Privacy Policy

At ExitFox, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered exit interview platform.

Please read this privacy policy carefully. By using ExitFox, you consent to the data practices described in this policy. If you do not agree with the terms of this privacy policy, please do not access the Service.

1.1 Information You Provide

We collect information you voluntarily provide when using our Service:

• Account Information: Name, email address, company name, job title, and password when you register
• Company Data: Organization details, department structures, and team information
• Employee Information: Names, roles, departments, tenure dates, and email addresses of departing employees
• Interview Data: Exit interview questions, responses, and any additional notes or comments
• Payment Information: Billing address and payment details (processed securely by our payment provider)
• Communications: Messages you send to us for support or feedback

1.2 Information Collected Automatically

When you access our Service, we automatically collect:

• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, pages viewed, and referring URLs
• Usage Data: Features used, actions taken, and interaction patterns
• Cookies: Small data files stored on your device (see Cookie Policy below)

1.3 Information from Third Parties

• Slack: When you connect your Slack workspace, we receive workspace information, user profiles, and message content related to exit interviews
• Google OAuth: If you sign in with Google, we receive your name, email, and profile picture
• HRIS Systems: If integrated, we may receive employee data from your HR systems

We use the information we collect for the following purposes:

2.1 Service Delivery

• Create and manage your account
• Generate AI-powered exit interview questions
• Conduct exit interviews through Slack
• Analyze interview responses and generate insights
• Provide sentiment analysis and reporting

2.2 Service Improvement

• Improve and optimize our AI algorithms
• Develop new features and functionality
• Analyze usage patterns to enhance user experience
• Conduct research and analytics (using aggregated, anonymized data)

2.3 Communication

• Send service-related notifications and updates
• Respond to your inquiries and support requests
• Send marketing communications (with your consent)
• Notify you of changes to our policies

2.4 Legal and Security

• Comply with legal obligations
• Protect against fraudulent or illegal activity
• Enforce our Terms and Conditions
• Protect the rights and safety of our users

ExitFox uses artificial intelligence to enhance exit interviews. Here's how AI interacts with your data:

• Question Generation: We use AI to analyze employee context (role, department, tenure) and generate personalized interview questions. This data is processed but not stored by our AI systems beyond the generation request.
• Sentiment Analysis: Interview responses may be analyzed by AI to determine sentiment and identify themes. Results are stored in association with your account.
• Model Training: We do NOT use your individual interview responses to train our AI models. Only anonymized, aggregated data may be used to improve general question quality.

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share data with trusted third parties who assist in operating our Service:

• Cloud Hosting: Data storage and processing infrastructure
• Payment Processors: Secure payment handling
• AI Services: Question generation and analysis
• Analytics Providers: Usage analytics and performance monitoring
• Communication Tools: Email delivery and notifications

4.2 Legal Requirements

We may disclose information when required by law, including:

• Compliance with legal processes (subpoenas, court orders)
• Response to government requests
• Protection of our legal rights
• Investigation of potential violations

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

4.4 With Your Consent

We may share information with third parties when you explicitly consent to such sharing.

We implement robust security measures to protect your information:

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
• Access Controls: Role-based access and multi-factor authentication
• Infrastructure Security: Secure cloud hosting with regular security audits
• Employee Training: Regular security awareness training for all staff
• Incident Response: Documented procedures for handling security incidents
• Regular Testing: Penetration testing and vulnerability assessments

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

We retain your information for as long as necessary to provide our Service and fulfill the purposes described in this policy:

• Account Data: Retained while your account is active, plus 30 days after deletion request
• Interview Data: Retained according to your subscription plan settings, typically 2-5 years
• Log Data: Retained for up to 12 months
• Analytics Data: Aggregated data may be retained indefinitely

You may request deletion of your data at any time. Upon account termination, we will delete or anonymize your data within 30 days, unless retention is required by law.

You have the following rights regarding your personal information:

7.1 Access and Portability

• Request a copy of your personal data
• Export your interview data in standard formats (CSV, JSON)
• Receive information about how your data is processed

7.2 Correction and Deletion

• Update or correct inaccurate information
• Request deletion of your personal data ("right to be forgotten")
• Delete specific interview records

7.3 Restriction and Objection

• Restrict processing of your data in certain circumstances
• Object to processing based on legitimate interests
• Opt out of marketing communications

7.4 Consent Withdrawal

Where processing is based on consent, you may withdraw consent at any time. This does not affect the lawfulness of processing before withdrawal.

To exercise these rights, contact us at [email protected] or through your account settings.

ExitFox uses cookies and similar technologies:

Types of Cookies We Use

• Essential Cookies: Required for the Service to function (authentication, security)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use our Service
• Marketing Cookies: Track advertising effectiveness (only with consent)

Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Service.

ExitFox operates globally and may transfer your data to countries other than your own. When we transfer data internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses approved by regulatory authorities
• Data processing agreements with all service providers
• Compliance with EU-US Data Privacy Framework (where applicable)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR:

• Legal Basis: We process data based on contract performance, legitimate interests, consent, or legal obligations
• Data Protection Officer: Contact our DPO at [email protected]
• Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
• Automated Decision-Making: We do not make decisions based solely on automated processing that significantly affect you

If you are a California resident, you have specific rights under the California Consumer Privacy Act:

• Right to Know: Request information about data collection and sharing practices
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale of personal information (we do not sell data)
• Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise your CCPA rights, contact us at [email protected] or call our toll-free number.

ExitFox is not intended for use by children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately so we can delete it.

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on our website
• Updating the "Last updated" date
• Sending an email notification for significant changes

Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For more information about our terms of service, please visit our Terms and Conditions.