Skip to content
Oops!... AI Did It Again
Take the assessment

Privacy Policy

This policy explains what Oops!... AI Did It Again (operated by Medhāvi-AI) collects when you use the Service, why, and the choices you have. We aim to collect as little as possible.

Information we collect

  • Your interview answers — the job title, industry, region, and the free-text you type during the assessment. This is the core input to your report.
  • Account details — if you create an account to unlock a paid report, your email address (and a securely hashed password, handled by our auth provider).
  • Payment information — when you pay, our payment processor handles the transaction. We receive payment metadata (e.g. a payment/order ID and status) to unlock your report. We never receive or store your full card or UPI credentials.
  • Technical data — an anonymous session identifier stored in your browser to link your reports, and a one-way hashed version of your IP address used only for rate-limiting and abuse prevention. We do not store raw IP addresses.
  • Analytics — we use a cookieless analytics tool that does not track you across sites or collect personal data.

How we use it

  • To generate your risk report and run the interview.
  • To create and secure your account and process your payment.
  • To prevent abuse and keep the Service reliable (rate-limiting).
  • To understand aggregate, anonymous usage so we can improve the product.

Service providers we share data with

We use trusted third parties to run the Service. Each receives only what it needs:

  • Supabase — database, authentication, and file storage.
  • Vercel — website hosting.
  • Razorpay — payment processing (INR and international card payments).
  • AI providers (such as Anthropic and OpenAI) — to process your interview text and generate the report. Your answers are sent to the active provider to produce your report.
  • Tavily — web search used to enrich paid reports.
  • A cookieless analytics provider (Plausible), and, when enabled, an email provider (Resend) for transactional email and an error-tracking provider (Sentry).

We do not sell your personal data. We only disclose data to others if required by law.

How long we keep it

  • Anonymous reports (created without an account) are automatically deleted after 7 days.
  • If you have an account, your reports and account data are kept until you delete them or close your account.

Your rights & choices

You can view and manage your reports from your dashboard. You can permanently delete a report, or delete your entire account and all associated data, from your account settings — this removes your data from our systems. To make any other request about your data, reach out via our Contact page.

Security

Access to user data is protected with row-level security, and secrets and API keys are held server-side only. No system is perfectly secure, but we take reasonable measures to protect your information.

Contact

For any privacy question, see our Contact page. See also our Terms & Conditions.