PEAXIS

Privacy Policy

Last updated: March 1, 2026

1. Introduction

PEAXIS, Inc. ("PEAXIS," "we," "our," or "us") is committed to protecting the personal information of our users, customers, and the candidates whose data is processed through our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you access or use peaxis.com and our SaaS platform ("Services").

By accessing or using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of our Services.

2. Information We Collect

2.1 Information you provide directly

  • Account registration data (name, work email, company name)
  • Profile and team configuration information
  • Payment information (processed by our payment provider — we do not store card data)
  • Communications you send to us via contact forms, email, or support channels
  • Job descriptions and hiring criteria you configure in the platform

2.2 Candidate data (processed on your behalf)

When you use PEAXIS to process job applications, candidate CVs and related data are uploaded by you or submitted by candidates. This data is processed on your behalf as a data controller under GDPR. We are the data processor. Candidate data is never used to train our AI models without explicit written consent.

2.3 Automatically collected data

  • Log data (IP address, browser type, pages visited, time on site)
  • Usage analytics (feature usage, session data)
  • Cookies and similar tracking technologies (see Cookie Policy)

3. How We Use Your Information

  • To provide, maintain, and improve our Services
  • To process payments and manage subscriptions
  • To communicate with you about your account, updates, and support requests
  • To comply with legal obligations
  • To detect and prevent fraudulent or unauthorized activity
  • To analyze aggregate usage patterns for product improvement

We do not sell your personal data or candidate data to third parties.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data under the following legal bases:

  • Contract performance: to fulfill our contractual obligations to you
  • Legitimate interests: for product analytics, security, and fraud prevention
  • Legal obligation: to comply with applicable laws
  • Consent: where we have obtained explicit opt-in consent (e.g., marketing emails)

5. Data Retention

We retain account data for the duration of your subscription plus 30 days. After account deletion or cancellation, you can export all data within 30 days before secure deletion. Candidate data retention periods are configurable on Scale plans. Audit logs are retained for 12 months.

6. Data Sharing & Sub-Processors

We share data only with trusted sub-processors necessary to operate our Services (e.g., cloud infrastructure, payment processors, monitoring tools). All sub-processors are contractually bound to process data only as instructed and to maintain appropriate security measures. A current list of sub-processors is available upon request.

7. International Data Transfers

PEAXIS is headquartered in [Country]. If you are in the EEA, your data may be transferred to and processed in countries outside the EEA. When we transfer data internationally, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection. EU data residency is available as an option for qualifying plans.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data ("right to erasure")
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time (where processing is consent-based)

To exercise your rights, contact us at privacy@peaxis.com.

9. Security

We implement industry-standard security measures including AES-256 encryption at rest, TLS 1.3 in transit, role-based access control, multi-factor authentication, annual penetration testing, and SOC 2 Type II certification. See our Security page for full details.

10. Contact

For privacy inquiries, data subject requests, or to reach our Data Protection Officer:

PEAXIS, Inc.

Email: privacy@peaxis.com

Address: [Company Address] (to be updated before launch)