This notice describes OpsTicket, operated by IT Custom Solution LLC. It is a product-data notice, not a claim that every optional integration or enterprise control is available.
Account identifiers and profile fields you provide; assessment commands, output, responses, and attempt metadata; recruiter pipeline and invitation data; billing references returned by Stripe; support messages; and bounded security and service telemetry. We do not need a resume or public profile to verify a non-PII certificate record.
We use data to authenticate accounts, provide requested product functions, calculate server-side rubric scores from bounded evidence bands, prevent abuse, support customers, process billing, comply with applicable obligations, and investigate service failures.
The evaluator returns bounded evidence bands from terminal commands and terminal output. The OpsTicket server validates those bands and computes the weighted score. A model response is not treated as the final numeric score.
OpsTicket relies on contracted infrastructure and service providers for hosting, edge delivery, database services, billing, email, error monitoring, and bounded model evaluation. The current provider list and purpose statements belong on the subprocessors page. A provider listing does not claim a certification or data-residency option.
We disclose data to service providers when needed to operate the service, to an organization that controls an account or assessment where the product relationship calls for it, when you direct us to share it, or when applicable law requires it. We do not publish candidate identity as part of a public certificate verification response.
Retention depends on the record, account state, contractual obligations, abuse prevention, and applicable law. An account deletion request begins a grace period before hard deletion. The deletion process removes private storage and owned records, detaches identity from eligible non-PII proof records, and retains only records that have a documented legal, security, or integrity purpose. We do not promise a backup-erasure deadline that has not been operationally verified.
You may request access, correction, export, or deletion through account controls or by contacting [email protected]. Requests are authenticated and handled under applicable law. Email opt-out requests are signed and recorded separately so suppression can continue after other account data is removed.
We use access controls and service safeguards appropriate to the system, but no internet service can promise absolute security. OpsTicket does not claim an external security certification, blanket encryption specification, universal row-level-security coverage, patch deadline, or incident-response time unless a signed agreement and current audit evidence support it.
The general service is not directed to children under 13. Education workflows require the applicable school, guardian, or age-based consent state before protected student activity is treated as active. Schools remain responsible for their own authority, notices, and records.
Material changes are published on this page with an updated effective date. We do not promise a fixed advance-notice period unless applicable law or a signed agreement requires one.
IT Custom Solution LLC, Attn: Privacy, 420 Lexington Avenue, Suite 1402, POB 1005, New York, NY 10170, USA.
Email: [email protected]. General support: [email protected].