Legal

1. General Information
In accordance with the provisions of the Law on Information Society Services and Electronic Commerce (LSSICE), we provide users with the following legal information:

Website owner: GENIUS FOR PEOPLE S.L.
Registered address: Calle Badajoz 32, 08005, Barcelona (Barcelona), Spain
Tax ID (CIF/NIF): B44879849
Email: Admin@mainder.ai
Contact phone: +34 674 706 032


2. Terms of Use
Accessing and using this website grants the status of user and implies full and unconditional acceptance of all provisions contained in this Legal Notice.
The user agrees to make proper use of the website and its contents in accordance with the law, this Legal Notice, and any other applicable notices, usage regulations, or instructions.


3. Intellectual and Industrial Property
All website content—including text, graphics, images, logos, icons, software, trade names, brands, and any other element subject to protection—is covered by intellectual and industrial property rights owned by us or used with proper authorization.
Unauthorized use of such content will be considered an infringement of intellectual or industrial property rights.


4. Limitation of Liability
The website owner shall not be held liable for any damages that may arise from the use of this website, or from users’ misuse of its services and content.
We also do not guarantee continuous availability of the website, nor that it is free of errors or viruses.


5. Third-Party Links
This website may contain links to third-party websites. We assume no responsibility for the content, privacy policies, or practices of these websites.
The inclusion of links does not imply any association with or endorsement of the linked sites.


6. Data Protection
Use of this website is subject to our Privacy Policy, which details how personal data collected through the website are processed, in accordance with the General Data Protection Regulation (GDPR).


PROCESSING OF DATA FROM GOOGLE API SERVICES

Mainder uses Google API Services to provide enhanced functionality to our users. This section specifically describes how we handle data obtained through Google APIs.

Google Data We Access
• Basic profile information: Name, email address, profile picture
• Google Calendar: Events, availability, and meeting details (read-only)
• Google Meet: Meeting links and video call settings
• Google Contacts: List of professional contacts (with your explicit authorization)
• Google Drive: Documents related to recruitment processes (CVs, portfolios) you choose to share

Use of Google Data
Data obtained through Google APIs are used exclusively for:
• Calendar synchronization: Coordinate interviews and meetings without scheduling conflicts
• Communication management: Facilitate sending invitations via your Gmail account
• Contact import: Speed up candidate database creation (only with your consent)
• Video call generation: Automatically create Google Meet links for virtual interviews
• Availability analysis: Optimize interview scheduling based on your calendar
• Usage limitation: We only use Google data for the purposes you specifically authorize, and never for unrelated advertising or marketing.

Data Sharing with Third Parties

Data obtained from Google APIs:
• Are NOT sold under any circumstances
• Are NOT shared with third parties for advertising purposes

They are shared only with:
• Essential service providers (e.g., AWS for storage, under confidentiality agreements)
• Other users within your organization in Mainder (according to permissions you configure)
• Competent authorities, only when legally required


Data Storage and Protection

We implement enterprise-grade security measures to protect Google data:
• Encryption: All data are encrypted in transit (TLS 1.3) and at rest (AES-256)
• Storage: Secure AWS servers in the EU-West region (Ireland) with ISO 27001 certification
• Access control: Mandatory multi-factor authentication (MFA) and role-based access control (RBAC)
• Auditing: Full access and modification logs with immutable records
• Segregation: Each client’s data are fully isolated in separate databases
• Backups: Daily encrypted backups with 30-day retention


Data Retention and Deletion
Our Google data retention policy is as follows:
• Active retention period: While your Mainder subscription remains active
• Post-cancellation: 90 days after subscription cancellation (to allow reactivation)
• Permanent deletion: After 90 days, all data are permanently deleted

Immediate Deletion Request
You may request immediate deletion of your Google data at any time:
• Email: privacy@mainder.ai
• Response time: Within 72 business hours
• Confirmation: You will receive a data deletion certificate

Revoking Google Permissions

You can revoke Mainder’s access to your Google data at any time:
1. From Mainder:
Settings → Integrations → Google → Disconnect
2. From Google:
myaccount.google.com/permissions → Mainder → Remove access
3. Immediate effect:
Revocation instantly stops access to any new data.


Compliance with Google Policies

Mainder strictly complies with:
• Google API Services User Data Policy
• Google APIs Terms of Service
• OAuth 2.0 Security Best Practices
• Limited Use Requirements
‍