Privacy Policy

Last Modified: August 04, 2025

Controller: Veton Inc., 548 Market Street San Francisco, CA 94104 US

DPO / Privacy Contact:dpo@veton.ai

We review this notice at least annually and display the ‘Last Modified’ date; for material changes we will notify you and, where required, seek consent before using personal data for new purposes.

At Veton, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect the information you provide to us through the use of our service.

Scope

This policy applies to all production systems that create, receive, store, or transmit Veton Inc. customer data (“Production Systems”), and to all personal data we process in our role as controller or processor.

Information Collection and Use

Where we rely on consent (e.g., marketing emails/SMS), you can withdraw at any time via unsubscribe links, replying STOP to SMS, in-app settings (where available), or by emailing privacy@veton.ai.
We collect information from you when you use our service, such as audio recordings and transcriptions of interviews, as well as any personal information you provide when setting up your account. We may use this information to provide and improve our service, to personalize your experience, and to communicate with you. We may also collect information about your device and usage of our service through the use of cookies, web beacons, and other technologies. We use this information to improve our service and to understand how our service is being used.

We collect:

  • Identity Data: name, email address, username (e.g., via account signup or Google OAuth).
  • Interview Data: audio recordings, transcripts, assessment metadata (via Deepgram, ElevenLabs).
  • Technical & Usage Data: IP address, device/browser type, cookies, session logs (via Cookiebot, Hotjar).
  • Payment Data: billing and subscription information (via Stripe).

How We Use Your Data & Legal Basis

  • Provide and improve our services (AI interviews, Copilot functionality) - Performance of contract (Art. 6(1)(b) GDPR)
  • Account administration and support - Legitimate interests (Art. 6(1)(f) GDPR)
  • Marketing communications (if opted-in) - Consent (Art. 6(1)(a) GDPR)
  • Security monitoring & fraud prevention - Legitimate interests (Art. 6(1)(f) GDPR)
  • Compliance with legal obligations - Legal obligation (Art. 6(1)(c) GDPR)

Categories of Recipients & Third-Party Processors

We share data only with trusted partners who provide services on our behalf:

  • Hosting & Infrastructure: DigitalOcean
  • Database & Backups: DigitalOcean Managed PostgreSQL, Spaces
  • Payment Processing: Stripe
  • Telephony & SMS: Twilio
  • AI Speech & TTS: Deepgram, ElevenLabs, OpenAI, Google Gemini, Mistral AI
  • Interview Video Recording: Recall.ai
  • Email Delivery: SendGrid
  • Analytics & Monitoring: Hotjar, Sentry
  • Domain & DNS: GoDaddy

All processors act under contract and only process data per our instructions.

We will notify customers of any legally binding request by a public authority to disclose personal data unless we are legally prohibited from doing so.

Data Retention

  • Account & Profile Data: until account deletion.
  • Interview Recordings & Transcripts: until account deletion.
  • Access & Audit Logs: 1 year.
  • Cookies & Tracking Data: per our Cookie Policy (managed via Cookiebot; see link below).

Retention periods are aligned with our Data Retention & Disposal Policy.

Upon account deletion or the end of a retention period, we securely delete or anonymize personal data in line with our Data Retention and Disposal Policy.

Cookies & Tracking

We use cookies for essential functionality, analytics, and performance. Our Cookie Policy (managed via Cookiebot) describes cookie categories, purposes, and opt-out mechanisms: Cookiebot

Data Subject Rights

Under GDPR you have the right to:

  1. Access your personal data.
  2. Rectify inaccuracies.
  3. Erase your data (“right to be forgotten”).
  4. Restrict or object to processing.
  5. Portability of your data.
  6. Withdraw consent at any time (where processing is based on consent).

To exercise any right, contact dpo@veton.ai. We will respond within statutory timeframes.

We acknowledge requests within 7 days and respond without undue delay and within one month of receipt (extendable by up to two months for complex or numerous requests, with notice). You may also object to direct marketing at any time, and we will honor that choice.

Automated Decision-Making & Profiling

Our AI generates non-binding interview recommendations (“Interview Recommended”, “Interview Not Recommended,” "Not Fit", “Maybe Fit,” “Good Fit”) as decision support only; no automated decisions producing legal or similarly significant effects are made without human involvement. You may request human review or contest any recommendation at any time by contacting dpo@veton.ai.

Joint controllers (if applicable)

If we jointly determine purposes and means with another party, we will enter into a GDPR Article 26 arrangement allocating responsibilities and will communicate the substance of that arrangement to affected data subjects.

International Transfers

Your data may be processed in the United States (primary region: NYC1) and other jurisdictions. Where transfers occur from the EEA/UK to countries without an adequacy decision, we rely on the European Commission’s Standard Contractual Clauses and UK transfer mechanisms, together with supplementary safeguards (encryption, access controls, and data minimization)

Security
We take reasonable precautions to protect your information from loss, theft, misuse, or unauthorized access, disclosure, alteration, or destruction. However, no data transmission over the internet can be guaranteed to be 100% secure, so we cannot guarantee the security of your information. We apply encryption in transit and at rest, role-based access controls with multi-factor authentication where available, and logging/monitoring to detect and investigate issues.

Handling of Google User Data
Our application integrates with Google services to streamline the login process and enhance user convenience. When you authorize our service to access your Google account, we collect only the essential information needed for login and identification purposes, specifically your username, email address, and user photo.

We adhere to strict privacy practices in the collection, use, storage, and sharing of your Google data, ensuring full compliance with Google's User Data Policy and our own privacy standards. This data is used solely to personalize your experience on our platform and improve our service's operational functionality.

Data retrieved from Google is stored on secure servers and protected with advanced security measures. We do not share this data with third parties without your explicit consent. You have the ability to manage this data through your account settings, including the option to revoke our access at any time.

Information obtained from Google Workspace APIs is never used to develop, improve, or train generalized (non-personalized) AI/ML models. Our use of this data complies with Google’s API Services User Data Policy, including the Limited Use requirements.

Generative AI and Third-Party Data Sharing
To enhance our Service, we share certain data with third-party AI providers, including OpenAI, strictly for processing within the scope of our Service's functionalities. We ensure all shared data is protected under stringent privacy measures agreed upon with our providers.

Users have the right to access, correct, or delete personal data processed by AI technologies used by our Service. Requests for such actions can be made through our user support channels."

Any changes to our terms or privacy policy, including those related to AI data processing or security practices, will be communicated to our users through email notifications and/or updates on our website.

Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or to comply with legal requirements. We will notify you of any changes by posting the updated policy on our website.

Your Acceptance of this Privacy Policy
By using our service, you signify your acceptance of this Privacy Policy. If you do not agree to this policy, please do not use our service. Your continued use of our service following the posting of changes to this policy will be deemed your acceptance of those changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at:
dpo@veton.ai

Veton AI company logo.

Introducing the world's first ever AI that can run screening calls and shortlist thousands of candidates in a blink of an eye

email icon
hello@veton.ai
phone icon
+1 (415) 921-9447
Quick Links
HomePricingBook a DemoCareersContact UsRecruiter LoginSecurityPrivacy PolicyTerms of Service
Social
LinkedInInstagramFacebook

© Copyright 2025 - Veton, Inc. - All rights reserved