Cossmic← Back to home

Legal

Privacy Policy

Last updated: May 2026

1. Who We Are

Cossmic ("we", "us") operates the Cossmic applicant tracking and recruiting platform. For questions: support@cossmic.in.

2. Data We Collect

We collect the following categories of data:

  • Account data: name, email address, organization name, billing contact.
  • Candidate data: resumes, contact details, interview notes, offer documents — submitted by your organization or by candidates applying to your posted jobs.
  • Usage data: pages visited, actions taken, timestamps — for product improvement and support.
  • Billing data: processed exclusively by Razorpay. We do not store card details.

3. How We Use Your Data

  • Provide and operate the Cossmic platform.
  • Send transactional emails (interview invites, offer notifications, onboarding).
  • Process payments via Razorpay.
  • Respond to support requests.
  • Meet legal obligations under Indian law, including the DPDP Act 2023.

4. Data Storage & Security

All data is stored on secure, cloud-hosted PostgreSQL infrastructure. We apply row-level security, encrypted connections (TLS 1.2+), and encryption at rest. Tenant isolation is enforced at the database level — one organization cannot access another's data.

5. Data Retention

We retain your data for the duration of your subscription plus 90 days after cancellation. You may request deletion at any time by emailing support@cossmic.in. Candidate data can be deleted independently via the platform.

6. Your Rights (DPDP Act 2023)

Under the Digital Personal Data Protection Act 2023 you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate personal data.
  • Erase your personal data (right to be forgotten).
  • Withdraw consent where processing is based on consent.
  • Nominate a person to exercise these rights on your behalf.

Submit data subject requests to support@cossmic.in. We will respond within 30 days.

7. Third-Party Services

  • Supabase — database and authentication infrastructure.
  • Razorpay — payment processing (PCI DSS compliant).
  • ZeptoMail — transactional email delivery.
  • Google Calendar / Gmail — optional integration (requires your explicit OAuth consent).
  • Vercel — application hosting.

8. Contact

Cossmic
Email: support@cossmic.in