Privacy Policy
Effective date: June 25, 2026 · Last updated: June 25, 2026
Privacy at a glance
- What we do: Tera runs a short voice or text conversation (about 15 minutes) and turns it into a structured profile that helps a company understand a candidate beyond their résumé.
- What we collect: your account details, the transcript of your conversation, the profile Tera generates from it, and basic usage and device data. We do not store the raw audio of your conversation on our systems.
- Who processes it: Teracrowd, plus a small set of named providers — most importantly OpenAI (transcription and language processing) and ElevenLabs (voice). These providers do not use your data to train their AI models.
- A human always decides. Tera produces information and a recommendation. The hiring decision is made by a person at the employer — never by AI alone.
- Tera personalizes for you. Tera may use insights from your own earlier conversations to make your later conversations and suggestions more relevant. This stays inside your own account — your conversations are never used to shape another person's experience.
- You stay in control. You can see your data, correct it, download it, and ask us to delete it. A candidate's profile is shared with an employer only with that candidate's explicit consent, given separately for each employer.
- Where it lives: your data is processed and stored in the United States. If you are in the EU/EEA or UK, we rely on Standard Contractual Clauses for that transfer.
- Contact: [email protected] for any privacy question or request.
This summary is for convenience only; the full policy below governs.
1. Who we are and what this policy covers
This Privacy Policy explains how teracrowd, Inc. ("Teracrowd," "we," "us," or "our") collects, uses, shares, and protects personal data when you use Tera and the Teracrowd platform, including our website (teracrowd.com), the account workspace (account.teracrowd.app), and the conversation experience (conversation.teracrowd.app).
Data controller: teracrowd, Inc., a Delaware C-Corporation, with its address at 390 NE 191st St, STE 8813, Miami, FL 33179, United States.
This policy applies to two kinds of people:
- Candidates / speakers — people who have a conversation with Tera (for a job, or in a personal workspace) and whose voice, transcript, and resulting profile we process.
- Account users / customers — companies, recruiters, and individuals who create an account to use Tera.
Where rules differ between the two, we say so.
A note on roles. For account, billing, and usage data, Teracrowd is the data controller. For candidate screening data, we operate on the principle that the candidate owns their profile, which is shared with an employer only with the candidate's explicit, per-employer consent.
2. The information we collect
2.1 Information you provide directly
- Account information: name, email address, password, and — for business accounts — company name and role.
- Payment information: processed securely by Stripe, our third-party payment provider. We do not store full card numbers.
- Conversation content: the transcript of your conversation with Tera. Your spoken audio is captured and processed in real time by our voice and transcription providers (OpenAI and ElevenLabs) to produce that transcript; Teracrowd does not store the raw audio recording on its own systems (see Sections 5 and 8).
- Support and communications: anything you send us when you contact support or respond to our messages.
2.2 Information Tera generates about you
- Profiles and assessments derived from your conversation — for example, your operating style, strengths, and, in the recruitment product, scores such as Outcome Hit Probability, Standard Discipline, and Risk, with supporting evidence quotes.
- A profile that improves over time. For your own experience, Tera may draw on insights from your earlier conversations to inform and improve later ones, so your profile and Tera's suggestions become more relevant to you with use. This personalization stays within your own account (see Section 4).
These inferences are personal data about you, and the rights in Section 10 apply to them.
2.3 Information collected automatically
- Usage data: pages and features used, actions taken, and timestamps.
- Device and connection data: device and browser type, operating system, and IP address (which indicates approximate location).
- Cookies and similar technologies: see Section 9.
2.4 Profiling and sensitive information
A voice conversation can reveal information you would not put on a résumé. Tera is designed to assess how you think and work, not to identify you biometrically, and we instruct our providers not to use your voice to create a voiceprint for identification or to build advertising profiles.
Because Tera builds a profile and (in recruitment) a score that informs a hiring process, our processing involves profiling. We treat this seriously — see Section 6 on automated decision-making and our human-in-the-loop commitment.
3. How we collect information
We collect information (a) directly from you when you create an account, talk to Tera, make a payment, or contact us; (b) automatically through cookies and similar technologies as you use the platform; and (c) from your employer or the person who invited you, where a company invites a candidate to a conversation (for example, your name and the role you applied for).
Before any voice conversation begins, we present a clear notice and ask for your explicit consent to be recorded and to have your conversation processed as described in this policy. You can decline; if you do, the conversation will not start.
4. How we use your information
We use personal data to:
- Provide the service — run the conversation, transcribe it, and generate your profile and (for recruitment) scores;
- Personalize your experience — use insights from your own earlier conversations to make Tera's questions, profile, and suggestions more relevant to you over time. This reuse stays within your own account: your conversations are never used to shape another person's experience, and your personal-workspace data is not transferred to an employer or to the recruitment product without a separate, explicit consent that we would request at that time;
- Deliver results to the right people — show a candidate's profile to an employer only with the candidate's explicit, per-employer consent;
- Operate accounts and process payments;
- Provide support and respond to your requests;
- Keep the platform secure — detect and prevent fraud, abuse, and security incidents;
- Improve the platform — understand which features are confusing and prioritise fixes. We do not use the content of your conversations to train third-party AI models, and our providers are excluded — by contract or by configuration — from training on your data (see Section 5);
- Send communications — service messages always; marketing only with your consent, and you can opt out at any time;
- Comply with legal obligations.
Legal bases (GDPR / UK GDPR)
Where GDPR or UK GDPR applies, we rely on: consent (for recording and processing your conversation, for sharing your profile with an employer, and for non-essential cookies and marketing); performance of a contract (to provide the service to account users); legitimate interests (to secure the platform, and to personalize and improve your own experience, balanced against your rights); and legal obligation (to comply with the law).
5. Who we share data with (sub-processors and third parties)
We do not sell your personal data, and we do not "share" it for cross-context behavioural advertising as those terms are defined under California law.
We rely on a small set of service providers ("sub-processors") to run the platform. Each receives only the data needed for its function:
| Provider | What it does | Data it processes | Trains on your data? | Location |
|---|---|---|---|---|
| OpenAI | Speech-to-text, language processing, and voice for the conversation | Audio (in transit), transcript, prompts | No — excluded from training by default at our API tier; transcription endpoints retain no content | United States |
| ElevenLabs | Voice generation and speech | Audio and related text (in transit) | No — model-training use is switched off for our workspace | United States |
| Stripe | Payment processing | Payment and billing data | No | United States |
| Brevo | Transactional and marketing email (e.g. conversation invitations) | Name, email address, message content | No | European Union |
| Cloudflare R2 | Object storage for website images and company logos | Images and logos only (no audio, transcripts, or profiles) | No | United States |
| Cloudflare Turnstile | Bot and security verification | Connection and device signals | No | United States |
| Google Analytics | Website analytics | Usage and device data, IP address | No | United States |
| Contabo | Hosting and our self-hosted database (transcripts, profiles, account data at rest) | Platform data at rest | No | United States |
We may also disclose data to legal or governmental authorities where required by law, and to a successor entity in the event of a merger or acquisition (with notice to you).
6. Automated processing and the human decision
Tera uses AI to transcribe your conversation and generate a profile and, in the recruitment product, a recommendation and scores.
A human makes the hiring decision — not the AI. Teracrowd provides information and a recommendation to the employer. The decision to interview, hire, or reject is made by a person at the employer. No hiring outcome is produced by AI alone.
If you are in the EU/EEA or UK, you have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects (GDPR Art. 22). Because a human at the employer makes the final decision, Tera is designed to operate within this right. You may also contact us to obtain meaningful information about the logic involved and to contest an output you believe is wrong.
7. International data transfers
Your data is processed and stored in the United States by us and most of our sub-processors. One provider, Brevo, processes email data in the European Union. We do not currently guarantee storage within your own region or continent.
If you are in the EU/EEA, the UK, or another region with data-transfer rules, transferring your data to the United States is a "cross-border transfer." We rely on the European Commission's Standard Contractual Clauses (and the UK Addendum) as the legal mechanism for these transfers, together with the safeguards our providers offer.
8. How long we keep data (retention)
We keep personal data only as long as we need it for the purposes in this policy, then delete or anonymise it.
| Data | How long we keep it |
|---|---|
| Raw conversation audio | Not stored by Teracrowd. Processed only in transit by our voice and transcription providers to create the transcript, and retained only under their terms. |
| Transcript and generated profile | Kept while your account is open, up to a maximum of 1 year, then deleted — and deleted earlier on request. |
| Account data | Deleted within 90 days of account closure (longer only where the law requires). |
| Provider security/abuse-monitoring logs | Held briefly by our providers under their terms (for example, OpenAI up to 30 days). |
| Website analytics | Retained under Google Analytics' standard period (about 14 months). |
9. Cookies and tracking
We use:
- Essential cookies — required for the site and login to work (no consent needed).
- Analytics cookies — Google Analytics, to understand how the site is used.
- Security — Cloudflare Turnstile, to tell humans from bots.
Where the law requires it (for example, in the EU and UK), we ask for your consent before setting non-essential cookies, and you can change your choice at any time through our cookie controls and your browser settings. You can also opt out of Google Analytics using Google's opt-out add-on.
10. Your rights
Depending on where you live, you have some or all of the following rights:
- Access — get a copy of your data;
- Correct — fix inaccurate data;
- Delete — ask us to erase your data ("right to be forgotten");
- Port — receive your data in a portable format;
- Restrict or object — limit or object to certain processing;
- Withdraw consent — at any time, without affecting prior processing;
- Opt out of marketing — unsubscribe from promotional messages;
- Lodge a complaint — with your data protection authority (EU/UK) or attorney general (US).
Candidates specifically: your profile is yours. You can review it, request corrections, withdraw your consent to share it with a given employer, and request deletion.
California residents (CCPA/CPRA): you have the rights to know, delete, correct, and opt out of "sale" or "sharing" (we do neither), and to limit the use of sensitive personal information. We will not discriminate against you for exercising these rights.
How to exercise your rights: contact us at [email protected]. We will respond within 30 days (GDPR) or 45 days (CCPA), and we will verify your identity before acting.
11. How we protect your data
We use industry-standard measures including encryption in transit and at rest, access controls, and monitoring, and we limit who can access conversation data internally. No method of transmission or storage is ever 100% secure, but we work to protect your data and to notify you and the relevant regulators of a breach where the law requires.
12. Children's privacy
Tera is intended for adults. We do not knowingly collect data from anyone under 18. If you believe a minor has provided us data, contact us at [email protected] and we will delete it.
13. Changes to this policy
We may update this policy. If we make a material change, we will notify you (by email or in-app) and update the "Last updated" date. Where the law requires, we will ask for renewed consent.
14. Contact us
teracrowd, Inc.
Privacy contact: [email protected]
Address: 390 NE 191st St, STE 8813, Miami, FL 33179, United States
If you are in the EU/EEA or the UK, you may contact us at [email protected] for any data-protection matter, and you have the right to lodge a complaint with your local supervisory authority.
15. Governing law
This policy and any dispute relating to it are governed by the laws of the State of Delaware, United States, without regard to its conflict-of-laws rules, except where mandatory data-protection laws of your country of residence apply to you.