Privacy Policy

1. Introduction & Scope

This Privacy Policy describes how Vocra Ai (“we,” “us,” “our”) collects, uses, discloses, stores, and protects personal data of Users (recruiters / HR teams) and Candidates (job applicants) when using our website, Platform, or Services.

2. Legal Compliance & Data Protection Laws

We strive to comply with applicable data protection laws, including:

  • India’s Digital Personal Data Protection Act, 2023 (DPDP / DPDPA) (once brought into force)
  • Existing Indian IT Act / SPDI / reasonable security practices rules
  • Where applicable, GDPR (for EU / international users)

3. Definitions

  • Personal Data / Digital Personal Data: Any information relating to an individual who is identified or identifiable (name, email, resume, etc.).
  • Data Principal: The individual to whom the personal data relates.
  • Processing: Any operation on personal data (collection, storage, use, disclosure, erasure).
  • Data Fiduciary: The party which determines the purposes and means of processing (us).
  • Data Processor: A party which processes data on behalf of the Fiduciary.

4. Data We Collect

We may collect the following categories of data:

  • User / HR Data
  • Candidate / Applicant Data
  • Usage / Log Data
  • Integration / API Data
  • Cookies & Tracking Data

5. Purposes of Processing & Legal Basis

We process personal data for the following purposes:

  • To provide and maintain our Platform and Services
  • To enable resume parsing, AI matching, scoring, recommendations
  • To manage billing, payments, credit usage
  • To provide customer support, respond to requests, feedback
  • To generate analytics, usage metrics, benchmarking
  • To detect, prevent fraud, misuse, abuse
  • To comply with legal obligations or regulatory requests
  • For marketing or promotional communications (with consent where required)

6. Disclosure & Sharing with Third Parties

We may share personal data with:

  • Service providers / vendors (hosting, cloud, analytics, email, AI model providers)
  • Authorized integrations / third-party tools (job boards, calendar / email clients)
  • Affiliates, successors (in case of merger or acquisition)
  • Regulators / authorities, if required by law or court order
  • Aggregated / anonymized data (for analytics, benchmarking)

7. Cross-Border Data Transfers

We may process or host data outside India (e.g. AWS, GCP, AI service providers abroad). Where data is transferred internationally, we will:

  • Employ appropriate safeguards (contractual clauses, encryption)
  • Ensure recipient jurisdictions provide adequate protection
  • Obtain explicit consent if required under applicable law

8. Retention

  • We retain personal data for as long as necessary to provide the Services, fulfill contractual obligations, or satisfy legal requirements.
  • After account termination or cancellation, we will retain User Data for 90 days (Retention Period) then delete or anonymize it, unless law demands otherwise.
  • Some data (e.g. logs, backups) may be retained longer in anonymized or aggregate form for analytics or compliance.

9. Data Subject Rights

You (or candidates) have the following rights under applicable laws:

  • Access: Request a copy of your personal data
  • Rectification / Correction: Ask to correct inaccurate or incomplete data
  • Erasure / Deletion: Ask to delete your data (subject to legal requirements)
  • Restriction / Objection: Restrict or object to certain processing
  • Data Portability: Receive your data in structured, machine-readable format (where applicable)
  • Withdraw Consent: If consent is the basis, revoke consent going forward
  • Lodge Grievance / Complaint: File a complaint with us or relevant authority

10. Cookies & Tracking

We and third parties use cookies / similar technologies to:

  • Facilitate essential site / platform features (login, session)
  • Gather analytics, usage statistics
  • Enable marketing and personalization (with consent)

11. Security

We implement technical and organizational safeguards, including:

  • Role-based access and least privilege principles
  • Firewalls, intrusion detection, monitoring
  • Encryption (in transit with TLS, at rest)
  • Regular security assessments, audits, testing

12. Data Breach Notification

If a breach affecting confidentiality, integrity, or availability of personal data occurs, we will:

  • Notify affected individuals (Data Principals) as required
  • Notify applicable regulators / authority (e.g. Data Protection Board)
  • Undertake mitigation and remedial steps

13. Children / Minors

We do not knowingly collect personal data from individuals under 18. If we learn that we inadvertently collected such data, we will take prompt remedial actions.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will post changes on our website and notify you (by email or within Platform). Continued use after changes implies acceptance.

15. Contact / Grievance / DPO

For questions, requests, complaints, or to exercise your rights:

  • Name: Karthik Nath
  • Phone: +91 7011242138
  • Email: support@vocra.ai
  • Vocra Ai Ground Floor, Dhanvarsha Complex, Mon Maqbara, Haridgar Road Najibabad, Dist. Bijnor-246763 Uttar Pradesh, India Email: support@vocra.ai

Last Updated: 15 October 2025

Effective Date: 15 October 2025