FresherBot
Sign inApply

Security & Privacy

Your cohort's data never leaves our infrastructure in raw form — here's how.

We don't pipe student data into LLMs.

Chat is an intent layer, not a data layer. When analysis requires data, we dummify it first — names, emails, phones, and college identifiers become placeholders. The AI's answer is remapped back to the real records on your side.

The short version

  • Chat understands what you're asking — it does not see real names, emails, or phone numbers.
  • Data-heavy analysis runs on masked records (student_01, student_02, …) before being sent to a model.
  • The model's answer is remapped back to real records in our database — you see the real answer, the model never did.
  • PII (email, phone) is masked in the UI too. Revealing it requires your password and is written to the audit log.
  • No student data is used to train any third-party model. No retention beyond request lifetime on the model side.

How it works (technical)

Step 1
You ask a question

Your message goes to a small intent classifier. Its only job is to decide: is this a data query, an ingest action, or just chat?

Step 2
Data is dummified

If data is needed, we pull the relevant rows, replace names / emails / phones / college with stable placeholders, and keep a local mapping table.

Step 3
Model does the reasoning

The masked rows plus the question go to the AI model. It reasons on the shape of the data — not on who the students are.

Step 4
Answer is remapped

When the model points at student_07, we swap it back to the real row and return the answer to you with full-fidelity identifiers.

What we mask, what we keep

Field
Sent to the model as
Student name
student_01, student_02…
Email
(removed entirely)
Phone
(removed entirely)
Roll number
roll_01, roll_02…
College name
college_01
CGPA / scores
kept — needed for ranking
Branch / year
kept — needed for filtering
Skills
kept — needed for matching
Offer status
kept — needed for reasoning

Fields marked kept are non-identifying on their own. Fields markedremoved or replaced never leave our servers in raw form.

No model poisoning, no training leakage

We call third-party models through their standard API — never their training endpoints. Model providers we use contractually agree not to retain or train on prompts. Because we send only dummified records, even a provider breach would reveal no identities.

Your controls in the app

  • Masked by default: email and phone are visually masked on every page.
  • Password to reveal: unmasking a student's PII requires re-entering your password.
  • Audited: every reveal is recorded in the audit log with actor, field, student, IP, and timestamp.
  • Scoped access: users only see students that belong to their college.
  • Source-of-truth trail: every record stores the Excel row it came from, so you can verify an answer end-to-end.

Data at rest

Your placement data lives in a PostgreSQL database on our hosting provider. Traffic is TLS 1.2+. Backups are encrypted and retained for 30 days. Passwords are hashed with bcrypt. Access to production requires MFA and leaves an audit trail.

Questions?

If you're evaluating us for a placement cell and want a deeper security review, email info@fresherbot.com or see the privacy policy for regulatory details.

Have a security question? Get in touch →