← Back to adjiQ

Privacy Policy

Last updated: July 3, 2026

1. Introduction

AdjiQ ("Company", "we", "us") operates adjiQ (the "Software") and the adjiq.com website (the "Website"). This Privacy Policy describes what information we collect, what we do not collect, and how we protect your data. adjiQ is built on a local-first, zero-collection architecture. The vast majority of your data never leaves your device.

2. Information We Collect

We collect only the minimum information required for account authentication and license enforcement. Specifically:

Account Information (stored on our servers)

  • Email address (for account creation, license delivery, and security notifications)
  • Username (for identity verification during password reset)
  • Phone number (for identity verification during password reset only — never used for marketing, SMS, or any other purpose)
  • Password (stored only as a one-way cryptographic hash using PBKDF2 with 100,000 iterations — we never store, see, or have access to your plaintext password)
  • Payment information (processed securely by Stripe — we never store, see, or have access to your card numbers, bank details, or billing address)

Device Binding (stored on our servers)

  • A hardware-derived device fingerprint (cryptographically hashed, non-reversible) used solely for single-device license enforcement

That is the complete list. We do not collect anything else.

3. Information We Do NOT Collect

The following data categories are never collected, transmitted, stored, accessed, or retained by AdjiQ under any circumstances:

  • Audio & voice data — Your microphone audio is processed entirely on your local device. It is never transmitted to our servers. It is never stored beyond active session memory.
  • Transcripts & conversation history — All speech-to-text transcriptions and AI conversation logs remain exclusively on your device in local files. We have no access to them.
  • Training profiles — Your resume text, job descriptions, company notes, personal notes, and target role preferences are stored only in local files on your device. We have no access to them.
  • AI-generated responses — All AI outputs (interview answers, practice feedback, suggestions) are generated in real-time and stored only on your device. We do not retain, log, or have access to any AI-generated content.
  • Practice session results — Scores, evaluations, and practice history are stored only on your device.
  • Screenshots — Any screenshots taken by the Software are processed and stored only on your device. They are never transmitted to our servers.
  • IP addresses — We do not log, store, or track your IP address for any purpose beyond what is technically necessary for a single HTTP request to complete (standard TCP/IP).
  • Geographic location — We do not collect, infer, or store your location.
  • Browsing history & usage analytics — We do not track which features you use, how often, or for how long. We do not use analytics, telemetry, or usage-tracking software of any kind.
  • Cookies & tracking — The Website does not use tracking cookies, advertising pixels, fingerprinting scripts, or any third-party analytics. The Software does not phone home, send telemetry, or transmit usage data.

4. No Data Training

We do not use any user data for AI model training, fine-tuning, or improvement. No audio, transcripts, conversations, profiles, or any other user-generated content is ever used to train, retrain, fine-tune, evaluate, or improve any artificial intelligence model, machine learning algorithm, or data product — whether by AdjiQ or by any third party.

5. Where Your Data Lives

Your data is split into exactly two locations:

  • On our servers (Vercel-hosted, US): Email, username, hashed password, phone number, hashed device fingerprint, license key, subscription status, account creation date. This is the complete list.
  • On your local device only: Everything else — transcripts, conversation history, AI responses, training profiles, resume data, practice sessions, screenshots, audio recordings, notes, and all other content. This data is your responsibility. We cannot access, recover, back up, or restore it. If you delete it, reinstall your operating system, or lose your device, this data is permanently gone.

6. Credential Responsibility

You are solely responsible for remembering and safeguarding your credentials.

  • Your password is cryptographically hashed. We cannot view, recover, or retrieve it.
  • If you forget your password, you must verify your identity using your email, username, and phone number to set a new one. If you cannot provide all three, we cannot help you regain access.
  • Your license key is delivered once. You must store it securely.
  • We are not responsible for any loss of access resulting from forgotten, lost, or compromised credentials.

7. How We Use Your Information

The limited account information we collect is used exclusively for:

  • Authenticating your identity when you sign in
  • Validating and enforcing your license agreement and device binding
  • Processing payments and managing subscriptions (via Stripe)
  • Sending critical security notifications (e.g., password reset confirmations)

We do not sell, rent, lease, trade, share, or otherwise disclose your personal data to any third party for marketing, advertising, profiling, or any other purpose.

8. Data Security

We implement security measures including:

  • Encrypted data transmission (TLS/SSL) for all communications
  • PBKDF2 password hashing with 100,000 iterations and SHA-512
  • Timing-safe comparison functions to prevent timing attacks
  • Account lockout after failed authentication attempts
  • CSRF origin validation on all API endpoints
  • Anti-enumeration protections (generic error responses)
  • Admin security notifications on sensitive account events

However, no system is 100% secure, and we cannot guarantee absolute security. You acknowledge that you provide your account information at your own risk.

9. Data Retention & Deletion

  • Account data is retained for as long as your account is active.
  • Upon account deletion request (via privacy@adjiq.com), all server-side account data is permanently removed within 30 days.
  • Local data on your device is entirely under your control. We cannot delete it remotely, nor can we retain it — because we never had it.
  • We do not retain anonymized or aggregated data because we do not collect usage data to anonymize or aggregate.

10. Third-Party Services

We use the following third-party services, limited strictly to the purposes stated:

  • Stripe — Payment processing only (subject to Stripe's privacy policy). We never receive or store your card numbers.
  • Vercel — Website and API hosting only. No user content is stored beyond the account data described in Section 2.
  • Resend — Transactional email delivery (password reset confirmations, security notifications). No marketing emails.

We do not use Google Analytics, Facebook Pixel, Mixpanel, Amplitude, Segment, Hotjar, or any other analytics, tracking, advertising, or profiling service.

11. Children's Privacy

adjiQ is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal information, we will take immediate steps to delete such information.

12. Your Rights

Regardless of your location, you have the right to:

  • Access the personal data we hold about you (limited to the account data in Section 2)
  • Correct inaccurate information in your account
  • Delete your account and all associated server-side data
  • Receive confirmation that we do not hold any data beyond what is listed in Section 2
  • Opt out of non-essential communications (we send none by default)

13. European Economic Area, UK & Swiss Users (GDPR)

If you are located in the EEA, UK, or Switzerland, you have the following additional rights under the GDPR:

  • Right of Access (Art. 15) — request a copy of the personal data we hold about you
  • Right to Rectification (Art. 16) — correct inaccurate or incomplete personal data
  • Right to Erasure (Art. 17) — request deletion of your personal data
  • Right to Restriction (Art. 18) — restrict the processing of your personal data
  • Right to Data Portability (Art. 20) — receive your personal data in a structured, machine-readable format
  • Right to Object (Art. 21) — object to processing based on legitimate interests
  • Right to Withdraw Consent (Art. 7(3)) — withdraw consent at any time
  • Right to Lodge a Complaint (Art. 77) — lodge a complaint with your local supervisory authority

Legal Basis for Processing (Art. 6(1)):

  • Contract performance (Art. 6(1)(b)) — to authenticate you, manage your license, and process payments
  • Legitimate interest (Art. 6(1)(f)) — to enforce license compliance and prevent fraud
  • Legal obligation (Art. 6(1)(c)) — to comply with applicable tax and accounting laws

To exercise any of these rights, contact us at privacy@adjiq.com. We will respond within 30 days.

14. California Residents (CCPA/CPRA)

If you are a California resident:

  • Right to Know — request disclosure of the personal information we collect (limited to Section 2)
  • Right to Delete — request deletion of your personal information
  • Right to Opt-Out of Sale — we do not sell your personal information. Period.
  • Right to Non-Discrimination — we will not discriminate against you for exercising your privacy rights
  • Right to Correct — request correction of inaccurate personal information

Contact: privacy@adjiq.com.

15. International Data Transfers

AdjiQ is based in the United States. The limited account data described in Section 2 is stored and processed in the United States. By using the Software, you consent to such transfer. We note that because the vast majority of your data (transcripts, conversations, profiles, audio) never leaves your device, no international transfer of that data occurs.

16. Disclaimer of Responsibility for Local Data

BECAUSE ALL USER-GENERATED CONTENT (TRANSCRIPTS, CONVERSATIONS, TRAINING PROFILES, AI RESPONSES, PRACTICE RESULTS, AUDIO, SCREENSHOTS, AND ALL OTHER CONTENT) IS STORED EXCLUSIVELY ON YOUR LOCAL DEVICE AND IS NEVER TRANSMITTED TO OR STORED ON OUR SERVERS, ADJIQ BEARS NO RESPONSIBILITY WHATSOEVER FOR THE LOSS, CORRUPTION, DESTRUCTION, UNAUTHORIZED ACCESS, OR DISCLOSURE OF SUCH DATA, WHETHER CAUSED BY HARDWARE FAILURE, SOFTWARE MALFUNCTION, MALWARE, THEFT, USER ERROR, OR ANY OTHER CAUSE. YOU ARE SOLELY RESPONSIBLE FOR BACKING UP AND PROTECTING YOUR LOCAL DATA.

17. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the Software constitutes acceptance of the updated policy.

18. Contact

For privacy-related inquiries: privacy@adjiq.com. For legal inquiries: legal@adjiq.com.

© 2022–2026 AdjiQ. All rights reserved. adjiQ™ is a trademark of AdjiQ.