Privacy Policy

Candidate Data (examples include, but are not limited to):

• • CV details (name, email, work/education history, contact details)
• • Pre-screening question responses
• • Written and video/audio interview responses
• • AI evaluation reports/assessment test results purchased directly by candidates (Flowmingo is the controller)
• • AI evaluation reports generated for recruiters (Flowmingo is a processor; recruiter is the controller)
• • Other information voluntarily provided by candidates during interviews or assessments (e.g., references, portfolio links, or additional documentation)

Recruiter Data (examples include, but are not limited to):

• • Account details and login credentials
• • Billing and payment information
• • Recruiter AI evaluation activity logs
• • Candidate CVs or information uploaded directly by recruiters
• • Stored interview questions and interview sets created by recruiters

Technical Data (examples include, but are not limited to):

• • Device information, IP addresses, browser/device identifiers, cookies, cache, and diagnostic logs

Optional Data Contribution Program (Consent‑Based)

This is optional and separate from recruitment. Flowmingo may offer candidates an optional "Data Contribution Program" ("DCP"). If a candidate opts in, Flowmingo (as an independent controller for DCP purposes) will create a de‑identified / pseudonymised dataset derived from the candidate's interview responses and may share that dataset with trusted organizations that use data to develop and evaluate AI systems. Opting in is not required to complete an interview or to be considered for a role, and the hiring company is not shown whether a candidate opts in.

Data categories included (DCP)

• • Interview recordings (audio and video, where recorded/collected) and corresponding transcripts (where generated).
• • Limited technical/quality metadata (e.g., duration, language label, quality metrics).
• • Generic question context (e.g., competency tags, paraphrases, or template identifiers) that does not identify the hiring company.

Purposes

• • AI training, AI evaluation, benchmarking, quality assurance, safety testing, and related research and development.
• • Creation of derived artifacts that do not identify individuals (e.g., aggregate statistics, evaluation results, model improvements).

Lawful basis

DCP processing is based on consent. Where required by law (e.g., higher‑risk categories), we rely on explicit consent. Refusal or withdrawal does not affect the candidate's job application.

Sharing, onward transfers, and international transfers

DCP datasets may be shared with trusted organizations globally. We require contractual restrictions designed to prevent attempts to identify individuals, prohibit using the data to make decisions about any individual (e.g., employment/credit/insurance/housing), and restrict onward transfer/resale except with Flowmingo's written authorization. International transfers are handled using appropriate safeguards where required (e.g., contractual clauses and security measures).

Retention, release versioning, and withdrawal

• • Retention: we retain DCP datasets only as long as reasonably necessary for the purposes above, subject to legal obligations and documented retention schedules.
• • Versioning: DCP datasets may be released in versions. Verified withdrawals apply to future releases after withdrawal is processed.
• • Withdrawal: candidates can withdraw consent at any time through the method described in the DCP screens or by contacting us. After verified withdrawal, we stop including the candidate's contribution in future DCP dataset releases. Practical limits: if a dataset version has already been shared and used to develop models or other derived artifacts, it may not be feasible to remove its influence from already‑developed models or artifacts.

De‑identification is risk‑based

"De‑identified / pseudonymised" means we take reasonable steps to remove or reduce direct identifiers (e.g., names, emails, phone numbers, addresses, government IDs) and limit linkability. De‑identification reduces risk but may not eliminate it completely, especially for audio (and video, if enabled). We apply technical and organizational safeguards and exclude certain content from DCP releases (including direct identifiers and categories of sensitive information) unless we obtain explicit consent and can justify inclusion.