Legal

Privacy Policy

Last updated: March 2026

1. Who we are

CareerPair ("we", "us", "our") operates the CareerPair platform at careerpair.co. We help job seekers build resumes, write cover letters, and track job applications. This policy explains what data we collect, why, and how we protect it.

2. Data we collect

  • Account data — email address, hashed password, registration date.
  • Profile data — name and profile picture if you sign in with Google.
  • Resume & document data — content you create or import (resume text, cover letters, job descriptions).
  • Usage data — pages visited, features used, error logs.
  • Session data — session tokens stored server-side in Redis.

3. How we use your data

  • To provide and improve the CareerPair service.
  • To send transactional emails (email confirmation, password reset, job alerts).
  • To process your resume content through AI models (OpenAI) to generate suggestions.
  • To authenticate your account and maintain your session.

4. Third-party services

  • Paddle — payment processing and subscription billing. Paddle acts as our Merchant of Record and collects your name, email, and billing information during checkout. Paddle's Privacy Policy applies to payment data.
  • OpenAI — resume and cover letter AI processing. Your content may be sent to OpenAI's API. OpenAI's data usage policy applies.
  • Google OAuth — if you choose to sign in with Google.
  • Resend — transactional email delivery.
  • Cloudflare R2 — file storage for uploaded documents.
  • Sentry — error monitoring (stack traces, no PII).

5. Data retention

We retain your data for as long as your account is active. If you delete your account, your personal data and documents are permanently deleted within 30 days.

6. Cookies

We use a session cookie (connect.sid) to maintain your login session. Our payment provider Paddle may set additional cookies for fraud prevention and checkout functionality. We do not use third-party advertising cookies.

7. Your rights

You have the right to access, correct, or delete your personal data at any time. To request deletion or a copy of your data, contact us at [email protected].

8. Payments & billing data

Subscription payments are processed by Paddle, who acts as the Merchant of Record for all transactions. We do not store credit card numbers or payment details — all billing data is handled directly by Paddle. We only receive your subscription status, plan details, and Paddle customer identifier to manage your account.

9. Security

We use HTTPS, server-side sessions, and hashed passwords. We do not store plaintext passwords or payment information. No system is 100% secure — please use a strong, unique password.

10. Changes to this policy

We may update this policy as our service evolves. We will notify you of significant changes by email or via an in-app notice.

11. Contact

Questions? Email us at [email protected].