Privacy Policy
How we collect, use, and protect personal data — for our customers and the candidates they interview.
This Privacy Policy explains how Interloop Technologies ("Interloop", "we") handles personal data when you use interloop.tech and our services. We act as a controller for our own customer/account data, and as a processor / data fiduciary on behalf of our customers for the candidate data they process through Interloop.
Data we collect
- Account & team data — name, work email, company, role, and authentication details for the people who use the dashboard.
- Candidate data (processed for our customers) — name, contact details, resume/CV, interview audio recordings and transcripts, assessment responses and scores, and proctoring signals (e.g. face-verification and liveness flags).
- Usage data — log data, device/browser info, and analytics needed to operate and improve the service.
- Payment data — handled by our payment processor; we don't store full card details.
Biometric/face verification runs in the candidate's browser; the raw biometric data does not leave their device (see Security).
How we use data
- To provide the service — run interviews and assessments, score them, and present results.
- To secure the platform — fraud/abuse prevention, proctoring, and audit logging.
- To support and communicate with customers.
- To improve the product (in aggregate/de-identified form where feasible).
Legal basis
Depending on the data and your jurisdiction, we rely on: performance of a contract, your consent (or the candidate's, obtained by our customer), legitimate interests (security, product improvement), and compliance with legal obligations. For candidate data, our customers are responsible for the lawful basis, notice, and consent in their hiring process.
Sharing & sub-processors
We don't sell personal data. We share it with vetted infrastructure providers that help us run the service:
| Provider | Purpose |
|---|---|
| Vercel | Application hosting |
| Supabase (Postgres) | Primary database |
| Amazon Web Services (S3) | File & recording storage |
| Google (Gemini, OAuth) | AI voice/scoring; sign-in |
| OpenAI | Transcription / TTS fallback |
| LiveKit | Real-time audio transport |
| Resend | Transactional email |
| Razorpay | Payments |
| Upstash (Redis) | Rate limiting / OTP |
| Sentry | Error monitoring |
We may also disclose data where required by law, or to protect rights and safety.
International transfers & residency
Our infrastructure may process data in regions including Asia-Pacific, the EU, and the US. For customers with data-residency requirements (e.g. the GCC), regional hosting is scoped per customer. Transfers are made with appropriate safeguards.
Retention
We retain personal data for as long as needed to provide the service and meet legal obligations, then delete or anonymise it. Customers control retention of their candidate data and can request export or erasure at any time.
Your rights
Subject to applicable law (including GDPR and India's DPDP Act), you may have rights to access, correct, delete, port, or object to the processing of your personal data. Candidates should contact the hiring company (our customer); we will assist them as processor. To exercise rights regarding data we control, email privacy@interloop.tech.
Cookies
We use essential cookies for authentication and security, and (where enabled) analytics cookies to understand usage. You can control non-essential cookies through your browser.
Changes
We'll update this policy as the service evolves and post the new "last updated" date here. Material changes will be communicated to customers.
Contact
Questions? Email privacy@interloop.tech. See also our Terms of Service and Security page.