Privacy Policy

Sanixia is operated by Nordic Blue, a company registered in Norway. We provide AI-powered recruiting software that helps companies analyze applicants and discover passive candidates.

For questions about this policy, contact us at privacy@sanixia.com.

We collect data from two groups of people:

Company users (our customers)

• Name, email address, and profile picture (from Google OAuth sign-in)
• Company name and preferred language
• Billing information (processed by Stripe — we never see full card numbers)

Job applicants (candidates)

• Name and email address (provided when applying)
• CV/resume file (PDF or DOCX)
• AI-generated analysis results (scores, summaries, strengths, concerns)

• To provide and improve our recruiting analysis service
• To process CVs using AI and generate candidate scores and summaries
• To send transactional emails (application confirmations, scoring notifications)
• To process payments and manage subscriptions
• To respond to support requests

We do not sell personal data to third parties. We do not use candidate data for advertising.

CVs are processed by Anthropic's Claude AI to generate scores and analysis. CV text is sent to the Anthropic API for processing but is not used by Anthropic to train their models. We do not store raw AI prompt output — only structured results (scores, summaries) are retained.

• All data is stored within the European Union (EU data residency)
• CV files are stored in Cloudflare R2 (EU jurisdiction)
• Database hosted on Railway (PostgreSQL with encryption at rest)
• All connections use TLS/HTTPS encryption
• Access to production systems is restricted to authorized personnel

• CV files are deleted 12 months after the associated job is closed
• Company accounts and their data persist as long as the account is active
• Canceled accounts retain read-only access — data is not deleted immediately
• You can request full data deletion at any time

If you are in the EU/EEA, you have the right to:

• Access — request a copy of your personal data
• Rectification — correct inaccurate data
• Erasure — request deletion of your data
• Portability — receive your data in a structured format
• Object — object to processing of your data
• Restrict — request restricted processing

To exercise any of these rights, email privacy@sanixia.com. We will respond within 30 days.

• Anthropic (Claude AI) — CV analysis and scoring
• Stripe — payment processing
• Cloudflare — file storage (R2), email routing
• Vercel — application hosting
• Railway — database and worker hosting
• Resend — transactional email delivery
• Google — OAuth authentication

We use only essential cookies required for authentication and session management. We do not use tracking cookies, analytics cookies, or advertising cookies.

We may update this policy from time to time. Significant changes will be communicated via email to registered users. The "last updated" date at the top reflects the most recent revision.