Privacy Policy
Last updated: 13 April 2026
This Privacy Policy explains how Parod ("we", "us", "our") collects, uses, and protects your personal data when you use parod.io. We are committed to handling your data responsibly and in compliance with UK GDPR.
Data controller: Parod
Contact: hello@parod.io
1. What data we collect
Account data
- Email address (required to create an account)
- Display name and professional details (current role, target role, focus areas) you provide during onboarding
Usage data
- Your written responses to practice questions
- AI-generated feedback and scores associated with your sessions
- Session history and progress metrics
Technical data
- IP address and browser/device information collected automatically
- Error logs if something goes wrong in the application
Payment data
- If you subscribe to Pro, payment is handled by Stripe. We store only your Stripe customer ID - we never see or store your full card details.
2. How we use your data
| Purpose | Legal basis |
|---|---|
| Providing the coaching service | Contract |
| Sending practice questions by email | Contract |
| Processing AI evaluation of your responses | Contract |
| Billing and subscription management | Contract |
| Improving the service (aggregated, anonymised analytics) | Legitimate interest |
| Detecting abuse and fraud | Legitimate interest |
| Complying with legal obligations | Legal obligation |
3. AI processing
Your written responses are sent to Anthropic (our AI provider) for evaluation. Anthropic processes this data under their API terms of service and does not use API inputs to train their models. We do not share personally identifying information alongside your responses.
4. Data sharing
We share data only with the following third parties, all operating under appropriate data agreements:
- Anthropic - AI evaluation of responses
- Supabase - Database hosting (EU region)
- Stripe - Payment processing
- Resend - Transactional email
- PostHog - Product analytics (anonymised)
- Cloudflare - Infrastructure and CDN
We do not sell your data. We do not share your data with advertisers.
5. Data retention
- Account data: Retained while your account is active and for 30 days after deletion
- Session history and responses: Deleted within 30 days of account deletion
- Payment records: Retained for 7 years to meet legal obligations
- Error logs: Deleted after 90 days
6. Your rights
Under UK GDPR, you have the right to:
- Access the personal data we hold about you
- Rectification of inaccurate data
- Erasure ("right to be forgotten") - request account deletion from your settings page
- Portability - request a copy of your data in a structured format
- Objection to processing based on legitimate interest
- Withdraw consent where processing is based on consent
To exercise any of these rights, email hello@parod.io. We will respond within 30 days.
You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.
7. Security
We use industry-standard security measures including encrypted connections (HTTPS), row-level security on our database, and access controls. No system is completely secure - if you have concerns, contact us at hello@parod.io.
8. Cookies
We use cookies to maintain your session (required for the service to work). We use PostHog for analytics, which sets additional cookies only if you consent via our cookie banner.
9. Changes to this policy
We may update this policy periodically. We will notify you of material changes by email. The date at the top of this page reflects when it was last updated.
Contact
For privacy questions or to exercise your rights: hello@parod.io