VeriloVerilo|Legal

Privacy Policy

Last updated: February 4, 2026

Introduction

Verilo, LLC ("Verilo," "we," "us," or "our") operates the interview assessment platform available at verilo.co (the "Platform"). This Privacy Policy explains how we collect, use, store, and protect information when you use the Platform or when data is processed through it on your behalf.

Verilo is a business-to-business (B2B) software-as-a-service platform. Our customers are employers and hiring organizations ("Employer Clients" or "you") who upload interview recordings for AI-powered behavioral assessment. In this capacity, Verilo acts as a data processor on behalf of Employer Clients, who remain the data controllers for the personal information of their job candidates.

This policy covers both Platform users (individuals who access the dashboard on behalf of an Employer Client) and the data we process on their behalf, including interview recordings and associated information about job candidates.

Information We Collect

Account Information

When you create an account or are added to an organization on the Platform, we collect information through our authentication provider (Clerk), including:

  • Name and email address
  • Organization name
  • Role within the organization

Interview Recordings

Employer Clients upload audio files of candidate interviews to the Platform for assessment. These recordings may contain personal information about the job candidate, including their voice, name, and statements made during the interview.

Assessment Data

Our AI system generates the following from uploaded interview recordings:

  • Behavioral scores across research-backed constructs
  • Anonymized transcripts
  • Narrative assessment reports

Technical Data

We automatically collect certain technical information when you access the Platform, including IP addresses, browser type and version, device information, and operating system.

Usage Data

We plan to collect information about how you interact with the Platform, such as features used, pages viewed, and actions taken. This data collection is not yet active. We will update this policy when it is enabled.

How We Process Interview Recordings

Interview recordings are the most sensitive data we handle. Below is a detailed explanation of how we process them.

PII Anonymization Pipeline

Before any AI scoring takes place, we run all transcribed content through a personally identifiable information (PII) anonymization pipeline. This process strips names, company names, geographic locations, religious and ethnic references, and age-related mentions from the transcript. We use open-source tools (Presidio and GLiNER) to perform this anonymization. The entire pipeline runs within our own infrastructure -- no transcript data is sent to third-party PII services.

Behavioral Scoring

Our AI models evaluate interview recordings across six research-backed behavioral constructs: confidence, specificity, clarity, engagement, authentic recognition, and authentic alignment. We also assess consistency across responses. These scores reflect how a candidate communicates, not who they are.

No Biometric Identification

We score behavioral communication constructs only. We do not extract voiceprints, facial features, or any other biometric identifiers for the purpose of identifying individuals. Raw audio analysis is used exclusively for behavioral scoring, not speaker identification.

Third-Party AI (OpenAI GPT-4o-mini)

We use OpenAI's GPT-4o-mini model solely for generating narrative summaries from anonymized transcript data. No personally identifiable information is sent to OpenAI. The anonymization pipeline described above runs before any data is passed to this service.

Data Retention

We apply the following retention periods:

Data TypeRetention Period
Original audio filesAutomatically deleted 14 days after upload
Reports and metadataConfigurable by organization (default 60 days, range 7 to 730 days)
Account dataRetained while the account is active; deleted upon request
Anonymized training audioRetained indefinitely (see Anonymized Audio for Model Training)

Employer Clients may manually delete any submission and its associated data at any time through the Platform dashboard.

Anonymized Audio for Model Training

Important

This section describes a standard condition of using the Platform. Enterprise customers with specific data-handling requirements may negotiate custom terms regarding this data use as part of their service agreement.

When an interview recording is uploaded to the Platform, a copy of the audio is made to a fully isolated storage environment (a separate AWS S3 bucket). The following measures ensure this copy cannot be traced back to any specific candidate or organization:

  • All metadata is stripped immediately upon copy. The isolated audio file has no link to any organization, candidate, job post, or submission record.
  • Identifiable speech content (names, locations, and other PII spoken in the audio) is processed and removed during subsequent batch processing.
  • The isolated copy exists in a separate storage environment with no cross-references to operational data.

This anonymized audio is retained indefinitely and is used for the following purposes:

  • Maintaining and improving the accuracy of our behavioral assessment models
  • Reducing bias through diverse and representative training data
  • Developing new assessment constructs grounded in research

Because the audio is fully anonymized and cannot be linked to any individual or organization, it falls outside the scope of most personal data regulations. This data use is a condition of using the Platform and is essential to delivering accurate, fair assessments.

Data Sharing and Sub-Processors

We share data only with sub-processors that are necessary to provide the Platform. We do not sell, rent, or trade personal information to third parties.

Our sub-processors assist with functions such as authentication, cloud infrastructure, file storage, and AI processing. Each sub-processor is bound by contractual obligations to protect data and use it only for the purposes we specify.

For a current list of our sub-processors, please see our Sub-Processors page.

We may also disclose information if required to do so by law, in response to a valid legal process, or to protect the rights, property, or safety of Verilo, our users, or the public.

Your Rights Under CCPA/CPRA

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions.
  • Right to Opt-Out of Sale: We do not sell personal information. There is no need to opt out because no sale occurs.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

For Job Candidates

Verilo processes candidate data as a service provider on behalf of Employer Clients. If you are a job candidate whose interview was assessed through the Platform, you should contact the prospective employer who uploaded your interview to exercise your data rights. The employer, as the data controller, is responsible for responding to your request. They may coordinate with us as needed to fulfill it.

For Employer Clients

Employer Clients can delete individual submissions and their associated data directly through the Platform dashboard. For broader data requests or account-level inquiries, contact us at privacy@verilo.co.

AI Transparency and Automated Decision-Making

Our AI system produces behavioral scores, not pass/fail decisions. The assessments generated by the Platform are intended to serve as one input among many in a human-led hiring process.

  • Human oversight required: Our Terms of Service require Employer Clients to maintain meaningful human oversight of all hiring decisions. Assessment scores must not be used as the sole basis for accepting or rejecting a candidate.
  • Training data: Our models were developed using recordings from over 250 diverse applicants across the United States, supplemented by tens of thousands of hours of audio from open-source transformer datasets.
  • Bias monitoring: We actively monitor our models for bias across demographic groups. We are committed to participating in independent audits as required by applicable law, including New York City Local Law 144 and similar regulations.

Biometric Data Statement (Illinois BIPA)

This section addresses requirements under the Illinois Biometric Information Privacy Act (BIPA).

Verilo does not collect, capture, or otherwise obtain biometric identifiers or biometric information as defined under BIPA. Specifically:

  • We do not extract voiceprints or create distinctive vocal templates for the purpose of identifying individuals.
  • We do not use facial geometry, fingerprints, or any other biometric identifier.
  • Our voice analysis is strictly for behavioral scoring. We analyze how candidates communicate -- including constructs such as confidence, clarity, specificity, and engagement -- not who they are.

Audio recordings are processed to extract behavioral signals, not to create biometric templates that could be used to identify a specific person. Our system cannot identify or verify the identity of any individual based on audio input.

Security

We implement technical and organizational measures to protect the data we process, including:

  • Encryption: All data is encrypted at rest and in transit using TLS 1.2 or higher.
  • Access controls: All file access is mediated through time-limited presigned URLs. There is no direct access to underlying storage.
  • Data isolation: The Platform uses a multi-tenant architecture with strict organization-scoped data isolation. Each organization's data is logically separated and accessible only to authorized members of that organization.
  • PII minimization: Personal information is removed from transcripts before AI processing, reducing the risk associated with data exposure.

While no system can guarantee absolute security, we continuously review and improve our security practices in line with industry standards.

Cookies

We use essential cookies that are necessary for the Platform to function. These include:

  • Authentication cookies (managed by Clerk) to maintain your signed-in session.
  • Theme preference cookies to remember your display settings (e.g., light or dark mode).

We plan to introduce analytics cookies in the future but have not yet done so. We will update this policy and our Cookie Policy before enabling analytics tracking.

Children's Privacy

The Platform is not intended for use with individuals under the age of 18. Our service is designed for the assessment of adult job candidates in professional employment contexts. We do not knowingly collect personal information from minors.

If we become aware that a recording involving a minor has been uploaded to the Platform, we will promptly delete it and notify the Employer Client.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you through the Platform dashboard before the changes take effect.

Your continued use of the Platform after receiving notice of changes constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

Contact

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: privacy@verilo.co
  • Mail: Verilo, LLC, Attn: Privacy, 123 Main Street, Suite 100, San Francisco, CA 94105

For data subject requests related to candidate information, please refer to the Your Rights Under CCPA/CPRA section above.