Privacy Policy

Introduction

This Privacy Notice for WITHLYRA (we, us, or our), describes how and why we might access, collect, store, use, and/or share (process) your personal information when you use our services (Services), including when you visit our website at withlyra.ai or engage with us in other related ways. Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at support@withlyra.ai.

Summary of key points

1. WHAT INFORMATION DO WE COLLECT?

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us. The personal information we collect may include names, email addresses, mailing addresses, job titles, contact or authentication data, billing addresses, and passwords. We do not process sensitive information. All payment data is handled and stored by Stripe. We automatically collect certain information when you visit, use, or navigate the Services, such as your IP address, browser and device characteristics, which does not reveal your specific identity but is needed to maintain security and operation.

2. HOW DO WE PROCESS YOUR INFORMATION?

We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We process your information to facilitate account creation, deliver services, respond to user inquiries, send administrative information, fulfil orders, request feedback, protect our Services, and identify usage trends. To process AI-driven mock interviews and generate feedback, we securely transmit your interview inputs to third-party AI service providers (e.g., OpenAI) strictly for the purpose of generating your personalized mock interview analysis. We explicitly prohibit these providers from using your personal data to train or improve their foundational AI models.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

We only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law. If you are located in the EU or UK, we rely on Consent, Performance of a Contract, Legitimate Interests, Legal Obligations, and Vital Interests under the GDPR. If you are located in Canada, we may process your information with your express or implied consent, or without consent in exceptional cases permitted by law such as fraud detection or compliance with subpoenas.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us. They commit to protect the data they hold on our behalf and to retain it for the period we instruct. Categories include AI Platforms, Cloud Computing Services, Communication Tools, Data Analytics Services, Data Storage Service Providers, Payment Processors, and Website Hosting Service Providers. We may also share or transfer your information in connection with business transfers, mergers, or acquisitions.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. For users in jurisdictions requiring explicit consent, such as the EU, we require your active opt-in via our cookie banner before placing non-essential cookies on your device. We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice: withlyar.ai/cookie-policy.

6. DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?

As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies (AI Products). We provide the AI Products through third-party service providers, including ElevenLabs and OpenAI. Your input, output, and personal information will be shared with and processed by these AI Service Providers. All personal information processed using our AI Products is handled in line with our Privacy Notice and our agreement with third parties, ensuring high security and safeguarding your data.

7. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

Our Services offer you the ability to register and log in using your third-party social media account details. Where you choose to do this, we will receive certain profile information about you from your social media provider, such as your name, email address, and profile picture. We will use the information we receive only for the purposes described in this Privacy Notice. We do not control, and are not responsible for, other uses of your personal information by your third-party social media provider.

8. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

Our servers are located in the United States and Australia. Regardless of your location, your information may be transferred to, stored by, and processed by us and our third-party providers in these facilities. For residents in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we have implemented measures to protect your personal information, including using the European Commission's Standard Contractual Clauses for transfers.

9. HOW LONG DO WE KEEP YOUR INFORMATION?

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice. No purpose in this notice will require us keeping your personal information for longer than the period of time in which users have an account with us. When an account is deleted, your data may remain in our secure backup databases for up to 90 days before being completely and permanently purged. When we have no ongoing legitimate business need, we will either delete, anonymise, or securely isolate your information.

10. HOW DO WE KEEP YOUR INFORMATION SAFE?

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, no electronic transmission over the Internet can be guaranteed to be 100% secure. You should only access the Services within a secure environment. In the event of a security breach or data leak that compromises your personal information, we will notify you and the relevant regulatory authorities in compliance with the Australian Notifiable Data Breaches scheme, GDPR, and other applicable laws.

11. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly collect, solicit data from, or market to children under 18 years of age. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.

12. WHAT ARE YOUR PRIVACY RIGHTS?

In some regions like the EEA, UK, Switzerland, and Canada, you have rights to request access, obtain a copy, rectify, erase, restrict processing, and object to the processing of your personal information. You also have the right to withdraw your consent at any time. If you would at any time like to review or change the information in your account or terminate your account, you can log in to your account settings.

13. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers include a Do-Not-Track (DNT) feature. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals.

14. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

If you are a resident of specific states like California, Colorado, or Virginia, you may have the right to request access, correct inaccuracies, or delete your personal information. We have collected Identifiers, Commercial information, Internet activity, Geolocation data, Audio/Visual information, Professional information, and Inferences in the past twelve months. We have not sold or shared any personal information to third parties for a commercial purpose.

15. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?

Australia and New Zealand: We collect and process your personal information under the obligations of Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020. European Union and United Kingdom: As an Australian company operating globally, we comply with GDPR requirements. If you are located in the EU or UK and have concerns regarding your personal data, you may contact our designated Data Protection Officer at admin@withlyra.ai.

16. AI PROCESSING AND DATA USAGE

To provide our core services, we utilize third-party Artificial Intelligence (AI) providers, such as OpenAI. Your uploaded resumes and audio recordings are processed by these providers solely for the purpose of generating interview feedback and analysis. We do not use your personal data to train our own proprietary models without your explicit opt-in, and we contractually ensure that our AI sub-processors do not use your data to train their generalized models.

17. DO WE MAKE UPDATES TO THIS NOTICE?

Yes, we will update this notice as necessary to stay compliant with relevant laws. The updated version will be indicated by an updated Revised date at the top of this Privacy Notice.

18. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may email us at support@withlyra.ai.

19. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

You have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. To request to review, update, or delete your personal information, please visit: https://withlyra.ai/contact.