Scovai

Compliance & Security

GDPR, EU AI Act, bias monitoring, data storage, and privacy controls.

Yes. Scovai is engineered with GDPR compliance at its core — not as an afterthought. Built-in features include granular consent management with audit trails, data portability, right to erasure, purpose limitation controls, and full transparency about data processing activities.

Scovai implements key requirements: Article 14 (human oversight — any AI decision can be escalated for human review), Article 13 (transparency — every score includes explainable rationale), and Article 10 (data governance — bias monitoring and quality controls on training data).

Every scoring decision is automatically analyzed for demographic bias in real time. Gender and age distribution tracking runs continuously. If statistical anomalies or disproportionate outcomes are detected, they are immediately flagged for human review with detailed reports.

Data is stored on secured European servers with full encryption at rest and in transit. Scovai maintains strict data sovereignty controls to ensure your information never leaves the jurisdictions you authorize.

Yes. Candidates have full GDPR rights, including the right to erasure (Article 17). Data deletion requests are processed promptly with a complete audit trail to demonstrate compliance.

Per EU AI Act requirements, every AI-generated decision — scores, rankings, interview evaluations — can be escalated for human review. Recruiters always maintain final decision authority. The AI supports and informs; humans decide.

The Integrity Shield is a multi-level assessment monitoring system that ensures fair evaluation conditions. It ranges from passive behavioral telemetry (keystroke patterns, tab switching, timing analysis) to optional proctoring (camera, microphone, screen monitoring). All monitoring levels require explicit candidate consent, and results are advisory only — recruiters make the final decision, per EU AI Act requirements.

Biometric data (facial images from identity verification) is processed with explicit GDPR Article 9 consent. Images are encrypted at rest, never shared with employers, and automatically deleted after 30 days. Face vectors used for matching are retained for a maximum of 12 months. Candidates can request immediate deletion at any time from their Privacy settings.

Yes. The platform provides granular consent management. Each AI-powered feature requires separate, explicit consent: CV scoring, psychometric profiling, interview analysis, cognitive assessment, face verification, career companion usage, and Talent Passport sharing. Candidates can grant or revoke any consent at any time from their Privacy page.