Privacy Policy

1. Overview and Responsible Body

We take the protection of your personal data very seriously. This Privacy Policy explains how we collect, use, and protect your data when you visit our website www.talentvaults.com.

Responsible Controller (Data Controller) according to Art. 4(7) GDPR:

Note on Jurisdiction: We adhere to the General Data Protection Regulation (GDPR) and all relevant applicable data protection laws.

2. General Data Collection (Server Log Files)

When you visit our website, our hosting provider automatically collects and stores information in "server log files." This processing is strictly necessary for the technical operation and security of the website.

• Provider: Netlify, Inc., 2325 3rd Street, Suite 296, San Francisco, California 94107, USA.
• Data Collected: Full IP addresses, browser type/version, operating system, referrer URL, and time of request.
• Retention: IP addresses are retained by Netlify for a maximum of 90 days to detect and prevent fraud and unauthorized access, after which they are rotated or deleted.
• Legal Basis: Art. 6(1)(f) GDPR (Legitimate Interest in website security, fraud prevention, and ensuring service functionality). You have the right to object to this processing under Article 21 GDPR.
• Data Processing Agreement (DPA): We maintain a DPA with Netlify that includes Standard Contractual Clauses (SCCs) to ensure GDPR compliance. For details on how Netlify handles your data, see Netlify's privacy policy: https://www.netlify.com/privacy/

3. Database Hosting (Supabase)

We use Supabase as our backend database provider for content management and delivery.

• Provider: Supabase, Inc., 970 Toa Payoh North #07-04, Singapore 318992.
• Purpose: Hosting database content and delivering public data to the website. We do not currently use Supabase for user authentication or login sessions.
• Data Transfer & Safeguards: Supabase hosts our primary database in West EU (Ireland) on Amazon Web Services (AWS). However, supporting infrastructure (logs, analytics) may involve processing in the US or Singapore. We have conducted a Transfer Impact Assessment (TIA) and determined that appropriate safeguards are in place, including:
  • Standard Contractual Clauses (Module Two).
  • Encryption in transit (TLS 1.2) and at rest (AES-256).
  • Adherence to the EU-US Data Privacy Framework principles.
• Privacy Policy: https://supabase.com/privacy

4. Cookies and Consent Management

Our website utilizes cookies—small text files stored on your device—to ensure functionality and analyze traffic.

Consent Management Platform (CMP)

To manage your consent preferences transparently, we use Cookiebot. Cookiebot scans our site to control cookies and may collect technical data about your device to display the correct consent options.

• Function: Cookiebot automatically blocks all non-essential cookies (such as those for Statistics) until you grant explicit consent.
• Legal Basis: Art. 6(1)(c) GDPR (Legal Obligation to obtain valid consent).
• Your Choice: You can manage or withdraw your consent at any time by clicking the "Cookie Settings" link in the footer of every page. Changes take effect immediately.

Categories of Cookies

• Strictly Necessary: Required for the site to function (e.g., saving your consent preference, session security). No consent is required for these.
• Statistics: Used to track behavior anonymously (e.g., Google Analytics). Consent is required.

5. Affiliate Links and Partner Redirection

Our website features tools and platforms from third-party partners.

Affiliate Link Disclosure

Buttons marked with "Apply Now", "Participate Now", "Visit Website", or similar calls to action are embedded with our unique referral identifiers.

• Respondent.io: If you sign up through this button, successfully pass the screener for a survey, and complete the study, Respondent.io pays TalentVaults a commission.
• Mercor: If you apply through this button, successfully pass Mercor's application process, and complete the minimum required paid work, Mercor pays TalentVaults a commission.
• Wise: If you sign up through this button and use or purchase the relevant service, the provider pays TalentVaults a commission.

Tracking Mechanism

When you click one of these buttons, you are redirected to the partner's domain. The URL contains a generic partner ID that identifies TalentVaults as the referrer. This ID allows the partner to attribute the commission to us. We do not generate or pass any unique user-ID, pseudonymized profile data, or personal contact details to these partners during this redirect.

Legal Basis (Art. 6(1)(f) GDPR)

We rely on our legitimate interest in financing our free services through affiliate commissions. The processing of the redirect data is limited to the absolute minimum necessary to attribute the referral.

Your Choice

Interaction with these affiliate links is entirely voluntary. If you do not wish for this referral attribution to occur, please visit the partner websites directly without clicking the links on our platform.

Specific Partners:

• Respondent.io: www.respondent.io/privacy-policy
• Mercor.com: www.mercor.com/data-privacy-policy

6. Google Services

Google Analytics 4 (GA4)

If you have given your explicit consent via our cookie banner, we use Google Analytics to analyze website usage and improve our content.

• Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
• Anonymization: We utilize IP anonymization. Your IP address is shortened before being transmitted to Google servers.
• Legal Basis: Art. 6(1)(a) GDPR (Consent).

7. Your Rights (GDPR)

You have the following rights regarding your personal data:

• Right to Access (Art. 15 GDPR): Request a copy of your data.
• Right to Rectification (Art. 16 GDPR): Correct inaccurate data.
• Right to Erasure (Art. 17 GDPR): Request the deletion of your data.
• Right to Restrict Processing (Art. 18 GDPR).
• Right to Data Portability (Art. 20 GDPR).
• Right to Object (Art. 21 GDPR): Object to processing based on legitimate interest.

To exercise these rights, please contact us at: iknnovating@gmail.com

We do not use automated decision-making or profiling (Art. 22 GDPR) that has legal effects on you.

8. Right to Complain

If you believe our processing of your data violates data protection law, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement (Art. 77 GDPR).

Lead Supervisory Authority (for iKreate Innovations OÜ):

Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)
Tatari 39, 10134 Tallinn, Estonia
Email: info@aki.ee

9. International Residents

For Residents of US States (CCPA/CPRA/VCDPA): We do not currently sell or share personal information as defined under these laws. You have rights to access, delete, and opt-out of data sales, which you can exercise by emailing iknnovating@gmail.com.

For UK Residents: UK GDPR applies; your rights are as described in the GDPR section above.

Integrated Cookie Policy

Last Updated: December 15, 2025

This Cookie Policy is an integrated part of our Privacy Policy.

What are Cookies?

Cookies are small text files stored by your web browser used to enhance functionality, manage preferences, or track anonymous usage behavior.

How We Use Cookies

Note: For a dynamic, real-time list, please utilize the automated "Cookie Declaration" script provided by Cookiebot on this page, as it will accurately reflect every cookie found during the last scan.

Managing Cookies

You can withdraw consent for Statistics cookies at any time via the "Cookie Settings" link in our footer. You can also disable cookies entirely in your browser settings; however, this may impair the basic functionality of the website.