Privacy Policy

Effective date: June 25, 2026 · Last updated: June 25, 2026

Privacy at a glance

  • What we do: Tera runs a short voice or text conversation (about 15 minutes) and turns it into a structured profile that helps a company understand a candidate beyond their résumé.
  • What we collect: your account details, the transcript of your conversation, the profile Tera generates from it, and basic usage and device data. We do not store the raw audio of your conversation on our systems.
  • Who processes it: Teracrowd, plus a small set of named providers — most importantly OpenAI (transcription and language processing) and ElevenLabs (voice). These providers do not use your data to train their AI models.
  • A human always decides. Tera produces information and a recommendation. The hiring decision is made by a person at the employer — never by AI alone.
  • Tera personalizes for you. Tera may use insights from your own earlier conversations to make your later conversations and suggestions more relevant. This stays inside your own account — your conversations are never used to shape another person's experience.
  • You stay in control. You can see your data, correct it, download it, and ask us to delete it. A candidate's profile is shared with an employer only with that candidate's explicit consent, given separately for each employer.
  • Where it lives: your data is processed and stored in the United States. If you are in the EU/EEA or UK, we rely on Standard Contractual Clauses for that transfer.
  • Contact: [email protected] for any privacy question or request.

This summary is for convenience only; the full policy below governs.

1. Who we are and what this policy covers

This Privacy Policy explains how teracrowd, Inc. ("Teracrowd," "we," "us," or "our") collects, uses, shares, and protects personal data when you use Tera and the Teracrowd platform, including our website (teracrowd.com), the account workspace (account.teracrowd.app), and the conversation experience (conversation.teracrowd.app).

Data controller: teracrowd, Inc., a Delaware C-Corporation, with its address at 390 NE 191st St, STE 8813, Miami, FL 33179, United States.

This policy applies to two kinds of people:

  • Candidates / speakers — people who have a conversation with Tera (for a job, or in a personal workspace) and whose voice, transcript, and resulting profile we process.
  • Account users / customers — companies, recruiters, and individuals who create an account to use Tera.

Where rules differ between the two, we say so.

A note on roles. For account, billing, and usage data, Teracrowd is the data controller. For candidate screening data, we operate on the principle that the candidate owns their profile, which is shared with an employer only with the candidate's explicit, per-employer consent.

2. The information we collect

2.1 Information you provide directly

  • Account information: name, email address, password, and — for business accounts — company name and role.
  • Payment information: processed securely by Stripe, our third-party payment provider. We do not store full card numbers.
  • Conversation content: the transcript of your conversation with Tera. Your spoken audio is captured and processed in real time by our voice and transcription providers (OpenAI and ElevenLabs) to produce that transcript; Teracrowd does not store the raw audio recording on its own systems (see Sections 5 and 8).
  • Support and communications: anything you send us when you contact support or respond to our messages.

2.2 Information Tera generates about you

  • Profiles and assessments derived from your conversation — for example, your operating style, strengths, and, in the recruitment product, scores such as Outcome Hit Probability, Standard Discipline, and Risk, with supporting evidence quotes.
  • A profile that improves over time. For your own experience, Tera may draw on insights from your earlier conversations to inform and improve later ones, so your profile and Tera's suggestions become more relevant to you with use. This personalization stays within your own account (see Section 4).

These inferences are personal data about you, and the rights in Section 10 apply to them.

2.3 Information collected automatically

  • Usage data: pages and features used, actions taken, and timestamps.
  • Device and connection data: device and browser type, operating system, and IP address (which indicates approximate location).
  • Cookies and similar technologies: see Section 9.

2.4 Profiling and sensitive information

A voice conversation can reveal information you would not put on a résumé. Tera is designed to assess how you think and work, not to identify you biometrically, and we instruct our providers not to use your voice to create a voiceprint for identification or to build advertising profiles.

Because Tera builds a profile and (in recruitment) a score that informs a hiring process, our processing involves profiling. We treat this seriously — see Section 6 on automated decision-making and our human-in-the-loop commitment.

3. How we collect information

We collect information (a) directly from you when you create an account, talk to Tera, make a payment, or contact us; (b) automatically through cookies and similar technologies as you use the platform; and (c) from your employer or the person who invited you, where a company invites a candidate to a conversation (for example, your name and the role you applied for).

Before any voice conversation begins, we present a clear notice and ask for your explicit consent to be recorded and to have your conversation processed as described in this policy. You can decline; if you do, the conversation will not start.

4. How we use your information

We use personal data to:

  • Provide the service — run the conversation, transcribe it, and generate your profile and (for recruitment) scores;
  • Personalize your experience — use insights from your own earlier conversations to make Tera's questions, profile, and suggestions more relevant to you over time. This reuse stays within your own account: your conversations are never used to shape another person's experience, and your personal-workspace data is not transferred to an employer or to the recruitment product without a separate, explicit consent that we would request at that time;
  • Deliver results to the right people — show a candidate's profile to an employer only with the candidate's explicit, per-employer consent;
  • Operate accounts and process payments;
  • Provide support and respond to your requests;
  • Keep the platform secure — detect and prevent fraud, abuse, and security incidents;
  • Improve the platform — understand which features are confusing and prioritise fixes. We do not use the content of your conversations to train third-party AI models, and our providers are excluded — by contract or by configuration — from training on your data (see Section 5);
  • Send communications — service messages always; marketing only with your consent, and you can opt out at any time;
  • Comply with legal obligations.

Legal bases (GDPR / UK GDPR)

Where GDPR or UK GDPR applies, we rely on: consent (for recording and processing your conversation, for sharing your profile with an employer, and for non-essential cookies and marketing); performance of a contract (to provide the service to account users); legitimate interests (to secure the platform, and to personalize and improve your own experience, balanced against your rights); and legal obligation (to comply with the law).

5. Who we share data with (sub-processors and third parties)

We do not sell your personal data, and we do not "share" it for cross-context behavioural advertising as those terms are defined under California law.

We rely on a small set of service providers ("sub-processors") to run the platform. Each receives only the data needed for its function:

ProviderWhat it doesData it processesTrains on your data?Location
OpenAISpeech-to-text, language processing, and voice for the conversationAudio (in transit), transcript, promptsNo — excluded from training by default at our API tier; transcription endpoints retain no contentUnited States
ElevenLabsVoice generation and speechAudio and related text (in transit)No — model-training use is switched off for our workspaceUnited States
StripePayment processingPayment and billing dataNoUnited States
BrevoTransactional and marketing email (e.g. conversation invitations)Name, email address, message contentNoEuropean Union
Cloudflare R2Object storage for website images and company logosImages and logos only (no audio, transcripts, or profiles)NoUnited States
Cloudflare TurnstileBot and security verificationConnection and device signalsNoUnited States
Google AnalyticsWebsite analyticsUsage and device data, IP addressNoUnited States
ContaboHosting and our self-hosted database (transcripts, profiles, account data at rest)Platform data at restNoUnited States

We may also disclose data to legal or governmental authorities where required by law, and to a successor entity in the event of a merger or acquisition (with notice to you).

6. Automated processing and the human decision

Tera uses AI to transcribe your conversation and generate a profile and, in the recruitment product, a recommendation and scores.

A human makes the hiring decision — not the AI. Teracrowd provides information and a recommendation to the employer. The decision to interview, hire, or reject is made by a person at the employer. No hiring outcome is produced by AI alone.

If you are in the EU/EEA or UK, you have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects (GDPR Art. 22). Because a human at the employer makes the final decision, Tera is designed to operate within this right. You may also contact us to obtain meaningful information about the logic involved and to contest an output you believe is wrong.

7. International data transfers

Your data is processed and stored in the United States by us and most of our sub-processors. One provider, Brevo, processes email data in the European Union. We do not currently guarantee storage within your own region or continent.

If you are in the EU/EEA, the UK, or another region with data-transfer rules, transferring your data to the United States is a "cross-border transfer." We rely on the European Commission's Standard Contractual Clauses (and the UK Addendum) as the legal mechanism for these transfers, together with the safeguards our providers offer.

8. How long we keep data (retention)

We keep personal data only as long as we need it for the purposes in this policy, then delete or anonymise it.

DataHow long we keep it
Raw conversation audioNot stored by Teracrowd. Processed only in transit by our voice and transcription providers to create the transcript, and retained only under their terms.
Transcript and generated profileKept while your account is open, up to a maximum of 1 year, then deleted — and deleted earlier on request.
Account dataDeleted within 90 days of account closure (longer only where the law requires).
Provider security/abuse-monitoring logsHeld briefly by our providers under their terms (for example, OpenAI up to 30 days).
Website analyticsRetained under Google Analytics' standard period (about 14 months).

9. Cookies and tracking

We use:

  • Essential cookies — required for the site and login to work (no consent needed).
  • Analytics cookies — Google Analytics, to understand how the site is used.
  • Security — Cloudflare Turnstile, to tell humans from bots.

Where the law requires it (for example, in the EU and UK), we ask for your consent before setting non-essential cookies, and you can change your choice at any time through our cookie controls and your browser settings. You can also opt out of Google Analytics using Google's opt-out add-on.

10. Your rights

Depending on where you live, you have some or all of the following rights:

  • Access — get a copy of your data;
  • Correct — fix inaccurate data;
  • Delete — ask us to erase your data ("right to be forgotten");
  • Port — receive your data in a portable format;
  • Restrict or object — limit or object to certain processing;
  • Withdraw consent — at any time, without affecting prior processing;
  • Opt out of marketing — unsubscribe from promotional messages;
  • Lodge a complaint — with your data protection authority (EU/UK) or attorney general (US).

Candidates specifically: your profile is yours. You can review it, request corrections, withdraw your consent to share it with a given employer, and request deletion.

California residents (CCPA/CPRA): you have the rights to know, delete, correct, and opt out of "sale" or "sharing" (we do neither), and to limit the use of sensitive personal information. We will not discriminate against you for exercising these rights.

How to exercise your rights: contact us at [email protected]. We will respond within 30 days (GDPR) or 45 days (CCPA), and we will verify your identity before acting.

11. How we protect your data

We use industry-standard measures including encryption in transit and at rest, access controls, and monitoring, and we limit who can access conversation data internally. No method of transmission or storage is ever 100% secure, but we work to protect your data and to notify you and the relevant regulators of a breach where the law requires.

12. Children's privacy

Tera is intended for adults. We do not knowingly collect data from anyone under 18. If you believe a minor has provided us data, contact us at [email protected] and we will delete it.

13. Changes to this policy

We may update this policy. If we make a material change, we will notify you (by email or in-app) and update the "Last updated" date. Where the law requires, we will ask for renewed consent.

14. Contact us

teracrowd, Inc.
Privacy contact: [email protected]
Address: 390 NE 191st St, STE 8813, Miami, FL 33179, United States

If you are in the EU/EEA or the UK, you may contact us at [email protected] for any data-protection matter, and you have the right to lodge a complaint with your local supervisory authority.

15. Governing law

This policy and any dispute relating to it are governed by the laws of the State of Delaware, United States, without regard to its conflict-of-laws rules, except where mandatory data-protection laws of your country of residence apply to you.