Privacy Policy

This Privacy Policy explains how CodePanion ("we," "our," or "us") collects, uses, discloses, and protects your personal data when you use our website at hireaidev.com and our AI-native technical assessment platform (collectively, the "Service").

Data Controller: CodePanion is the data controller responsible for your personal data. For any questions regarding this Privacy Policy or our data practices, please contact us at: hello@codepanion.dev

We are committed to protecting your privacy and processing your personal data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

We collect personal data that you voluntarily provide to us and data that is automatically collected when you use our Service.

2.1 Data You Provide Directly

• Beta Program Applications: Contact name, email address, job title, company name, company size, company website, and estimated monthly developer hiring volume
• Account Registration: Email address, password, and profile information
• Assessment Submissions: Code submissions, solutions, and responses to technical challenges
• Communications: Information you provide when contacting us for support or inquiries

2.2 Data Collected Automatically

• Usage Data: Pages visited, features used, time spent on pages, and interaction patterns
• Device Information: Browser type, operating system, device type, and screen resolution
• Log Data: IP address (anonymized where possible), access times, and referring URLs
• Assessment Metrics: AI tool usage patterns, time spent on tasks, and performance data

2.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect usage data. See Section 10 for detailed information about our cookie practices.

Under the GDPR, we process your personal data based on the following legal grounds:

• Contract Performance (Article 6(1)(b)): Processing necessary to provide the Service, manage your account, administer assessments, and issue certifications.
• Legitimate Interests (Article 6(1)(f)): Processing for our legitimate business interests, including improving our Service, analyzing usage patterns, preventing fraud, and ensuring security. We balance these interests against your rights and freedoms.
• Consent (Article 6(1)(a)): Where required, we obtain your consent for specific processing activities, such as marketing communications. You may withdraw consent at any time.
• Legal Obligation (Article 6(1)(c)): Processing necessary to comply with applicable laws and regulations.

We use your personal data for the following purposes:

• Service Provision: To provide, maintain, and improve our technical assessment platform
• Account Management: To create and manage your account, authenticate users, and process beta applications
• Assessment Administration: To administer technical assessments, evaluate submissions, and generate performance reports
• Certification: To issue, verify, and manage OpenBadges 3.0 certifications
• Communications: To respond to inquiries, provide support, and send service-related notifications
• Analytics: To analyze usage patterns, improve user experience, and develop new features
• Security: To detect, prevent, and address fraud, abuse, and security issues
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

We do not sell your personal data. We may share your data with the following categories of recipients:

5.1 Service Providers

• Firebase (Google LLC): Cloud infrastructure, authentication, database, storage, and analytics services. Google is certified under the EU-US Data Privacy Framework.
• Slack (Salesforce): Internal team notifications only. No user data is shared publicly through Slack.

5.2 Business Partners

For company accounts, assessment results and candidate data may be shared with the hiring company that administers the assessment, as necessary to fulfill the purpose of the Service.

5.3 Legal Requirements

We may disclose your data if required by law, court order, or governmental authority, or when necessary to protect our rights, property, or safety, or that of others.

Your personal data may be transferred to and processed in countries outside your country of residence, including the United States, where our service providers operate.

For transfers from the European Economic Area (EEA), United Kingdom, or Switzerland to countries not deemed adequate by the European Commission, we rely on:

• EU-US Data Privacy Framework certification of our service providers
• Standard Contractual Clauses approved by the European Commission
• Other appropriate safeguards as required by applicable law

You may request a copy of the safeguards in place by contacting us at hello@codepanion.dev

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

• Account Data: Retained while your account is active and for 3 years after account closure for legal and business purposes
• Assessment Data: Retained according to agreements with hiring companies, typically 2 years
• Beta Application Data: Retained for the duration of our business relationship
• Badge Data: Retained indefinitely to support verification, unless you request deletion
• Analytics Data: Aggregated and anonymized data may be retained indefinitely

8.1 Rights Under GDPR (EEA, UK, Switzerland)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restriction: Request restriction of processing in certain circumstances
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: File a complaint with your local data protection authority

8.2 Rights Under CCPA (California Residents)

If you are a California resident, you have the following rights under the CCPA:

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (note: we do not sell personal data)
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights

8.3 Exercising Your Rights

To exercise any of these rights, please contact us at hello@codepanion.dev. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS 1.3
• Encryption of data at rest using AES-256
• Strict access controls and authentication requirements
• Regular security assessments and monitoring
• Employee training on data protection

For more information about our security practices, please visit our Security page.

We use the following types of cookies and similar technologies:

10.1 Essential Cookies

Required for the website to function properly. These cookies enable core functionality such as authentication, security, and session management. You cannot opt out of these cookies.

10.2 Analytics Cookies

We use Firebase Analytics to collect anonymous usage data. This helps us understand how visitors interact with our website and improve the user experience. Analytics cookies collect information such as pages visited, time spent on pages, and general location (country level).

10.3 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that blocking certain cookies may affect the functionality of our Service.

10.4 Do Not Track

We do not currently respond to "Do Not Track" browser signals. However, you can manage your preferences through your browser's cookie settings.

Our Service is not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately at hello@codepanion.dev, and we will take steps to delete such information.

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by:

• Posting the updated policy on this page with a new "Last updated" date
• Sending an email notification to registered users for significant changes

Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: hello@codepanion.dev

We aim to respond to all inquiries within 30 days.