Security & Data Protection

Last updated: 8/21/2025

We take security seriously and implement technical and organizational measures to protect user data.

1. Overview

InterviewHub employs industry-standard safeguards to protect data in transit and at rest where applicable, and limits access to authorized personnel.

2. Security Controls

  • Transport Security: All traffic uses HTTPS/TLS.
  • Authentication: Firebase Authentication for account security and token-based authorization.
  • Access Control: Role-based access in backend services; principle of least privilege.
  • Data Minimization: We only store data necessary to deliver the service (e.g., session IDs, credit usage, interview metadata). Payment card data is handled by Stripe.
  • Monitoring: Session monitoring and audit logs for interview sessions to detect anomalies (e.g., credit exhaustion events).
  • Backups & Reliability: Provider-grade durability and redundancy for hosted components.

3. Compliance & Commitments

  • We strive to align with applicable data protection laws (e.g., GDPR principles).
  • We use reputable third-party processors (Firebase, Stripe) that offer strong security assurances and compliance documentation.
  • Future enhancements include analytics with privacy controls and cookie consent mechanisms.

4. Reporting & Contact

To report a security issue or vulnerability, contact security@interviewhub.app. We will acknowledge and investigate in a timely manner.