Privacy Policy
Last Updated: June 2026
1. Introduction
PARETIX Ltd. (“Company”, “we”, or “us”), headquartered at 31 Yavne Street, Tel-Aviv, Israel, operates Paretix Academy — an AI-powered professional assessment and certification platform (“the Platform”). This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights regarding that data.
We comply with the Israeli Privacy Protection Law (1981), GDPR principles, and other applicable global data protection regulations. By using the Platform you agree to the practices described herein.
2. Data We Collect
2.1 Information you provide directly
| Email address | Provided on the landing page to begin the assessment. Used to authenticate you and send your certificate link. |
| Full name | Provided at the end of the assessment. Appears on your certificate. |
| Survey answers | 15 structured questions about your AI knowledge and role. Stored to generate your assessment and used as context for the AI interview. |
| AI interview transcript | The full conversation between you and the AI interviewer. Used solely to grade your assessment across 7 dimensions. |
| Marketing consent | Optional checkbox on the landing page. Indicates whether you consent to receive marketing communications from Paretix. |
| Course info consent | Optional checkbox at the end of the assessment. Indicates whether you consent to receive a single email with information about relevant Paretix Academy courses. |
2.2 Information collected automatically
| Session cookie | An anonymous session ID stored in an HTTP-only cookie (90-day expiry). Used to maintain your session and to track A/B banner interactions. Not accessible to JavaScript. |
| IP-based country detection | Your IP address is used once on page load to detect your country and pre-select the appropriate language (Hebrew/English). The IP address itself is not stored. |
| Banner interaction data | Anonymous impressions and clicks on promotional banners, linked to your session ID. Used to measure which banner variants perform better (A/B testing). No personally identifiable data is stored unless you have also provided your email. |
3. How We Use Your Data
| Deliver the assessment | Survey answers and interview transcript are passed to the AI grading engine to produce your dimension scores and overall certification level. |
| Issue your certificate | Your name, email, overall level, and dimension scores are stored to generate a permanent, verifiable certificate with a unique credential ID. |
| Send transactional emails | We send a magic-link verification email when you register, and a certificate-ready email when grading is complete. These emails are non-optional and do not require marketing consent. |
| Send marketing communications | Only if you checked the marketing consent box on the landing page. |
| Send a course info email | Only if you checked the course info consent box at the end of the assessment. This is a single email only. |
| Improve the platform | Aggregate, anonymized assessment data may be used to evaluate platform quality. Individual transcripts are never used to train or fine-tune AI models. |
| A/B testing | Anonymous banner interaction data helps us understand which messaging is most effective. No profiling or automated decision-making is performed on this data. |
4. AI and Data Isolation
The AI interview is powered by Anthropic’s Claude via Enterprise API. We maintain a strict policy:
- Your interview transcript and survey answers are never used to train AI models — ours or Anthropic’s.
- Anthropic’s Enterprise API contractually guarantees that submitted data is not used for model training and is protected by enterprise-grade security.
- The AI does not make final certification decisions autonomously. The grading output is a structured score that is stored and presented to you.
5. Data Sharing and Third Parties
We do not sell your personal data. We share it only with the following sub-processors, strictly for the purposes described above:
| Supabase | Database hosting. All participant, assessment, and certificate data is stored in Supabase-hosted PostgreSQL. Data is encrypted at rest and in transit. |
| Anthropic | AI interview and grading. Your survey context and interview transcript are sent to Anthropic's API for assessment purposes only. |
| Resend | Transactional email delivery. Your email address is shared with Resend to deliver verification and certificate emails. |
| Vercel | Application hosting. The Platform runs on Vercel's infrastructure. No personal data is persistently stored by Vercel beyond standard web server logs. |
| Only when you click "Add to LinkedIn" on your certificate page. This is user-initiated and sends publicly shareable certificate metadata to LinkedIn. |
Corporate enrollments: If your employer enrolled you in an assessment cohort, they receive only aggregate cohort-level data (e.g., completion rate, average level distribution). Your individual scores and transcript are never shared with your employer without your explicit consent.
6. Data Retention
| Assessment data (transcript, answers, scores) | Retained for the duration of your certificate's validity (18 months from issue date). May be retained longer in anonymized form for platform quality purposes. |
| Certificate record | Retained indefinitely so your credential can be verified by third parties (e.g., LinkedIn, employers). |
| Session and banner data | Session cookies expire after 90 days. Banner interaction records are retained for up to 12 months for A/B analysis. |
| Magic links (verification tokens) | Expire after 24 hours and are deleted automatically. |
| Email and name | Retained as long as your certificate record exists. You may request deletion — see Section 8. |
7. Cookies
We use a single functional cookie: a session ID stored in an HTTP-only, Secure, SameSite=Lax cookie. This cookie is essential for the Platform to function (authentication and session continuity) and does not require separate consent under applicable law. We do not use advertising cookies or third-party tracking cookies.
8. Your Rights
Under the Israeli Privacy Protection Law and GDPR, you have the right to:
- Access — request a copy of the personal data we hold about you.
- Correction — request that inaccurate data be corrected.
- Deletion — request that your personal data be deleted. Note: deleting your data will also invalidate your certificate.
- Withdraw consent — withdraw marketing or course-info consent at any time without affecting your certificate.
- Portability — request your data in a structured, machine-readable format.
To exercise any of these rights, contact us at support@paretix.com. We will respond within 30 days.
9. Security
All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Access to personal data is restricted to authorized personnel only. We follow the same information security standards applied across PARETIX Ltd., certified to ISO/IEC 27001.
10. Children
The Platform is intended for professionals and is not directed at individuals under the age of 18. We do not knowingly collect data from minors.
11. Changes to This Policy
We may update this policy from time to time. We will notify registered participants of material changes by email. The “Last Updated” date at the top of this page reflects the most recent revision. Continued use of the Platform after changes constitutes acceptance of the updated policy.
12. Contact
For any privacy-related questions, requests, or concerns:
31 Yavne Street, Tel-Aviv, Israel
Privacy enquiries: support@paretix.com
General contact: support@paretix.com
Governing law: State of Israel. Disputes subject to the exclusive jurisdiction of the competent courts of Tel Aviv-Yafo.