Privacy Policy

1. Introduction

Sorcrr, a product of SOSUITE LLC ("Sorcrr", "we", "us", "our") is committed to protecting your privacy and giving you control over your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered hiring platform.

We've built Sorcrr with privacy-by-design principles, incorporating advanced privacy technologies and on-device processing options to ensure your data remains protected.

2. Google OAuth Data Access & Use

2.1 How We Use Google OAuth Data

• Authentication: Create and secure your Sorcrr account
• Profile Creation: Pre-populate your basic information
• Communication: Send account-related notifications to your email

2.2 Google Data We Do NOT Access

• Your Google contacts or address book
• Your Google Drive files or documents
• Your Gmail messages or email content
• Your Google Calendar events
• Your Google search history or activity

2.3 Google Data Sharing

We NEVER sell, trade, or share your Google account data with third parties for their marketing purposes.Your Google data is used solely for providing Sorcrr services as described in this policy.

2.4 Revoking Google Access

You can revoke Sorcrr's access to your Google account at any time:

• Visit Google Account Permissions
• Find "Sorcrr" in the list of connected apps
• Click "Remove Access"

3. Our Privacy Commitment

4. Information We Collect

4.1 Personal Information

• Contact Information: Name, email, phone (encrypted at rest)
• Professional Data: Employment history, skills, certifications
• Video Profiles: 30-second introduction videos (processed locally when possible)
• Interview Data: AI-transcribed conversations with speaker identification
• Verification Documents: Identity verification for recruiters

4.2 AI-Processed Information

• Career Rank Score: Anonymized performance metrics
• Skill Assessments: AI-analyzed competencies (never shared without consent)
• Cultural Fit Analysis: Team compatibility scores (bias-checked)
• Communication Patterns: Response times, engagement metrics

4.3 Technical Information

• Device Information: For optimizing edge AI processing
• Usage Analytics: Privacy-preserving metrics only
• Performance Data: App optimization metrics

5. How We Use AI & Your Data

5.1 On-Device Processing

When available, we use local AI models to process your data directly on your device. This means sensitive information never leaves your device, providing maximum privacy while maintaining functionality.

5.2 Privacy-Preserving Processing

For cloud-based features, we use advanced privacy techniques to minimize data exposure and protect your information during processing.

5.3 AI Credits & Usage

AI features may consume credits based on usage. Edge AI processing is always free. During interviews, candidates don't have access to AI features and are not charged credits. Outside of interviews, users (including candidates) who exceed free credit limits may purchase additional credits for continued AI feature access.

6. Data Sharing & Disclosure

6.1 Selective Sharing (With Your Consent)

• To Employers: Only when you apply or accept invitations
• To Recruiters: Based on your visibility settings
• For Referrals: Limited profile data for bounty referrals
• Team Collaboration: Within hiring teams you're part of

6.2 Service Providers

We work with carefully selected service providers who are contractually bound to protect your data and use it only for the specific services they provide to us:

• Google Cloud Platform: Infrastructure and data storage (encrypted)
• Firebase: Authentication, real-time database, and analytics (Google service)
• Stripe: Payment processing (PCI compliant, no access to full card numbers)
• Customer.io: Transactional email delivery (only email and name shared)
• OneSignal: Push notifications (device tokens only, no personal data)
• Jitsi Meet: Video interviews (end-to-end encrypted, no recording by default)

7. Your Privacy Rights

7.1 GDPR Rights (EU Users)

If you're in the European Union, you have additional rights under GDPR including the right to object to processing, restrict processing, and lodge complaints with supervisory authorities.

7.2 CCPA Rights (California Users)

California residents have the right to know what personal information we collect, request deletion, opt-out of sales (we don't sell data), and non-discrimination for exercising privacy rights.

8. Data Security

8.1 Technical Safeguards

• Encryption: Industry-standard encryption at rest and in transit
• Privacy Architecture: Multi-layered privacy controls
• Access Controls: Strict authentication and authorization
• Regular Audits: Security assessments and monitoring
• Cloud Security: Enterprise-grade infrastructure protection

8.2 Operational Security

• Role-based access control (RBAC)
• Regular security training for staff
• Incident response procedures
• Data breach notification within 72 hours

9. AI Ethics & Bias Prevention

We're committed to fair and ethical AI. Our systems include:

• Bias Detection: Active monitoring for discriminatory patterns
• Fairness Metrics: Regular audits of AI decisions
• Human Review: Option to request human evaluation
• Transparency Reports: Annual publication of AI fairness metrics
• Inclusive Design: Built with diverse teams and perspectives

10. Children's Privacy

Sorcrr is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

11. Data Retention & Deletion

We retain your data only as long as necessary for the purposes described in this policy:

• Active Accounts: Data retained while account is active and you use our services
• Inactive Accounts: After 2 years of inactivity, we send a warning email. After 3 years, account data is automatically deleted
• Deleted Accounts: When you delete your account, data is immediately deactivated and permanently removed within 30 days
• Google OAuth Data: Removed immediately when you revoke access or delete your account
• Application Data: Retained for 1 year after hiring decision for compliance
• Interview Recordings: Automatically deleted after 90 days unless explicitly saved
• Analytics Data: Aggregated and anonymized after 30 days
• Cache Data: Cleared automatically based on usage patterns

11.1 Your Right to Delete

You can request immediate deletion of your data at any time by:

• Going to Settings → Account → Delete Account in the app
• Emailing privacy@sorcrr.com with your deletion request
• Revoking OAuth access through your Google account settings

11.2 Exceptions

We may retain certain data when required by law or for legitimate business purposes:

• Financial records for tax compliance (7 years)
• Legal dispute documentation (until resolution)
• Fraud prevention records (as needed)

12. International Data Transfers

Your data may be processed in the United States. We ensure appropriate safeguards through:

• Standard Contractual Clauses (EU)
• Privacy Shield principles (where applicable)
• Adequate security measures regardless of location

13. Updates to This Policy

We may update this policy to reflect changes in our practices or legal requirements. We'll notify you of material changes via email or in-app notifications at least 30 days before they take effect.

14. Contact Us

15. Privacy Tools & Settings

Manage your privacy settings directly in the app:

• Privacy Dashboard: Settings → Privacy & Security
• AI Controls: Settings → AI Preferences
• Data Export: Settings → Your Data → Export
• Account Deletion: Settings → Account → Delete Account