This Privacy Policy explains how Quantum Evolution Technologies ("QevolveX," "we," "us," or "our") collects, uses, stores, shares, and protects personal data when you access our Resume AI HR Intelligence Platform, websites, APIs, and related services.
We support business customers globally. This Policy is intended to reflect broadly accepted international privacy standards, including transparency, purpose limitation, data minimization, security, and accountability principles associated with the GDPR, UK GDPR, CCPA/CPRA, and similar laws.
We process two primary categories of data:
- Customer Data: information about recruiters, hiring teams, administrators, and company representatives who use QevolveX.
- Candidate Data: resumes, job applications, assessment-related content, notes, and other applicant data uploaded or entered by our customers.
For Candidate Data, our customers generally act as the data controllers (or equivalent business users under applicable law), and QevolveX generally acts as their data processor/service provider. For Customer Data, QevolveX is generally the controller.
1. Information We Collect
A. Customer Account and Business Information
- Name, work email address, employer name, job title, login credentials, and account role.
- Subscription status, workspace configuration, team and seat information, and support history.
- Communications you send to us, including support tickets, demos, onboarding messages, and commercial correspondence.
B. Candidate and Recruitment Data Uploaded by Customers
- Resumes, CVs, cover letters, structured candidate profiles, contact details, work history, education, skills, and certifications.
- Job descriptions, role requirements, interview notes, internal ratings, collaboration comments, and matching outputs generated within the platform.
- Any additional personal data customers choose to upload, import, or enter into the service.
C. Billing and Transaction Information
We use Dodo Payments as our Merchant of Record and billing provider. Dodo Payments acts as the legal seller for checkout transactions and handles payment processing, invoices, sales tax/VAT/GST calculation and remittance, fraud controls, and certain billing compliance obligations.
QevolveX does not store raw card numbers or equivalent full payment credentials. We may receive limited billing metadata from Dodo Payments such as subscription status, plan, country, invoice references, payment method metadata, customer identifiers, and refund or cancellation status needed for account administration and support.
D. Automatically Collected Technical and Usage Information
- Log and diagnostic data such as IP address, browser type, device information, operating system, timestamps, error logs, and request metadata.
- Usage analytics such as feature interactions, workspace events, page visits, session activity, and service performance telemetry.
- Cookies, local storage, and similar technologies used for authentication, security, preferences, traffic analysis, and service improvement.
2. How We Use Personal Data and Our Legal Bases
We use personal data only where we have a valid legal basis, including performance of a contract, legitimate interests, consent where required, and compliance with legal obligations.
- Provide and operate the service: authenticate users, analyze resumes, generate recommendations, manage job workflows, and deliver platform functionality.
- Account administration: set up workspaces, manage subscriptions, process renewals, handle cancellations, and respond to support requests.
- Security and abuse prevention: detect fraud, investigate suspicious behavior, protect our systems, and enforce our contractual terms.
- Service improvement: debug, monitor, troubleshoot, measure performance, and improve product reliability and usability.
- Legal and regulatory compliance: comply with tax, accounting, sanctions, audit, lawful requests, and other legal obligations.
- Communications: send essential service notices, transactional updates, support responses, and where permitted, product updates or marketing communications.
3. AI Processing and Human Resources Use Cases
Our platform uses automated and AI-assisted processing to parse documents, evaluate job-candidate alignment, identify potential strengths or gaps, and generate insights for recruiting teams.
AI outputs are intended to support human decision-making, not to replace professional judgment or create fully automated hiring decisions without customer review. Customers remain responsible for their own employment, anti-discrimination, and workplace law obligations.
Where we use third-party model providers or AI infrastructure, we do so under commercial terms and technical controls intended to restrict unauthorized use of customer content and support enterprise security expectations.
4. How We Share Personal Data
We share personal data only where necessary to operate the service, comply with law, or protect legitimate interests.
A. Infrastructure and Technical Providers
We use hosting, storage, logging, analytics, communications, and infrastructure providers such as Google Cloud Platform and other carefully selected service providers acting under contractual confidentiality and security obligations.
B. Payment and Billing Providers
Dodo Payments processes checkout transactions as Merchant of Record. As described in Dodo Payments documentation, Dodo handles payment processing, tax calculation and remittance, invoicing, chargeback and fraud workflows, and checkout buyer compliance requirements. We share only the data reasonably necessary to create and maintain your subscription and billing records.
C. AI and Data Processing Providers
Candidate Data, job descriptions, and customer inputs may be processed through enterprise AI or machine-learning providers solely to deliver the requested features. We seek to limit disclosure to the minimum necessary and require contractual or technical restrictions appropriate to the sensitivity of the data involved.
D. Legal, Safety, and Business Transfers
- To comply with law, court orders, lawful government requests, or regulatory obligations.
- To protect rights, property, security, or safety of QevolveX, our users, job candidates, or the public.
- In connection with a merger, acquisition, financing, reorganization, or sale of all or part of our business, subject to appropriate confidentiality safeguards.
5. International Data Transfers
We may transfer and process personal data in countries other than the country where it was collected, including countries where privacy laws may differ from those in your jurisdiction.
When required by law, we implement appropriate safeguards for cross-border transfers, such as contractual protections, Standard Contractual Clauses, supplementary technical and organizational measures, or other lawful transfer mechanisms.
6. Data Retention
We retain personal data only for as long as reasonably necessary to provide the service, fulfill contractual commitments, resolve disputes, enforce agreements, and comply with legal obligations.
- Customer account data is generally retained for the life of the account and a limited period thereafter for security, audit, backup, legal, and support purposes.
- Candidate Datais retained according to the customer's instructions, workspace configuration, deletion actions, and any applicable retention settings or legal obligations.
- Billing and tax records may be retained for longer periods where required by accounting, tax, or financial regulations.
7. Data Security
We maintain administrative, technical, and organizational safeguards designed to protect personal data against accidental, unlawful, or unauthorized access, destruction, loss, alteration, disclosure, or misuse.
- TLS encryption for data in transit.
- Encrypted storage and controlled cloud access patterns.
- Role-based access restrictions and least-privilege access.
- Monitoring, audit logging, and incident response controls.
- Reliance on PCI-compliant payment flows operated by Dodo Payments for card and checkout processing.
No system can be guaranteed 100% secure. You should also protect your credentials, devices, and account access methods.
8. Your Privacy Rights
Depending on your location and the applicable law, you may have rights to access, correct, delete, restrict, object to, or port certain personal data, and to withdraw consent where processing is based on consent.
If you are a job candidate whose data was uploaded by one of our customers, please direct your request to the recruiting company or employer that collected your information. Because QevolveX generally acts as a processor/service provider for Candidate Data, we will usually support our customer in responding to your request rather than act independently.
To exercise rights relating to Customer Data, contact us at support@qevolvex.com. We may need to verify your identity before fulfilling a request.
9. California Privacy Disclosures
If you are a California resident, you may have rights under the CCPA/CPRA, including rights to know, access, correct, delete, and request information about categories of personal data we collect and disclose.
We do not sell personal information in exchange for monetary consideration. We also do not knowingly share personal information for cross-context behavioral advertising in a manner that would require a "Do Not Sell or Share" opt-out for the core operation of the platform.
10. Children's Privacy
Our services are designed for business and professional use and are not directed to children. We do not knowingly collect personal data from children where prohibited by applicable law. If you believe a child has provided personal data to us, please contact us so we can investigate and take appropriate action.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect legal, technical, product, or operational changes. When we make material changes, we will update the effective date and, where appropriate, provide additional notice.
12. Contact Us
If you have questions about this Privacy Policy or our privacy practices, contact us at: