NxtRound
Privacy Policy
Last updated: March 3, 2026

This Privacy Policy describes how NxtRound ("we", "us", or "our") collects, uses, and protects your information when you use our AI-powered interview coaching application and services. This policy applies to nxtround-5z7fd.web.app and all related services.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Basic Profile Data: Name, email address, and encrypted password
  • Authentication Data: Login timestamps, device information, and session tokens
  • OAuth Data: If you sign up with Google, we receive your Google profile information (name, email, profile picture)

This information is securely managed through Firebase Authentication and subject to Google's Privacy Policy.

1.2 Practice Session Data

During your interview practice sessions, we collect:

  • Interview Responses: Your spoken answers transcribed via Web Speech API
  • Session Metadata: Practice duration, question types, completion status
  • Role Information: Job descriptions and role details you provide
  • Drawing Data: System design diagrams and whiteboard content
  • Performance Metrics: Session scores, improvement areas, and progress tracking
1.3 Usage Analytics

We collect anonymous usage data through Google Analytics 4:

  • Page Views: Which pages you visit and how long you stay
  • User Actions: Button clicks, feature usage, and navigation patterns
  • Technical Data: Browser type, device information, screen resolution
  • Performance Data: Page load times and error rates
1.4 Feedback and Support Data

When you contact us or provide feedback:

  • Support Requests: Your questions, bug reports, and feature requests
  • Communication Records: Our responses and resolution history
  • Satisfaction Surveys: Your ratings and comments about our service

2. How We Use Your Information

2.1 Core Service Delivery
  • AI Processing: Send your practice content to Google AI (Gemini) for feedback generation
  • Personalization: Customize practice sessions based on your role and experience level
  • Progress Tracking: Monitor your improvement and provide performance insights
  • Cross-Device Sync: Store your data in Firestore for access across devices
2.2 Service Improvement
  • Analytics: Understand how users interact with our platform
  • Feature Development: Identify popular features and areas for improvement
  • Quality Assurance: Monitor system performance and fix issues
  • User Research: Conduct studies to enhance user experience
2.3 Communication
  • Account Management: Send password resets and security notifications
  • Product Updates: Notify you about new features and improvements
  • Support: Respond to your questions and resolve issues

3. Third-Party Services and Data Sharing

3.1 Google Services
  • Firebase Authentication: Manages user accounts and security
  • Firestore Database: Stores your practice data securely in the cloud
  • Google AI (Gemini): Processes your interview content to generate personalized feedback
  • Google Analytics: Tracks anonymous usage patterns and performance metrics
  • Firebase Hosting: Delivers our web application securely

All Google services are governed by Google's Privacy Policy and data processing agreements.

3.2 Data Processing for AI Feedback

Important: When you request AI feedback, your interview content (questions, responses, job descriptions) is temporarily sent to Google AI services for processing. This data:

  • Is used solely to generate your personalized feedback
  • Is not stored permanently by Google AI services
  • Is processed according to Google's AI usage policies
  • May be used by Google to improve their AI models (as per Google's terms)
3.3 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Data Storage and Security

4.1 Data Storage Locations
  • Account Data: Stored in Firebase Authentication (Google Cloud)
  • Practice Data: Stored in Firestore database (Google Cloud)
  • Analytics Data: Processed by Google Analytics (anonymized)
  • Temporary Data: Some data cached locally in your browser for performance
4.2 Security Measures
  • Encryption: All data transmitted using HTTPS/TLS encryption
  • Authentication: Secure login with Firebase Authentication
  • Access Controls: Strict access controls and user permissions
  • Security Headers: Comprehensive security headers to prevent attacks
  • Regular Updates: Continuous security monitoring and updates
4.3 Data Retention
  • Account Data: Retained until you delete your account
  • Practice Sessions: Stored indefinitely unless you delete them
  • Analytics Data: Retained for 26 months (Google Analytics default)
  • Support Data: Retained for 2 years for quality assurance

5. Your Privacy Rights

5.1 Access and Control

You have the right to:

  • Access: View all your personal data through your account dashboard
  • Update: Modify your profile information and preferences
  • Delete: Remove specific practice sessions or your entire account
  • Export: Download your data in a portable format
  • Opt-out: Disable analytics tracking through browser settings
5.2 Account Deletion

To delete your account:

  • Go to Settings → Account → Delete Account
  • This will permanently remove your profile and practice data
  • Some anonymized analytics data may be retained
  • Deletion is irreversible and cannot be undone
5.3 GDPR and CCPA Rights

If you're in the EU or California, you have additional rights:

  • Right to be Forgotten: Complete data deletion upon request
  • Data Portability: Receive your data in machine-readable format
  • Consent Withdrawal: Withdraw consent for data processing
  • Processing Objection: Object to certain types of data processing

6. Cookies and Tracking

6.1 Essential Cookies
  • Authentication: Keep you logged in securely
  • Preferences: Remember your settings and preferences
  • Security: Prevent fraud and unauthorized access
6.2 Analytics Cookies
  • Google Analytics: Track usage patterns and performance
  • Performance Monitoring: Identify and fix technical issues
  • Feature Usage: Understand which features are most valuable
6.3 Service Worker Caching

Our Progressive Web App uses service workers to cache content for better performance. This includes:

  • Static assets (images, stylesheets, scripts)
  • Previously visited pages for offline access
  • Font files and other resources

7. Children's Privacy

NxtRound is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we discover we have collected information from a child under 16, we will delete it immediately.

8. International Data Transfers

Your data may be processed in countries other than your own, including the United States, where Google Cloud services operate. We ensure appropriate safeguards are in place for international transfers.

9. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes through:

  • Email notifications to registered users
  • In-app notifications when you next use the service
  • Updated date at the top of this policy

Continued use after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions or to exercise your rights, contact us through:

  • In-App Feedback: Use the feedback form in the application
  • Support System: Submit a support request through your account
  • Data Protection: For GDPR/CCPA requests, use the "Data Rights" option in Settings

Effective Date: This Privacy Policy is effective as of the date shown above and applies to all information collected on or after that date.

Back to Home