This page explains what personal data Prism processes, on which legal basis, where it is stored, and what rights you have as a data subject. Prism is a private, invitation-only dossier — not a commercial platform. Data minimisation is a design constraint, not a marketing line.
Controller
Dr. Steffen Heidrich, In den Kläuern 4, 55129 Mainz, Germany. Contact: steffen@heidrich.ai.
What data is processed, and why
Prism processes the following categories of personal data, exclusively in connection with a recruiter session you were invited to:
- Recruiter identity — name, organisation, role, conversation reference. Entered manually by Steffen when he issues your magic link. Legal basis: Art. 6 (1) (b) GDPR (performance of a pre-contractual relationship, i.e. the application process) and (f) (legitimate interest in conducting a recruiting conversation).
- Session cookies — a signed JWT (HTTP-only, same- site=lax) is set in your browser when you open the magic link, so the site can identify the session on subsequent page loads. The cookie expires with the link.
- Usage counters — how many agent questions have been asked on your session, a minute-level rate counter, the number of distinct calendar days you opened the invitation link (Europe/Berlin), and a count of actively-used browser time driven by a 30-second heartbeat while your tab is visible and you are interacting. No question content is persisted in any counter.
- Pseudonymised access log — which session ID performed which action (view, ask, download, heartbeat) at which timestamp. Your name is not stored in that log. Retention: 90 days, then automatic deletion.
- Anonymised intent rows— after each question you ask the deep-dive agent, a separate Claude Haiku call classifies the question into a fixed taxonomy (e.g. “technical-skills”, “availability-location”) and generates a short, generic paraphrase stripped of all proper nouns, company names and locations. Only the category and paraphrase are written to the database — the raw question is never persisted. This feeds an aggregated “what gets asked most” view used to improve the corpus. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in product improvement). Retention: 2 years, since the data is already anonymised.
Agent questions and answers
When you use the deep-dive agent, your question is sent server-side to Anthropic’s Claude API (Anthropic PBC, USA) together with a curated corpus composed by Steffen. Anthropic processes the request transiently under its Data Processing Addendum and its commercial no-training commitment. Prism does not retain your individual questions or the generated answers beyond the browser session; only the questions-used counter is incremented.
The transfer to the United States is covered by the EU-US Data Privacy Framework and standard contractual clauses included in Anthropic’s DPA. Legal basis: Art. 6 (1) (f) GDPR.
Hosting
Prism is hosted by Clever Cloud SAS (3 rue de l’Allier, 44000 Nantes, France) in their Paris region. Database (PostgreSQL) and object storage (Cellar) are co-located. Clever Cloud acts as a processor under Art. 28 GDPR; no data is stored outside the European Union with the exception of the Anthropic API transfer described above.
Document downloads
When you download a PDF, it is watermarked on the fly with your name, the session ID and the date. This is not done to track you — it exists so that unintended further distribution of otherwise private documents (e.g. reference letters) remains attributable.
Cookies
prism_session— signed JWT identifying your recruiter session; HTTP-only, same-site lax, secure in production, expires with the link.prism_admin— only set for Steffen’s own admin console. Not set on recruiter sessions.
No analytics, no advertising, no third-party tracking cookies.
Your rights
You have the right to:
- access the personal data held about you (Art. 15 GDPR),
- have it rectified (Art. 16) or erased (Art. 17),
- restrict or object to its processing (Art. 18 & 21),
- receive it in a portable format (Art. 20),
- lodge a complaint with a supervisory authority (Art. 77).
For any of these, please contact Steffen directly at steffen@heidrich.ai. Erasure of your session can also be requested simply by replying to the invitation e-mail — it is a single record in a database and can be removed within the same working day.
Competent supervisory authority
Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz, Hintere Bleiche 34, 55116 Mainz. datenschutz.rlp.de.
Retention
- Recruiter session records: until the link expires, plus 30 days.
- Access log: 90 days, then automatic deletion.
- Anonymised intent rows: 2 years (no personal data — kept for long-term pattern analysis).
- Uploaded documents: controlled by Steffen — removed on request.
Related documents
- Data policy — the operational inventory of what is stored where, access controls, and what is never stored.
- Data Processing Agreement (AVV) — sub-processor list and how to request a signed copy.
Changes to this notice
This notice may be updated to reflect technical or legal changes. The last update is version-tagged in this repository’s git history.