Legal
Privacy Policy
Last updated: April 17, 2026
This Privacy Policy describes how GoodFit collects, uses, and shares personal information when you use our website or platform.
1. Information we collect
- Account information: name, work email, organization name
- Candidate information: contact details, resume, interview recordings, assessment responses - collected on behalf of the Customer
- Usage data: pages visited, features used, device and browser information
2. How we use information
- Provide, maintain, and improve the platform
- Generate AI-assisted assessments and scorecards
- Communicate with you about your account
- Detect and prevent abuse
3. AI model training
We do not train AI models on candidate-identifiable data. Aggregate, de-identified usage statistics may be used to improve product performance.
4. Sharing
We share information with:
- Sub-processors listed in the DPA (hosting, email, analytics)
- The Customer that invited you (if you are a Candidate) - they control your assessment data
- Law enforcement when legally required
5. Candidate rights
Candidates can request access, correction, or deletion of their data by contacting the Customer that invited them, or by emailing privacy@goodfit.so.
6. Retention
Account data is retained while the account is active and for 30 days after termination. Candidate data is retained as instructed by the Customer.
7. Security
Data is encrypted at rest and in transit. GoodFit is SOC 2 Type II certified. See the Security page for details.
8. International transfers
Data is primarily stored in India. Where transfers to other jurisdictions occur, they are protected by standard contractual clauses.
9. Contact
Privacy questions can be sent to privacy@goodfit.so.