Legal
Privacy Policy
Last updated: March 26, 2026
ProTechStack ("we", "us", or "our") operates the ProTechStack website and applications (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service.
By using the Service, you consent to the data practices described in this policy. If you do not agree, please do not use the Service.
1. Information We Collect
1.1 Information You Provide
- Account Information — Name, email address, password, and profile details (job title, location, tech skills) when you create an account.
- Payment Information — Billing details processed securely through our payment providers (Stripe, PayPal). We do not store your full credit card number or payment credentials on our servers.
- Interview Session Data — Code submissions, answers, and responses you provide during AI interview practice sessions.
- Profile Information — Optional information such as your resume, GitHub profile, LinkedIn profile, and other professional details.
- Communications — Messages you send to us through support channels or feedback forms.
1.2 Information Collected Automatically
- Usage Data — Pages visited, features used, session duration, clicks, and interactions with the Service.
- Device Information — Browser type, operating system, device type, screen resolution, and language preferences.
- IP Address — Used for security, fraud prevention, and approximate geolocation (country/region level).
- Cookies and Similar Technologies — See Section 5 for details.
1.3 Information from Third Parties
- OAuth Providers — If you sign in with Google, we receive your name, email address, and profile picture from Google. We do not receive your Google password.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service.
- Personalize your experience, including generating tailored AI interview questions and evaluations.
- Process subscriptions and payments.
- Send transactional communications (account confirmations, session summaries, billing receipts).
- Send marketing communications (product updates, new features, blog posts) — you can opt out at any time.
- Analyze usage patterns to improve our platform and develop new features.
- Detect, prevent, and address fraud, abuse, and security issues.
- Comply with legal obligations.
3. How We Share Your Information
We do not sell your personal information. We may share information in the following circumstances:
- Service Providers — We share data with third-party providers who help us operate the Service (see Section 4). These providers are contractually obligated to use your data only for the purposes we specify.
- Legal Requirements — We may disclose information if required by law, regulation, legal process, or governmental request.
- Business Transfers — In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change.
- With Your Consent — We may share information for any purpose you explicitly consent to.
We do not share your interview session data (code submissions, answers, evaluations) with employers or any third party.
4. Third-Party Services
We use the following third-party services that may collect or process your data:
| Service | Purpose | Data Processed |
|---|---|---|
| Google Analytics | Website analytics and usage tracking | Page views, sessions, device info, approximate location |
| Microsoft Clarity | Session recordings and heatmaps for UX improvement | Clicks, scrolls, page interactions, device info (personal data is masked) |
| Stripe | Payment processing | Payment method, billing address, transaction details |
| PayPal | Payment processing | Payment method, billing address, transaction details |
| Amazon Web Services (AWS) | Cloud infrastructure, email delivery (SES), file storage (S3) | All data stored on the platform is hosted on AWS infrastructure |
| Google OAuth | Authentication (Sign in with Google) | Name, email, profile picture |
| Sentry | Error monitoring and performance tracking | Error logs, stack traces, device/browser info |
Each third-party service has its own privacy policy governing its use of your data. We encourage you to review their policies.
5. Cookies and Tracking Technologies
5.1 What We Use
- Essential Cookies — Required for authentication, session management, and security. These cannot be disabled.
- Analytics Cookies — Used by Google Analytics to track website usage and performance. These help us understand how users interact with the Service.
- Functionality Cookies — Used to remember your preferences (such as theme selection and language).
5.2 Microsoft Clarity
We use Microsoft Clarity to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay. Website usage data is captured using first- and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. We do not use this information to identify individual users. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
5.3 Managing Cookies
You can control cookies through your browser settings. Disabling certain cookies may limit your ability to use some features of the Service. Most browsers allow you to:
- View what cookies are set and delete them individually.
- Block third-party cookies.
- Block cookies from specific sites.
- Block all cookies.
6. Data Retention
- Account Data — Retained for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
- Interview Session Data — Retained for as long as your account is active to provide session history and progress tracking. Deleted upon account deletion.
- Payment Records — Retained as required by applicable tax and financial regulations (typically 7 years).
- Analytics Data — Aggregated and anonymized analytics data may be retained indefinitely.
7. Data Security
We implement industry-standard security measures to protect your data, including:
- Encryption in transit (TLS/HTTPS) and at rest.
- Secure password hashing.
- Regular security audits and monitoring.
- Access controls limiting employee access to personal data.
- Infrastructure hosted on AWS with enterprise-grade security controls.
While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
8. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
8.1 General Rights
- Access — Request a copy of the personal data we hold about you.
- Correction — Request correction of inaccurate or incomplete data.
- Deletion — Request deletion of your personal data, subject to legal retention requirements.
- Portability — Request your data in a structured, commonly used, machine-readable format.
- Opt-Out — Unsubscribe from marketing communications at any time using the link in our emails or through your account settings.
8.2 European Economic Area (EEA) and UK Residents
If you are in the EEA or UK, you have additional rights under the General Data Protection Regulation (GDPR), including:
- The right to restrict processing of your personal data.
- The right to object to processing based on legitimate interests.
- The right to lodge a complaint with your local data protection authority.
Our legal basis for processing personal data includes: performance of a contract (providing the Service), legitimate interests (improving the Service, fraud prevention), consent (marketing communications), and compliance with legal obligations.
8.3 California Residents (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used.
- Request deletion of your personal information.
- Opt out of the sale of personal information — we do not sell personal information.
- Non-discrimination for exercising your privacy rights.
9. International Data Transfers
Your data may be processed and stored in countries outside your country of residence, including the United States, where our servers and service providers are located. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where required.
10. Children's Privacy
The Service is not intended for users under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected data from a child under 16, we will take steps to delete it promptly. If you believe a child has provided us with personal data, please contact us.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.
12. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:
- Email: [email protected]