deletion, correction, opt-out, limit use):

Method 1: Email

• Send to: carlos@vibethink.io
• Subject line: "CCPA Privacy Request"
• Specify which right you're exercising
• Include your email address and any other identifying information

Method 2: Authorized Agent

• Authorized agents can submit requests on your behalf
• Agents must have written authorization and proof of authority
• We may require the consumer to verify their identity directly

13.2 Identity Verification

To protect your privacy, we require verification of your identity:

• Verify your email address
• Confirm personal information (name, date of birth, experience level)
• Multi-factor authentication if available in your account
• May request additional information for complex requests

13.3 Response Timeframes and Format

• Timeframe: 45 calendar days (extendable by 45 days for complex requests)
• Format: Information provided in commonly used, portable, machine-readable format
• Delivery: Via email or downloadable link from your account
• No Unnecessary Information: We provide only information reasonably connected to your request

13.4 No Retaliation

We will not discriminate against you for exercising your CCPA rights:

• No denial of goods or services
• No difference in service quality or price
• No adverse effect on your account or experience
• Any loyalty program benefits continue unchanged

---

14. GDPR-SPECIFIC RIGHTS AND REQUESTS FOR EEA & UK USERS

14.1 Legal Basis for Processing

We process your Personal Data under the following legal bases under GDPR Article 6:

Processing Activity	Legal Basis	Purpose
Account creation and login	Contract (Article 6(1)(b))	Necessary to provide the Service
App functionality (interview practice)	Contract (Article 6(1)(b))	Necessary to provide core service
Voice recording and transcription	Consent (Article 6(1)(a))	You consent when toggling voice mode
AI scoring and feedback	Contract (Article 6(1)(b)) + Legitimate Interest (Article 6(1)(f))	Core service + algorithm improvement
Analytics and usage tracking	Legitimate Interest (Article 6(1)(f))	Improving app functionality
Fraud prevention and security	Legitimate Interest (Article 6(1)(f))	Protecting platform and users
Compliance with legal obligations	Legal Obligation (Article 6(1)(c))	Tax, employment, legal requirements
Promotional communications	Consent (Article 6(1)(a))	Optional marketing with explicit opt-in

14.2 Processing Special Category Data

Voice recordings may constitute "special category data" (biometric data) under GDPR Article 9. We process voice data under:

• Explicit Consent: You explicitly consent by using voice mode
• Withdrawal Right: You can withdraw consent at any time by disabling voice mode
• Transparency: You can review what voice data we hold about you

14.3 Data Protection Officer and Contact

• Data Controller: RINT.io (carlos@vibethink.io)
• Designated Representative: Available upon request
• Contact: carlos@vibethink.io

14.4 Responding to GDPR Requests

Timeframe: 30 calendar days from receipt (may be extended by 60 days for complex requests)

Verification: We will verify your identity to protect your privacy:

• Confirm email address
• Request confirmation of other identifying details
• May use multi-factor authentication

Response Format:

• Data portability requests: CSV or machine-readable format
• Access requests: Complete copy of your data in structured format
• Delivered via secure email or account download

14.5 Restrictions on Processing

You can request that we restrict processing of your data:

• We will flag your data as restricted
• We will continue to store it but not actively process it
• Exceptions: Processing with your consent, legal claims, public interest, rights of others

14.6 Supervisory Authority Contacts

European Union:

• European Data Protection Board (EDPB): edpb.europa.eu
• National DPA contacts by country: edpb.europa.eu/board_members_en

United Kingdom:

• Information Commissioner's Office (ICO)
• Website: ico.org.uk
• Email: casework@ico.org.uk
• Phone: +44 (0)303 123 1113

Switzerland:

• Swiss Federal Data Protection and Information Commissioner (FDPIC)
• Website: fdpic.admin.ch

---

15. AUTOMATED DECISION-MAKING AND PROFILING TRANSPARENCY

15.1 Automated Decision-Making at RINT.io

RINT.io uses automated decision-making systems to:

System	Input	Output	Purpose	Human Review Available
Cringe Score Generator	Text of your response	Score 0-100	Evaluate corporate jargon and generic language	Yes - contact support
Hire Probability Calculator	Cringe Score	Percentage 0-100%	Estimate interview success	Yes - contact support
Session Verdict Assignment	All answers in session	HIRED/CALLBACK/MAYBE/REJECTED/WRECKED	Overall session assessment	Yes - contact support
Progress Analyzer	Historical session data	Improvement metrics, trends	Track improvement over time	Yes - view historical data
Language Classifier	Your response text	Language detection	Route to correct language model	Automatic, non-consequential

15.2 Important Limitations

These automated decisions:

• Are provided for practice and entertainment purposes only
• Do not have legal effects or contract implications
• Are not predictions of actual interview outcomes
• May not be accurate reflections of your actual interview performance
• Should not be relied upon for career decisions
• May contain biases inherent in AI systems

These automated decisions do NOT:

• Determine your eligibility for jobs or opportunities
• Create employment-related legal consequences
• Replace human judgment or professional advice
• Guarantee interview success or failure
• Override your own assessment of your performance

15.3 Your Rights Regarding Automated Decisions

Under GDPR Article 22, you have:

1. Right to Human Review

• Contact: carlos@vibethink.io
• Request explanation of your score reasoning
• Our team will review and explain the logic
• Response timeframe: 30 days

2. Right to Request Explanation

• What factors influenced your score?
• How much weight did each factor have?
• Are there any known biases in the system?
• What data was used for analysis?

3. Right to Contest Decisions

• Disagree with a score? Contact support with your feedback
• We will review the decision
• We may adjust scoring based on feedback

4. Right to Opt-Out (Where Applicable)

• For non-essential automated processing, you can request to opt-out
• Alternative: Use text-only mode instead of voice mode
• Alternative: Manual review of your performance by support team

---

16. DISCLAIMERS RELATED TO DATA AND AI

16.1 AI Accuracy and Limitations

• No Guarantees: AI-generated scores and feedback are not guaranteed to be accurate
• Improvement Over Time: AI may become more or less accurate as your usage patterns change
• Variability: Identical responses may receive different scores on different occasions
• Bias Awareness: AI systems may contain inherent biases related to language, culture, or communication style
• Not Professional Advice: Scores are not professional career, coaching, or therapeutic advice

16.2 Audio Quality

Voice transcription accuracy depends on:

• Audio quality and background noise
• Accent and speech patterns
• Language variant (British vs. American English, etc.)
• Microphone quality
• Connection quality

Transcription errors may lead to inaccurate scores.

16.3 Data Retention and Deletion

• Deleted data may persist in backups for 90 days before permanent destruction
• Archival data used for analytics may take up to 24 months to fully delete
• Some data may be retained if required by law

16.4 Third-Party Processing

• OpenAI processes your voice and text data
• Google Analytics collects usage information
• See Section 5 for details

---

17. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time as technology evolves, regulations change, or for other business reasons.

17.1 Notification of Changes

When we make changes:

• We will update the "Last updated" date at the top of this policy
• We will post the new policy on this page
• For Material Changes: We will provide prominent notice through:

- In-app notification popup

- Email notification to your registered address

- Push notification (if you have notifications enabled)

Material changes include:

• Changes to how we collect or use your data
• New third parties processing your data
• Changes to your rights or our practices
• Changes to data retention or deletion practices

17.2 Your Acceptance

• Continued use of the Service after changes constitutes acceptance of the new policy
• If you do not agree with changes, you have the right to:

- Delete your account

- Exercise your deletion rights

- Cease using the Service

---

18. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

Primary Contact:

• Email: carlos@vibethink.io
• Website: www.vibethink.io
• Response Time: We respond to privacy inquiries within 10 business days

For Data Requests:

• Access/Portability Requests: Email us with "Data Access Request" in subject line
• Deletion Requests: Email us with "Data Deletion Request" in subject line
• Correction Requests: Email us with "Data Correction Request" in subject line
• GDPR/CCPA/Privacy Rights: Email us with "Privacy Rights Request" in subject line
• Include your email address and specific details of your request

If you are unsatisfied with our response:

• You have the right to lodge a complaint with your local supervisory authority
• See Section 14.6 for relevant authority contacts

---

19. ADDITIONAL LEGAL NOTICES

19.1 Severability

If any provision of this Privacy Policy is found to be invalid, unenforceable, or unlawful, that provision shall be modified to the minimum extent necessary to make it valid or enforceable. If modification is not possible, that provision shall be severed. All other provisions remain in full effect.

19.2 Entire Agreement

This Privacy Policy, together with our Terms of Service, constitutes the entire agreement between you and RINT.io regarding privacy and data protection. This policy supersedes all prior agreements, understandings, and communications related to privacy.

19.3 Governing Law

This Privacy Policy is governed by the laws applicable in your jurisdiction:

• For users in EEA/UK: GDPR and local data protection laws apply
• For California residents: CCPA/CPRA apply in addition to this policy
• For all other users: The privacy principles in this policy apply

19.4 No Waiver

Failure to enforce any right or provision of this Privacy Policy does not constitute a waiver of that right or provision.

---

20. ACKNOWLEDGMENT

BY USING RINT.IO, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO ALL PROVISIONS OF THIS PRIVACY POLICY.

If you do not agree with any part of this Privacy Policy, you should not use RINT.io.

---

© 2025 RINT.io. All Rights Reserved.

Privacy Policy Version: 1.0

Last Updated: December 18, 2025

Effective Date: December 18, 2025

Worldwide Distribution: This policy applies to all jurisdictions