Careerops
Get Started

Privacy Policy

Last updated: April 2026

1. Data Controller

Careerops (“we”, “our”, “the Service”) is the data controller for personal data processed through careerops.space. For GDPR inquiries, contact us at privacy@careerops.space.

2. Data We Collect

We collect and process the following categories of personal data:

  • Account Data: Email address, name, and profile picture (provided via OAuth sign-in through Google or GitHub).
  • Resume Data: Resume content you create or upload within the Resume Builder, stored encrypted in our database.
  • Job Search Data: Search queries, job descriptions you submit for evaluation, and evaluation reports generated by our AI.
  • Payment Data: Transaction records (amount, date, credit balance). Payment card details are processed directly by Stripe and never stored on our servers.
  • Usage Data: Feature usage counts (for credit billing), timestamps, and anonymized analytics.

3. How We Use Your Data

  • To provide the Service: AI evaluation, job search, resume generation, and application assistance.
  • To process payments and manage your credit balance via Stripe.
  • To improve the Service through aggregated, anonymized usage analytics.
  • To communicate essential service updates (no marketing emails without consent).

4. Third-Party Processors

We use the following sub-processors. Each is bound by a Data Processing Agreement (Art. 28 GDPR):

  • Vercel (USA, EU regions): Application hosting, CDN, serverless functions.
  • Neon (PostgreSQL, EU region): Database hosting. Data stored in Frankfurt.
  • Stripe (Ireland / USA): Payment processing. Subject to Stripe’s Privacy Policy.
  • OpenAI (USA): Job descriptions and resume content sent to OpenAI for AI evaluation. Data is not used for model training (zero-retention API).
  • Apify (Czech Republic): Job-portal scraping. Public job listings only; no personal user data shared.
  • Tavily (USA): Web search for job discovery and company research. Search queries sent; no personal user data attached.
  • Resend (USA, EU region — planned Phase 4): Transactional email (verification, receipts).

5. Data Retention

We retain your data for as long as your account is active. Upon account deletion, all personal data (resumes, evaluations, search history) is permanently deleted within 30 days. Payment records are retained for 7 years as required by tax regulations.

6. Your Rights (GDPR)

Legal basis for processing: Art. 6(1)(b) GDPR (performance of a contract — providing the Service you signed up for). Under the General Data Protection Regulation, you have the right to:

  • Access & Portability: Receive a copy of all personal data we hold about you in a structured, machine-readable JSON format. Self-service via POST /api/account/export (button on your account page).
  • Rectification: Correct inaccurate personal data via the account page or by emailing us.
  • Erasure: Delete your account and all associated data (“right to be forgotten”). Self-service via POST /api/account/delete (button on your account page). Cascade-removes resumes, applications, credit history, and tailored packages immediately.
  • Restriction: Restrict processing of your personal data.
  • Objection: Object to processing based on legitimate interests.
  • Lodge a complaint: with your local supervisory authority (in Germany: BfDI or the state data protection authority).

For DPO contact and other inquiries: privacy@careerops.space. We respond within 30 days.

7. Cookies

We use only essential cookies for authentication (session token) and CSRF protection. No tracking cookies, no analytics cookies, no third-party advertising cookies. See our Cookie Policy for the full list.

8. Security

All data is transmitted over HTTPS/TLS. Database connections use SSL. Payment processing is handled by PCI DSS-compliant Stripe. We apply the principle of least privilege across all systems.

9. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via email to registered users at least 14 days before taking effect.

10. Contact

For privacy inquiries: privacy@careerops.space