← Back to adjiQ

Privacy Policy

Last updated: July 4, 2026

1. Introduction

AdjiQ ("Company", "we", "us") operates adjiQ (the "Software") and the adjiq.com website (the "Website"). This Privacy Policy describes what information we collect, what we do not collect, and how we protect your data. adjiQ is built local-first where it can be, and cloud-assisted where the AI engine requires it. Microphone audio and the live transcript stay on your device; only the transcribed text of a question — plus your saved training context — is sent to the managed AI engine to generate an answer.

2. Information We Collect

We collect only what the product needs to work. Specifically:

Account Information (stored on our servers)

  • Email address (for account creation, license delivery, and security notifications)
  • Username (for identity verification during password reset)
  • Phone number (for identity verification during password reset only — never used for marketing, SMS, or any other purpose)
  • Password (stored only as a one-way cryptographic hash using PBKDF2 with 100,000 iterations — we never store, see, or have access to your plaintext password)
  • Payment information (processed securely by Stripe — we never store, see, or have access to your card numbers, bank details, or billing address)

Training Profile (stored on our servers, tied to your account)

  • The resume text, job description, company notes, personal notes, and target role you enter in the Dashboard so answers can be personalized across sessions and devices. You can view, edit, and delete this at any time from the Dashboard.

Interview Session Data (transient, in-memory on our servers)

  • The transcribed text of each question you send to the AI engine and the generated answer, forwarded to the managed AI provider only long enough to stream a response back to your device. We do not retain question/answer history on our servers after the stream closes.

Device Binding & Optional API Keys

  • A hardware-derived device fingerprint (cryptographically hashed) used solely for single-device license enforcement.
  • If you choose the Bring-Your-Own-Key option, your API key is stored server-side so the AI engine can be called on your behalf.

3. Information That Stays On Your Device

The following categories are processed locally by the Software and are not transmitted to our servers:

  • Microphone audio — Raw audio is captured and transcribed on your local device. The audio stream itself is never uploaded.
  • Live transcript — The rolling transcript of what is being said in the call stays in memory on your device. Only the text of a specific question you send to the AI is transmitted, and only for the length of that request.
  • Screenshots — Any screenshots taken by the Software are processed and stored only on your device.
  • Practice session results — Scores, evaluations, and practice history are stored only on your device.
  • Geographic location — We do not collect, infer, or store your location.
  • Browsing history & behavioural analytics — We do not track which features you use, how often, or for how long. The Website does not use tracking cookies, advertising pixels, or fingerprinting scripts.

Server logs record standard request metadata (IP address, user agent, timestamp) only long enough to detect abuse and are rotated on a short retention window. They are never used for advertising or profiling.

4. No Data Training

We do not use any user data for AI model training, fine-tuning, or improvement. No audio, transcripts, conversations, profiles, or any other user-generated content is ever used to train, retrain, fine-tune, evaluate, or improve any artificial intelligence model, machine learning algorithm, or data product — whether by AdjiQ or by any third party.

5. Where Your Data Lives

Your data is split across two locations:

  • On our servers (Vercel-hosted, US): account data (email, username, hashed password, phone number), device binding (hashed fingerprint), license key, subscription status, account creation date, your saved training profile (resume, job description, notes, target role), and — if you provided one — your Bring-Your-Own-Key API key.
  • On your local device only: microphone audio, the live transcript, screenshots, practice results, and any downloaded response history. This local data is your responsibility. We cannot access, recover, back up, or restore it. If you delete it, reinstall your operating system, or lose your device, it is gone.
  • Transient in-flight: the text of each question you send to the AI plus the generated answer pass through our servers and the managed AI provider to stream a response back to your device. We do not retain the question or answer on our servers after the stream closes; the managed AI provider handles it under their own terms (linked in Section 10).

6. Credential Responsibility

You are solely responsible for remembering and safeguarding your credentials.

  • Your password is cryptographically hashed. We cannot view, recover, or retrieve it.
  • If you forget your password, you must verify your identity using your email, username, and phone number to set a new one. If you cannot provide all three, we cannot help you regain access.
  • Your license key is delivered once. You must store it securely.
  • We are not responsible for any loss of access resulting from forgotten, lost, or compromised credentials.

7. How We Use Your Information

The limited account information we collect is used exclusively for:

  • Authenticating your identity when you sign in
  • Validating and enforcing your license agreement and device binding
  • Processing payments and managing subscriptions (via Stripe)
  • Sending critical security notifications (e.g., password reset confirmations)

We do not sell, rent, lease, trade, share, or otherwise disclose your personal data to any third party for marketing, advertising, profiling, or any other purpose.

8. Data Security

We implement security measures including:

  • Encrypted data transmission (TLS/SSL) for all communications
  • PBKDF2 password hashing with 100,000 iterations and SHA-512
  • Timing-safe comparison functions to prevent timing attacks
  • Account lockout after failed authentication attempts
  • CSRF origin validation on all API endpoints
  • Anti-enumeration protections (generic error responses)
  • Admin security notifications on sensitive account events

However, no system is 100% secure, and we cannot guarantee absolute security. You acknowledge that you provide your account information at your own risk.

9. Data Retention & Deletion

  • Account data is retained for as long as your account is active.
  • Upon account deletion request (via privacy@adjiq.com), all server-side account data is permanently removed within 30 days.
  • Local data on your device is entirely under your control. We cannot delete it remotely, nor can we retain it — because we never had it.
  • We do not retain anonymized or aggregated data because we do not collect usage data to anonymize or aggregate.

10. Third-Party Services

We use the following third-party services, limited strictly to the purposes stated:

  • Stripe — Payment processing only (subject to Stripe's privacy policy). We never receive or store your card numbers.
  • Vercel — Website and API hosting.
  • Resend — Transactional email delivery (password reset confirmations, security notifications). No marketing emails.
  • Managed AI engine provider — The transcribed text of your interview questions and your training profile are forwarded, at the moment of each request, to the AI provider that powers the answer. The provider processes the request under a zero-retention agreement and returns the streamed answer. You can review the current provider's policy on request at privacy@adjiq.com.

We do not use Google Analytics, Facebook Pixel, Mixpanel, Amplitude, Segment, Hotjar, or any other analytics, tracking, advertising, or profiling service.

11. Children's Privacy

adjiQ is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal information, we will take immediate steps to delete such information.

12. Your Rights

Regardless of your location, you have the right to:

  • Access the personal data we hold about you (limited to the account data in Section 2)
  • Correct inaccurate information in your account
  • Delete your account and all associated server-side data
  • Receive confirmation that we do not hold any data beyond what is listed in Section 2
  • Opt out of non-essential communications (we send none by default)

13. European Economic Area, UK & Swiss Users (GDPR)

If you are located in the EEA, UK, or Switzerland, you have the following additional rights under the GDPR:

  • Right of Access (Art. 15) — request a copy of the personal data we hold about you
  • Right to Rectification (Art. 16) — correct inaccurate or incomplete personal data
  • Right to Erasure (Art. 17) — request deletion of your personal data
  • Right to Restriction (Art. 18) — restrict the processing of your personal data
  • Right to Data Portability (Art. 20) — receive your personal data in a structured, machine-readable format
  • Right to Object (Art. 21) — object to processing based on legitimate interests
  • Right to Withdraw Consent (Art. 7(3)) — withdraw consent at any time
  • Right to Lodge a Complaint (Art. 77) — lodge a complaint with your local supervisory authority

Legal Basis for Processing (Art. 6(1)):

  • Contract performance (Art. 6(1)(b)) — to authenticate you, manage your license, and process payments
  • Legitimate interest (Art. 6(1)(f)) — to enforce license compliance and prevent fraud
  • Legal obligation (Art. 6(1)(c)) — to comply with applicable tax and accounting laws

To exercise any of these rights, contact us at privacy@adjiq.com. We will respond within 30 days.

14. California Residents (CCPA/CPRA)

If you are a California resident:

  • Right to Know — request disclosure of the personal information we collect (limited to Section 2)
  • Right to Delete — request deletion of your personal information
  • Right to Opt-Out of Sale — we do not sell your personal information. Period.
  • Right to Non-Discrimination — we will not discriminate against you for exercising your privacy rights
  • Right to Correct — request correction of inaccurate personal information

Contact: privacy@adjiq.com.

15. International Data Transfers

AdjiQ is based in the United States. Account data, training profile, and in-flight question/answer traffic (Sections 2 and 5) are processed on US-hosted infrastructure. By using the Software, you consent to such transfer. Audio and the live transcript stay on your device and are not transferred internationally.

16. Disclaimer of Responsibility for Local Data

ANY USER-GENERATED CONTENT STORED EXCLUSIVELY ON YOUR LOCAL DEVICE (INCLUDING AUDIO, LIVE TRANSCRIPT, PRACTICE RESULTS, AND SCREENSHOTS) IS OUTSIDE OUR CONTROL. ADJIQ BEARS NO RESPONSIBILITY FOR THE LOSS, CORRUPTION, DESTRUCTION, UNAUTHORIZED ACCESS, OR DISCLOSURE OF THAT LOCAL DATA, WHETHER CAUSED BY HARDWARE FAILURE, SOFTWARE MALFUNCTION, MALWARE, THEFT, USER ERROR, OR ANY OTHER CAUSE. YOU ARE SOLELY RESPONSIBLE FOR BACKING UP AND PROTECTING YOUR LOCAL DATA.

17. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the Software constitutes acceptance of the updated policy.

18. Contact

For privacy-related inquiries: privacy@adjiq.com. For legal inquiries: legal@adjiq.com.

© 2022–2026 AdjiQ. All rights reserved. adjiQ™ is a trademark of AdjiQ.