C
Careerstic← Back to home

Privacy Policy

Last updated: March 2026

1. What Data We Collect

When you use Careerstic, we collect the following information:

  • Account information: your name and email address
  • Resume content: the text extracted from resumes you upload
  • Interview data: questions, your recorded answers, and AI feedback
  • Salary data: salary information you enter for negotiation coaching
  • Job applications: companies, roles, and statuses you track
  • Usage data: which features you use, to improve the product

2. How We Use Your Data

We use your data exclusively to provide and improve the Careerstic service:

  • To power AI features: resume optimization, interview prep, cover letters, and more
  • To personalize your experience and remember your preferences
  • To send transactional emails (account confirmations, receipts)
  • To analyze aggregate usage patterns and improve the product

We never sell your data to third parties. We do not share your resume, interview answers, or salary information with employers, recruiters, or advertisers.

3. AI Processing

Careerstic uses OpenAI's API to power AI features. When you use features like resume optimization, interview prep, or cover letter generation, relevant portions of your content are sent to OpenAI for processing.

Your data is not used to train OpenAI's AI models. We use the API in accordance with OpenAI's data usage policies for API customers, which prohibit using API inputs/outputs for model training without explicit consent.

4. Data Processing by Third Parties

We work with the following third-party services to operate Careerstic. Each is bound by their own privacy commitments:

OpenAI

Resume text and interview answers are sent to OpenAI's API for AI processing. OpenAI does not use this data to train their models per their enterprise data policy. Data sent to OpenAI is deleted from their systems within 30 days.

Supabase

Your data is stored on Supabase (AWS infrastructure, Mumbai region ap-south-1). All data is encrypted at rest using AES-256 and in transit using TLS. Your data stays in India.

Razorpay

Payment processing is handled by Razorpay. We do not store your credit card or bank details — all payment data is handled directly by Razorpay. Razorpay is RBI-compliant and PCI-DSS certified.

Vercel

The application is hosted on Vercel. Server-side rendering may process requests through Vercel's edge network. Vercel does not have access to your personal data beyond what is required for infrastructure operation.

5. Data Storage

Your data is stored in Supabase, hosted on Amazon Web Services (AWS) in the Mumbai (ap-south-1) region — keeping your data in India. All data is encrypted at rest and in transit.

Uploaded resume files are stored in Supabase Storage with access restricted to your account only.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, all your personal data, resumes, interview sessions, and job application records are permanently deleted within 30 days.

You can request data deletion at any time by contacting us at support@careerstic.com.

7. Data Deletion

You can delete your account at any time from your account Settings page. Account deletion is permanent and irreversible.

When you delete your account, we will permanently remove all your personal data including:

  • Your name, email, and profile information
  • All uploaded resumes and optimized versions
  • All interview prep sessions and AI feedback
  • All cover letters generated
  • All salary analyses and negotiation data
  • All job application tracking data

Data deletion is completed within 30 days. You will receive a confirmation email once deletion is complete.

8. Cookies

We use minimal cookies. The only cookie we set is an authentication session cookie, which keeps you logged in. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. Consent

By creating an account, you consent to the collection and processing of your personal data as described in this Privacy Policy. This consent covers the use of your data to provide AI-powered features, store your information, and process payments.

You can withdraw your consent at any time by deleting your account from Settings. Withdrawal of consent will result in the permanent deletion of all your data within 30 days.

10. Your Rights Under DPDP Act 2023

We are committed to compliance with India's Digital Personal Data Protection (DPDP) Act, 2023. As a Data Principal, you have the following rights:

  • Right to Access: Request a copy of all personal data we hold about you.
  • Right to Correction: Request correction of any inaccurate or incomplete personal data.
  • Right to Erasure: Request deletion of your account and all associated personal data.
  • Right to Nomination: Appoint another individual to exercise your data rights on your behalf in case of death or incapacity.
  • Right to Grievance Redressal: Lodge a complaint with us if you believe your data rights have been violated. We will respond within 30 days.

To exercise any of these rights, email our grievance officer at support@careerstic.com. We will acknowledge your request within 48 hours and respond within 30 days.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by email of any significant changes. The “Last updated” date at the top reflects when the policy was last revised.

12. Contact

For privacy questions or data requests, email us at support@careerstic.com. We aim to respond within 2 business days.

You can also reach us via the feedback form on your dashboard.