Back

Privacy Policy

Last updated: December 10, 2025

1. Introduction

Permito ("we", "us", or "our") operates the visa interview practice platform at permito.io. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Permito, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Google account info (if using Google sign-in)
  • Password (encrypted, if not using Google sign-in)

Interview Practice Data

During practice sessions, we collect:

  • Visa type and scenario selections
  • Profile information you provide for scenarios (occupation, travel purpose, etc.)
  • Text transcripts of conversations (what you said and AI responses)
  • AI-generated feedback and scores

Voice Data: We Don't Store It

Your voice audio is processed in real-time to generate responses and transcripts, then immediately deleted. We do not retain, store, or archive raw audio recordings. Only the text transcript is saved to your account.

Usage Data

We automatically collect:

  • Browser type and version
  • Device information
  • IP address (for security and fraud prevention)
  • Pages visited and features used
  • Session duration and timestamps

Payment Information

Payment processing is handled by our payment provider. We do not store full credit card numbers. We only receive:

  • Transaction confirmation
  • Last 4 digits of card (for your reference)
  • Billing country

3. How We Use Your Information

We use collected information to:

  • Provide the Service: Process voice input, generate AI responses, create transcripts and feedback
  • Personalize Experience: Customize interview scenarios based on your profile
  • Track Progress: Show your improvement across practice sessions
  • Process Payments: Complete purchases and manage subscriptions
  • Communicate: Send service updates, security alerts, and support responses
  • Improve Service: Analyze usage patterns to enhance features
  • Prevent Fraud: Detect and prevent abuse or unauthorized access

4. Data Sharing

We do not sell your personal data.

We may share data with:

AI Service Providers

Voice-to-text, AI language models, and text-to-speech services process your conversations in real-time. These providers are contractually bound to data protection requirements.

Payment Processors

We use third-party payment services to process transactions securely. They operate under their own privacy policies.

Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect rights, safety, or property.

5. Data Security

We implement appropriate security measures including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of sensitive data at rest
  • Secure password hashing
  • Access controls and authentication
  • Regular security assessments

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

Account Data: Retained while your account is active and for a reasonable period after deletion for legal compliance.

Interview Transcripts: Retained while your account is active. You can delete individual sessions or your entire account.

Voice Audio: Not retained. Processed in real-time and immediately discarded.

Payment Records: Retained for 7 years for tax and legal compliance.

7. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Delete your account and associated data
  • Export: Download your interview transcripts and feedback
  • Restrict Processing: Limit how we use your data in certain circumstances
  • Withdraw Consent: Opt out of optional data processing

To exercise these rights, contact us at legal@permito.io. We will respond within 30 days.

8. Cookies

We use essential cookies to:

  • Keep you logged in (session cookies)
  • Remember your preferences
  • Ensure security (CSRF protection)

We may use analytics cookies to understand how users interact with our Service. You can disable cookies in your browser settings, though this may affect functionality.

9. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our Service, you consent to such transfers.

We ensure that any international data transfers are protected by appropriate safeguards.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

For significant changes, we will provide a more prominent notice (such as an email notification).

12. Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, contact us:

Back to Home · Terms of Service · Help Center