Last updated: 11 May 2026
aurate is a trading name of AURATE AI LTD, a company registered in England and Wales (Company No. 17131159), with registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom. Throughout this policy, "aurate", "we" and "us" refer to AURATE AI LTD.
We are the data controller for your personal data.
Contact for data protection queries: hello@aurateai.com
ICO Registration: ZC109790 (currently registered under the founder's sole-trader name; update to AURATE AI LTD registration is pending and tracked separately).
aurate is designed to keep your personal data tight to what's actually needed to run the service. We don't record audio. We don't sell your data. We don't use your sessions to train AI models. What we do keep is described below — and you can delete almost all of it by deleting your account.
/autopsy page and Vibe Card — your Vibe Score, feedback bullets, metric evidence, phase summaries, fatal flaw, silver lining, and next step. This is text generated by our scoring engine that quotes and paraphrases what you said in the session.When we activate sector-level benchmarking — currently disabled and gated by a feature flag (enable_benchmarking_write) — we'll generate a one-way cryptographic hash from your account identifier to track anonymous performance trends across sessions. The hash can't be reversed to identify you. We'll update this policy when this goes live.
| Data | When Collected | Purpose |
|---|---|---|
| Email address | Account creation | Authentication, account management, transactional communications |
| CV text | Session configuration (uploaded, extracted in-browser, or pasted) | Personalising the interview. When you start a session, your CV text and a short summary of it (generated by Gemini) are stored alongside the session record so the AI can stay coherent across reconnects and grade you accurately. Both are tied to your account and deleted when you delete it. A copy is also cached in your browser for convenience — clear it any time from the context page. |
| Session configuration choices | Session setup | Calibrating the AI interviewer (role level, industry, persona) |
| Payment information | Stripe Checkout | Processing payments. We do not store card details — handled entirely by Stripe. |
| Data | How Generated | Retention |
|---|---|---|
| Audio (voice) | Real-time conversation with the AI interviewer | Never stored. Streams directly from your browser to Google via ephemeral token. Never passes through our servers. |
| Session transcript | Transcribed in real time during the session | Retained on our servers during this beta period for autopsy verification, dispute resolution, and product improvement. Tied to your account; deleted when you delete it. Will be re-evaluated before paid launch. |
| AI responses | Generated by the Gemini API during the session | Stored as part of the session transcript (same row as above) — same beta-period retention and account-deletion behaviour. |
| Vibe Score, Vibe Card payload, and feedback bullets | Generated at session end by our autopsy pipeline | Retained in your session telemetry as the autopsy report shown on your Vibe Card and /autopsy page — includes your Vibe Score, metric evidence, phase summaries, fatal flaw, silver lining, next step, and feedback bullets. This is LLM-generated text that quotes and paraphrases what you said. Tied to your account; deleted when you delete it. |
| Module summaries | Generated at phase transitions | Retained as the "strongest response" and "weakest response" the scoring engine extracts from each phase. These quote and paraphrase what you said. Tied to your account; deleted when you delete it. |
| Action plan | Extracted at the end of the session by the module-summary LLM | Stored on your active session record. Tied to your account; deleted when you delete it. |
| Heartbeat telemetry | Sent every 60 seconds during active sessions | Stored as a timestamp update used for crash detection and session recovery. No transcript content. |
(Not active today.) When we activate sector-level benchmarking — currently disabled and gated by a feature flag (enable_benchmarking_write) — we will extract anonymised performance metrics from your results at session end. The data will include your Vibe Score, module-level ratings, session duration, sector tag, persona mode, and response timing patterns. All personally identifiable information will be stripped before storage; your user ID, email, IP address, and session content will never be included. This anonymised data will power our comparative benchmarking engine, and the anonymisation will be irreversible.
Until activation, none of this is happening. We will update this policy in the same PR that flips the flag.
| Data | Purpose | Retention |
|---|---|---|
| IP address | Dispute resolution, fraud prevention, session validation | Retained for 90 days, then automatically deleted. Lawful basis: legitimate interest. |
| Browser/device information | Session compatibility and debugging | Not stored persistently. Used transiently during session establishment. |
| Consent timestamps | Legal compliance — proving you consented to session terms | Retained indefinitely as part of the immutable audit log. |
| Purpose | Lawful Basis (UK GDPR) |
|---|---|
| Providing the interview simulation service | Performance of contract (Article 6(1)(b)) |
| Processing payments via Stripe | Performance of contract (Article 6(1)(b)) |
| Generating your autopsy and performance analysis | Performance of contract (Article 6(1)(b)) |
| Storing consent timestamps for legal compliance | Legal obligation (Article 6(1)(c)) |
| Retaining IP addresses for dispute resolution | Legitimate interest (Article 6(1)(f)) |
| Generating anonymised benchmarking data (not active today; flag-gated) | Legitimate interest (Article 6(1)(f)) — data is fully anonymised when activated |
| Crash detection and session recovery | Legitimate interest (Article 6(1)(f)) |
| Sending transactional emails | Performance of contract (Article 6(1)(b)) |
We do not use your data for marketing purposes unless you explicitly opt in. We do not sell your data to third parties. We do not use your session content (audio, transcripts) for AI model training.
Your voice is processed by Google Gemini during your session for real-time transcription so the AI can respond. We've architected the audio path so that audio never transits our servers — it goes directly from your browser to Google via an ephemeral token. We are seeking formal legal advice on whether voice processing in this architecture creates Article 9 obligations for us, and we'll update this policy with the outcome.
We share personal data only with the following service providers, each acting as a data processor on our behalf:
| Provider | Data Shared | Purpose | Location |
|---|---|---|---|
| Supabase | Email, user profile, session metadata, telemetry, IP | Database, authentication, session state | EU (Frankfurt) |
| Google (Gemini API) | Audio (in-transit), CV context (in system prompt) | AI interview simulation | Google Cloud (EU) |
| Stripe | Email, payment information | Payment processing | EU/UK (contracting entity: Stripe Payments Europe Ltd, Ireland; some processing in the US under the UK Extension to the EU-US Data Privacy Framework) |
| Vercel | Transient request data during function execution | Application hosting, autopsy processing | EU (eu-west) |
| Upstash | IP addresses, user identifiers | Rate limiting and abuse prevention | EU (Ireland, eu-west-1) |
| Resend | Email address | Transactional email delivery | US (UK Extension to the EU-US Data Privacy Framework — "UK-US Data Bridge") |
| Sentry | Error data (anonymised request metadata) | Error tracking and monitoring | EU (de.sentry.io) |
We do not share personal data with any other third parties.
| Data Category | Retention Period | Deletion Trigger |
|---|---|---|
| Audio | Not retained. Never stored. | N/A — streams directly from browser to Google |
| Session transcript and AI responses | Account lifetime (beta-period retention; will be re-evaluated before paid launch) | Account deletion (cascade) |
| Vibe Card payload, module summaries, action plan | Account lifetime | Account deletion (cascade) |
| CV text and CV summary (server-side) | Lifetime of your active session record | Account deletion (cascade) plus active-session cleanup |
| CV text (browser cache) | Until you clear it | "Clear saved CV" button on the context page, browser data clear, or account deletion |
| Account data (email, tier, credits) | Lifetime of account | Account deletion |
| Session telemetry (scores, metadata) | Lifetime of account | Account deletion (cascade) |
| IP address | 90 days | Automatic TTL |
| Consent timestamps | Indefinitely (immutable audit log) | Not deleted — required for legal compliance |
| Anonymised benchmarking data | Indefinite, once active (not active today — enable_benchmarking_write flag is OFF) | Not affected by account deletion when active (contains no PII) |
| Vibe Card shares | Lifetime of account | Account deletion (cascade) |
| Admin audit logs | Indefinitely | Not deleted — required for compliance |
Under UK GDPR, you have the following rights:
Account deletion: Use the "Delete my account" button in your profile settings. Deletion is immediate and irreversible. All identifiable data is permanently removed. When anonymised benchmarking is active (currently disabled and gated by a feature flag), anonymised data (which contains no PII and cannot be linked back to you) will be retained to maintain the integrity of aggregate analytics.
All other rights: Email hello@aurateai.com. We will respond within 30 days.
Complaints: You have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
We implement appropriate technical and organisational measures to protect your personal data, including: encryption in transit (TLS/HTTPS on all connections), database-level Row Level Security policies, API key isolation via ephemeral tokens (keys never exposed to client browsers), and immutable audit logging of all administrative actions.
aurate uses cookies only where strictly necessary. We use Supabase Auth session cookies to keep you signed in — these are first-party, expire when your session ends or when you sign out, and cannot be disabled without breaking sign-in. We do not use advertising cookies, analytics cookies, or cross-site tracking cookies. Most of your client-side state (your CV cache, your tier, your session preferences) is held in your browser's localStorage rather than in cookies, and is cleared by signing out, clearing site data, or deleting your account.
aurate is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If we become aware that a user is under 18, we will delete their account and associated data.
We may update this privacy policy from time to time. We will notify you of material changes by email or by a prominent notice in the application. The latest version will always be available at this page.
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information. This section supplements the rest of our Privacy Policy for California residents.
In the preceding 12 months, we have collected the following categories of personal information as described in Section 3 above: identifiers (email address), commercial information (purchase history via Stripe), internet activity information (session telemetry), and inferences drawn from session performance (Vibe Scores).
aurate does not sell, rent, or trade your personal information to third parties for monetary or other valuable consideration. We have not sold personal information in the preceding 12 months. Because we do not sell personal information, there is no need to opt out — but we honour this commitment unconditionally.
aurate does not share your personal information for cross-context behavioral advertising as defined under the CPRA. We do not use tracking or advertising cookies.
To exercise any of these rights, email hello@aurateai.com. We will verify your identity and respond within 45 days.