Privacy Policy

1. Who we are

CareerSuite AI is an AI-powered career document platform. We provide tools for resume rewriting, cover letter generation, cold email writing, and LinkedIn post creation. Our website is at https://careersuite.co.

For privacy enquiries contact us at: hello@careersuite.co

2. What information we collect

Information you provide directly

• Account information: Your email address and password when you create an account.
• Resume and career content: Resume text, LinkedIn PDFs, job descriptions, and other career documents you paste, upload, or enter. This may include your name, contact details, employment history, education, and skills.
• Job search data: Roles, companies, and application statuses you track using our Job Search Tracker.
• Payment information: We do not store your card details. Payment processing is handled entirely by Stripe. We receive only a Stripe Customer ID confirming your subscription status.
• Communications: Any messages you send us by email.

Information collected automatically

• Usage data: Pages visited, features used, and time spent on the site.
• Technical data: IP address, browser type, device type, and operating system.
• Cookies: Session cookies for authentication. See Section 9 for details.

3. How we use your information

We use your information to:

• Provide, operate, and maintain the CareerSuite AI service
• Process your career documents using AI and return results to you
• Save your generated documents so you can access them later
• Manage your account, subscription, and payment status
• Send transactional emails (account confirmation, password reset)
• Respond to support requests and detect fraud or abuse
• Comply with legal obligations

4. AI processing and your content

When you use our generation tools, your input content (resume, job description, background details) is sent to Anthropic's Claude API to generate a response. This is the core function of our service.

• Your content is transmitted to Anthropic for the sole purpose of generating your requested output.
• Anthropic's data handling: Anthropic does not use API customer data to train their models by default. See Anthropic's privacy policy.
• We do not retain your raw input content on our servers beyond what is necessary to return a response. Generated outputs are saved to your account if you are signed in.
• LinkedIn PDF processing: When you upload a LinkedIn PDF, it is read in your browser, converted to base64, and sent to the AI. The PDF file itself is not stored on our servers.

5. Who we share data with

Anthropic (AI processing)

Your document content is sent to Anthropic to generate AI outputs. View Anthropic's privacy policy.

Supabase (database and authentication)

Your account data and generated documents are stored in Supabase, a PostgreSQL database service hosted on AWS. Data is encrypted at rest and in transit. View Supabase's privacy policy.

Stripe (payment processing)

All payments are handled by Stripe. We share your email with Stripe at checkout and receive only a Customer ID. We never see or store your card number. View Stripe's privacy policy.

Cloudflare (infrastructure)

Our site and API proxy run on Cloudflare, which may process your IP address. View Cloudflare's privacy policy.

We do not sell, rent, or trade your personal data to any third party for marketing purposes.

6. Data storage and security

• Data is stored in Supabase on AWS infrastructure.
• All data encrypted in transit (TLS 1.2+) and at rest.
• Row Level Security ensures users can only access their own data.
• Passwords are hashed with bcrypt and never stored in plaintext.
• Authentication tokens are stored in your browser's local storage.

No system is completely secure. If you believe your account has been compromised, contact us immediately at hello@careersuite.co.

7. How long we keep your data

• Account data: Retained for as long as your account is active.
• Generated documents: Retained until you delete them or close your account.
• Payment records: 7 years as required by financial regulations.
• Analytics data: 26 months, then deleted.

To delete your account and all associated data, email hello@careersuite.co and we will action it within 30 days.

8. Your rights

Depending on your location, you may have rights to access, correct, delete, and port your personal data, and to object to or restrict its processing. These rights apply under GDPR (EEA), UK GDPR, and the Australian Privacy Act 1988.

To exercise any right, email hello@careersuite.co. We will respond within 30 days.

9. Cookies

• Authentication cookies: Essential session tokens set by Supabase to keep you logged in. These cannot be disabled without breaking login.
• Analytics cookies: Anonymised page view tracking, if enabled. These do not identify you personally.

We do not use advertising or third-party marketing cookies.

10. Children's privacy

CareerSuite AI is intended for users aged 16 and over. We do not knowingly collect data from children under 16. If you believe a child has provided us with data, contact us and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes we will notify you by email. Continued use after changes are posted constitutes acceptance.

12. Contact us

For any questions or requests relating to this Privacy Policy: