Privacy Policy

Last updated: February 2026

1. Introduction

Paritas (operated by Digion Inc., "we," "us," "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website (paritas.ai) and use our services.

2. Information We Collect

Information You Provide Directly

  • Account registration data: name, email address, company name.
  • Contact form submissions: name, email, company, message content.
  • Billing information: processed and stored by Stripe; we do not store credit card numbers.
  • AEDT and audit configuration data you enter into the platform.

Candidate Data (Processed on Behalf of Customers)

Important: Candidate Data Handling

Paritas processes candidate employment data on behalf of our customers to perform bias audits. This data may include demographic information (sex, race/ethnicity), employment outcomes (hired/rejected, scores), and job metadata.

ALL candidate personally identifiable information (names, emails, direct identifiers) is hashed with SHA-256 + organization-specific salt before storage.

Paritas never stores raw candidate PII. Only aggregate statistics appear in published reports—no individual candidate data is ever made public.

Automatically Collected Data

  • Standard web analytics: IP address (anonymized), browser type, pages visited, referring URL, timestamps.
  • Cookies: see our Cookie Policy at paritas.ai/cookies.

3. How We Use Your Information

  • To provide and maintain our audit services.
  • To process your transactions via Stripe.
  • To communicate with you about your account and audits.
  • To generate and host bias audit reports.
  • To improve our services and website.
  • To comply with legal obligations.

We do NOT use candidate data for any purpose other than the specific bias audit it was provided for. We do NOT sell, rent, or share personal data with third parties for marketing purposes.

4. Data Retention

  • Account data: retained for the duration of your account plus 30 days after deletion.
  • Candidate records: configurable retention policy, default 24 months. Deleted upon customer request.
  • Analysis results and published reports: retained permanently (this is a core feature—reports are permanently hosted for compliance purposes).
  • Audit logs: retained for 36 months.

You may request deletion of your account and associated data at any time by emailing privacy@paritas.ai.

5. Data Security

  • ATS API credentials encrypted with AES-256-GCM at rest.
  • Candidate identifiers hashed with SHA-256 + salt.
  • All data transmitted over TLS 1.3.
  • Database hosted on Vercel Postgres with encryption at rest.
  • Access controls enforced per-organization with role-based permissions.

See our Security page (paritas.ai/security) for more detail.

6. Third-Party Services

We use the following third-party services that may process your data:

  • Vercel: hosting and database
  • Stripe: payment processing
  • Resend: transactional email

Each operates under their own privacy policy. We do not use third-party advertising or marketing analytics platforms.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Port your data to another service
  • Object to processing
  • Withdraw consent

To exercise any of these rights, contact privacy@paritas.ai. We will respond within 30 days.

8. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

9. Changes to This Policy

We may update this policy periodically. The "Last updated" date at the top of this page indicates the most recent revision. Continued use of the service after changes constitutes acceptance.

10. Contact

For privacy-related inquiries: privacy@paritas.ai

Digion Inc., New York City metropolitan area, United States.