HR Training AI

Privacy Policy

Last updated: December 2024

Our Privacy-First Commitment

At HR Training AI, we believe privacy is a fundamental right. We've built our platform with privacy-first principles, ensuring your data remains secure, private, and under your control at all times.

🔒 We Do NOT Train on Your Data

Your data is yours, not ours. We want to be absolutely clear about this fundamental principle:

  • No AI Training: We do not use your documents, conversations, or any user-generated content to train our AI models or improve our algorithms
  • No Data Mining: We do not analyze your content for insights, patterns, or any commercial purposes beyond providing you the service
  • No Cross-Customer Learning: Your agents learn only from your data - never from other customers' data
  • Isolated Processing: All AI processing happens in isolated environments specific to your organization
  • Third-Party Protections: Our agreements with AI providers (like OpenAI) explicitly prohibit them from training on your data

This commitment is legally binding and auditable. Your intellectual property and sensitive HR data remain completely confidential.

Information We Collect

Account Information

Email address, name, and role information for account creation and management.

Training Data

Documents and content you upload to train your AI agents, stored securely in your isolated environment.

Usage Analytics

Aggregated, anonymized usage patterns to improve our platform performance.

How We Protect Your Data

  • End-to-end encryption for all data transmission
  • Isolated data environments per organization
  • Regular security audits and penetration testing
  • SOC 2 Type II compliance (in progress)
  • GDPR and CCPA compliance

Data Ownership & Control

You own your data. Period. We provide tools for you to:

  • Export all your data at any time
  • Delete your data permanently
  • Control who has access to your information
  • Audit all data access and usage

Third-Party Services & Data Protection

We use select third-party services to provide our platform. Each service is bound by strict data processing agreements (DPAs) that protect your data:

🔐 Firebase (Google Cloud)

Authentication, database, and secure file storage

  • Enterprise-grade security with SOC 2 Type II compliance
  • Data Processing Agreement (DPA) in place
  • Data residency controls and encryption at rest
  • No training on customer data per Google Cloud AI/ML terms

🤖 OpenAI API

AI language model processing for agent responses

  • Business Associate Agreement (BAA) and DPA executed
  • Zero data retention: OpenAI does not store or train on your data
  • API calls are processed and immediately discarded
  • Enterprise-grade security and compliance certifications

💳 Stripe

Secure payment processing

  • PCI DSS Level 1 certified payment processor
  • We never store or access your payment information
  • All payment data is tokenized and encrypted
  • Direct bank-level security for all transactions

Legal Guarantee: All third-party agreements include explicit clauses prohibiting the use of your data for training, analytics, or any purpose other than providing the specific service to you. These agreements are legally binding and auditable.

Data Deletion Requests

You have the right to request deletion of your personal data at any time. We provide multiple ways to exercise this right:

Self-Service Data Deletion

For immediate data deletion, you can use our self-service options:

  • Delete individual agents and their training data from your dashboard
  • Remove specific documents from your document library
  • Clear chat history and conversation logs
  • Delete your entire account and all associated data

Formal Data Deletion Request

To submit a formal data deletion request, please email us at privacy@hrtraining.ai with the subject line "Data Deletion Request" and include:

  • Your full name and email address associated with your account
  • Specific data you want deleted (or "all data" for complete deletion)
  • Reason for deletion (optional but helpful)
  • Verification of your identity (we may request additional verification)

Data Deletion Timeline & Process

  • Immediate: Self-service deletions are processed instantly
  • Within 30 days: Formal deletion requests are completed
  • Backup Systems: Data in backup systems is purged within 90 days
  • Legal Holds: Some data may be retained if required by law or ongoing legal proceedings

Important: Data deletion is permanent and cannot be undone. Please ensure you have exported any data you wish to retain before requesting deletion.

Contact Us

Questions about our privacy practices? Contact our privacy team:

General Privacy Questions: privacy@hrtraining.ai

Data Deletion Requests: privacy@hrtraining.ai

Data Protection Officer: dpo@hrtraining.ai