This Privacy Policy explains how SmartAssess collects, uses, and protects personal data in line with the DPDP Act, 2023 (India) and the EU GDPR.
1. Data Controller
The Data Controller for SmartAssess is Cognity AI LLP, headquartered in Bengaluru, India.
2. Types of Data Collected
- Basic personal information such as name, contact details, and identifiers.
- Interview video recordings, audio responses, and text inputs.
- Device and technical diagnostics including IP address, device type, OS version, and in-app analytics.
3. Purpose and Lawful Basis for Processing
Data collected is used for:
- Providing and enhancing AI-powered interview and assessment services.
- Generating performance reports and personalized feedback.
- Improving AI accuracy through anonymized model fine-tuning and service analytics.
- Ensuring system security, fraud prevention, and regulatory compliance.
Processing is based on:
- Consent (recording, AI processing, and data enrichment).
- Performance of a contract (core service delivery).
- Legitimate interest (product improvement and abuse prevention).
- Legal compliance (when disclosures are mandatory).
4. Consent
By continuing with interview sessions, you provide explicit consent for SmartAssess to capture and process your audio, video, and textual responses. You may withdraw consent at any time through in-app account settings or by contacting our support team.
5. Data Retention
Personal data and recordings are retained only for as long as necessary to achieve the purposes described above or as required by applicable law. When retention is no longer justified, data is securely deleted or irreversibly anonymized.
6. Data Sharing
We never sell or rent personal data. Limited sharing occurs only with:
- Technology and analytics vendors operating under strict confidentiality and data protection obligations.
- Legal or regulatory authorities when disclosure is required by law.
- Internal AI development teams using anonymized datasets for model enhancement.
7. International Data Transfers
If data is transferred or processed outside India or the EU, we rely on standard contractual clauses, encryption, and comparable safeguards aligned with DPDP and GDPR requirements.
8. Data Security
SmartAssess uses encryption, restricted access controls, and hardened infrastructure to protect your information. While we maintain robust safeguards, no system is entirely immune to breaches, and we are not liable for incidents beyond our reasonable control.
9. Your Data Rights
Under GDPR and the DPDP Act you may:
- Access a copy of your personal data.
- Request correction of inaccurate or incomplete information.
- Request deletion ("Right to be Forgotten").
- Withdraw consent for processing.
- Request data portability in a machine-readable format.
- Lodge a complaint with a relevant data protection authority (for EU users).
Submit requests at privacy@smartassess.in.
10. Children's Data
SmartAssess is not intended for individuals under 13. We do not knowingly collect such data and will delete it promptly if discovered.
11. Changes to this Policy
We may update this Privacy Policy periodically. Significant updates will be communicated within the app, and the latest version will always be available on this page.
12. Contact Information
For privacy questions, data access, or deletion requests reach us at:
