Privacy Policy

Parium AI Ltd

Last updated: 23 March 2026

1. INTRODUCTION

This Privacy Policy explains how Parium AI Ltd (“we”, “us”, or “our”) collects, uses, and protects your personal information when you use our platform (the “Platform”) to complete technical infrastructure assessments as part of a recruitment process.

The Platform provides live terminal environments in which candidates diagnose and resolve simulated production incidents. This involves the collection of terminal session data, command histories, behavioural signals, and AI-generated analysis, each of which is described in detail below.

Important: The Platform is currently in beta testing phase. This means the Platform is still being developed and tested, and features may change. We are committed to protecting your privacy during this beta period.

Please read this Privacy Policy carefully. If you do not agree with this Privacy Policy, you should not use the Platform.

2. WHO WE ARE

We are Parium AI Ltd, a company incorporated in England and Wales. Our registered office address will be confirmed upon incorporation.

If you have any questions about this Privacy Policy or how we handle your personal information, please contact us at:

General enquiries: info@parium.ai

Data Protection Officer: Fraser Tait — fraser@parium.ai

Security matters: security@parium.ai

3. OUR ROLE IN RELATION TO YOUR DATA

When an employer uses the Platform to assess candidates, the employer is the data controller — they determine why and how your personal data is processed for recruitment purposes. We act as a data processor on behalf of the employer, processing your data in accordance with their instructions and our contractual obligations.

We are an independent data controller in respect of:

• Platform improvement, analytics, and research using anonymised or aggregated data;
• Maintaining the security of the Platform;
• Complying with our own legal obligations; and
• Data collected through our website (e.g. the contact form and newsletter sign-up).

We enter into a Data Processing Agreement with each employer that uses the Platform, which governs how we process candidate data on their behalf.

The employer is responsible for their own hiring decisions. You should review the employer’s privacy notice for information about how they use your assessment data in their recruitment process.

4. INFORMATION WE COLLECT

When you use the Platform, we collect the following categories of personal information:

4.1 Identification Information

• Your name
• Your email address
• A candidate reference or identifier provided by the employer

4.2 Terminal Session Data

The core of our Platform involves you connecting to a live Linux terminal environment to diagnose and resolve a simulated incident. During this session, we collect:

• A complete recording of your terminal session (including all input and output displayed on screen)
• A full log of every command you execute, with timestamps
• Keystroke data within the terminal environment
• Time-to-resolution (the time from your first command to successful incident resolution)
• Whether you accessed any hints provided within the assessment, and when
• Whether the incident was successfully resolved (pass/fail outcome), determined automatically by a health check against defined success criteria

4.3 Behavioural Monitoring Data

Please read this section carefully. To maintain the integrity of assessments, we monitor certain candidate behaviours during the session:

• Paste detection: We detect and record when you paste content into the terminal, including the content that was pasted and the timestamp.
• Tab-switch detection: We detect and record when you navigate away from the assessment window (e.g. switching to another browser tab or application). We record the timestamp but not what you switched to.
• AI Integrity Check: We analyse patterns such as whether a candidate refreshed the page and then solved the incident suspiciously quickly afterward. This is used to flag potential use of AI assistance tools.
• Timing analysis: We analyse the timing and sequence of your commands to identify patterns that may suggest external assistance.

This monitoring data is used solely to assess the authenticity of your work and is shared with the employer as part of the assessment report. We do not use webcams, screen recording, or any biometric data.

4.4 Technical Data

• Your IP address
• Information about your device (e.g. operating system, browser type and version)
• Session identifiers and access logs

4.5 AI-Generated Analysis

After you complete an assessment, your terminal session data is processed by an AI system (currently provided by OpenAI) which generates:

• An analysis of your troubleshooting methodology and approach
• Recommendations and observations about areas of strength and improvement
• A summary of your session for the employer’s hiring panel

This AI-generated analysis is included in the report provided to the employer. The AI does not make the pass/fail determination — that is determined automatically by whether the incident was successfully resolved.

4.6 Authentication Data

We use Auth0 (third-party authentication service) to manage candidate and employer login. Auth0 processes your email address and authentication credentials. This data is held in the United Kingdom.

4.7 Website Data

When you visit our website at parium.ai, we collect:

• Information you provide through our contact or callback request form (name, email address, company name)
• Google Analytics data (see Section 12 below)

4.8 Communications

• Any messages you send to us
• Feedback you provide about your experience

5. HOW WE USE YOUR INFORMATION

We use your personal information for the following purposes:

• To provide the assessment service: To enable you to access and complete assessments; to generate pass/fail outcomes and performance data; to generate AI analysis of your session; and to provide the complete assessment report to the employer who invited you.
• To maintain assessment integrity: To detect potential use of AI assistance tools, copied solutions, or other forms of external help through the behavioural monitoring described in Section 4.3.
• To improve the Platform (beta testing): To identify and fix bugs; to test new features; to analyse how candidates interact with the terminal environments; and to improve scenario quality and scoring accuracy.
• To provide support: To respond to your questions or technical issues during or after an assessment.
• To ensure security: To protect the Platform against security threats and to investigate suspicious activity.
• For analytics and research: To create anonymised, aggregated statistics about Platform usage; to improve assessment methodologies; and to develop new scenarios and features.
• To comply with legal obligations: To comply with applicable laws and regulations and to respond to lawful requests from authorities.

6. LEGAL BASIS FOR PROCESSING

Where we act as a data processor on behalf of the employer, the employer is responsible for establishing a lawful basis for processing your data. We process that data in accordance with the employer’s instructions and our Data Processing Agreement.

Where we act as a data controller in our own right, we rely on the following legal bases:

• Legitimate interests: We have a legitimate interest in improving and developing the Platform during the beta phase; maintaining assessment integrity through behavioural monitoring; ensuring the security of the Platform; and conducting research and analytics using anonymised data — provided that such processing does not override your rights and interests.
• Legal obligation: We may need to process your information to comply with legal or regulatory requirements.
• Consent: Where required by law (e.g. for non-essential cookies), we will obtain your consent before processing.

7. WHO WE SHARE YOUR INFORMATION WITH

7.1 The Employer

We share the following with the employer who invited you to complete the assessment:

• Your pass/fail outcome and time-to-resolution
• Full terminal session replay
• Command history with timestamps
• Behavioural monitoring data (paste events, tab switches, AI Integrity Check flags)
• AI-generated analysis and recommendations
• Number of hints accessed

The employer is a separate data controller and is responsible for how they use this information in their hiring decisions.

7.2 Sub-Processors

We use the following third-party service providers who may process your personal data on our behalf:

• Hetzner Online GmbH (Germany) — hosting of terminal session environments
• Amazon Web Services EMEA SARL (EU — Europe West region) — application and database hosting
• OpenAI, LLC (United States) — AI-powered session analysis and recommendations
• Twilio Inc. (SendGrid) (United States) — transactional email delivery
• Auth0 / Okta, Inc. (United Kingdom) — authentication and identity management
• Google LLC (United States) — website analytics (Google Analytics)

These service providers process your information only to the extent necessary to perform their services and are bound by contractual obligations to protect your information. We maintain an up-to-date list of sub-processors which is available on request.

7.3 Legal Authorities

We may disclose your information to law enforcement, regulatory authorities, or courts if required by law or to protect our legal rights.

7.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you before your information becomes subject to a different privacy policy.

We do not sell your personal information to third parties.

8. INTERNATIONAL DATA TRANSFERS

Parium is a global service used by employers and candidates worldwide. Your personal data may be transferred to and processed in countries outside the United Kingdom and the European Economic Area. In particular:

• Terminal environments are hosted in Germany (Hetzner), within the EEA.
• Application and database hosting is in the EU (AWS Europe West region).
• AI session analysis is performed by OpenAI, whose servers are located in the United States.
• Email delivery is provided by SendGrid (Twilio), whose servers are located in the United States.
• Authentication services are provided by Auth0, with data held in the United Kingdom.
• Employer access: Assessment reports are made available to employers who may be located anywhere in the world.

Where we transfer your information to countries that have not been recognised as providing an adequate level of data protection, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office or the European Commission, as applicable;
• The UK International Data Transfer Agreement or UK Addendum to the EU SCCs, where required; and
• Any supplementary measures necessary to ensure an essentially equivalent level of protection.

9. HOW LONG WE KEEP YOUR INFORMATION

We retain your personal information for as long as necessary to fulfil the purposes described in this Privacy Policy, unless a longer retention period is required by law.

• Session data (terminal recordings, command logs, keystroke data, behavioural monitoring data, paste content): retained for 12 months from the date the assessment is completed, after which it is securely deleted.
• Assessment reports (including AI-generated analysis, pass/fail outcome, performance metrics, and integrity flags): retained for 2 years from the date the assessment is completed.
• Technical and security logs: retained for 12 months for security and troubleshooting purposes.
• Anonymised and aggregated data: We may retain anonymised, aggregated data indefinitely for research, analytics, and scenario improvement purposes. This data cannot be used to identify you.
• Website enquiry data (contact form submissions): retained for 12 months unless a commercial relationship is established.

If you have questions about our retention periods, please contact us.

10. YOUR RIGHTS

Under applicable data protection laws (including the UK GDPR and, where applicable, the EU GDPR), you have the following rights:

• Right of access: You may request a copy of the personal information we hold about you.
• Right to rectification: You may request that we correct any inaccurate or incomplete information.
• Right to erasure: You may request that we delete your personal information in certain circumstances, such as where it is no longer necessary for the purposes for which it was collected.
• Right to restriction: You may request that we restrict processing of your information in certain circumstances.
• Right to data portability: You may request that we transfer your information to another organisation in a commonly used, machine-readable format.
• Right to object: You may object to processing based on legitimate interests. If you do, we will stop processing unless we can demonstrate compelling legitimate grounds.
• Rights related to automated decision-making: The pass/fail outcome of your assessment is determined automatically based on whether you successfully resolved the incident. The AI-generated analysis provides qualitative observations but does not determine the pass/fail result. The employer retains full responsibility for all hiring decisions. You have the right to request human review of any automated assessment outcome.
• Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
• Right to complain: You have the right to lodge a complaint with a supervisory authority. For UK residents, this is the Information Commissioner’s Office (ICO) at ico.org.uk. For EEA residents, contact your local data protection authority.

To exercise any of these rights, please contact us at info@parium.ai or fraser@parium.ai. We will respond within one month.

Note: Because we act as a data processor on behalf of the employer for most assessment data, we may need to refer your request to the employer or work with them to fulfil it.

11. SECURITY

We take the security of your personal information seriously and implement appropriate technical and organisational measures, including:

• Encryption of data in transit (TLS) and at rest
• Isolated, ephemeral terminal environments for each assessment session
• Access controls and authentication (via Auth0)
• Regular security assessments
• Secure infrastructure hosted within reputable data centres

Important: The Platform is in beta phase, which means it may contain bugs or security vulnerabilities that have not yet been identified. No system is completely secure, and we cannot guarantee the absolute security of your information.

If you become aware of any security breach or vulnerability, please contact us immediately at security@parium.ai.

12. COOKIES AND TRACKING TECHNOLOGIES

The assessment Platform itself does not use cookies or tracking technologies beyond the behavioural monitoring described in Section 4.3 (which operates through the terminal session, not through browser cookies).

Our marketing website at parium.ai uses:

• Essential cookies: Necessary for the website to function (e.g. session management). These cannot be disabled.
• Google Analytics: We use Google Analytics to understand how visitors interact with our website. Google Analytics uses cookies to collect anonymised usage data. Google may transfer this data to servers in the United States. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on at tools.google.com/dlpage/gaoptout.

You can manage cookie preferences through your browser settings. Disabling essential cookies may prevent certain website features from working.

13. BETA SERVICES — ADDITIONAL INFORMATION

Important notice for beta users:

• Platform is under development: Features and functionality may change without notice, and the Platform may not operate as intended at all times.
• Data may be used for improvement: During the beta period, we may use your data to test, debug, and improve the Platform, including reviewing assessment sessions to identify issues and enhance scenario quality.
• No guarantees: We do not guarantee the accuracy or reliability of assessment results during the beta phase. Results should be used by employers for evaluation purposes in conjunction with other hiring signals.
• Service may be discontinued: We reserve the right to discontinue the beta service at any time. If we do so, we will notify affected parties and delete data in accordance with this Privacy Policy.
• Feedback: We may contact you to request feedback about your experience. Participation is voluntary.

14. THIRD-PARTY LINKS

The Platform or our website may contain links to third-party websites or services. This Privacy Policy does not apply to those sites, and we are not responsible for their privacy practices. We encourage you to read their privacy policies.

15. CHILDREN’S PRIVACY

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a person under 18, please contact us immediately at info@parium.ai and we will delete it.

16. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, the Platform, or legal requirements. We will notify you of material changes by:

• Posting the updated Privacy Policy on our website with a new “Last updated” date; and
• Where practicable, notifying affected candidates or employers by email.

Your continued use of the Platform after any changes indicates your acceptance of the updated Privacy Policy.

17. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us at:

Email: info@parium.ai

Data Protection Officer: Fraser Tait — fraser@parium.ai

Security: security@parium.ai

We will respond to your enquiry as soon as reasonably practicable and in any event within one month.