CraftCareer Logo
CraftCareer

Privacy Policy

Last Updated: October 27, 2025

At CraftCareer, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and share your personal information.

1. Introduction

Welcome to CraftCareer ("we," "our," or "us"). This Privacy Policy describes how CraftCareer collects, uses, and shares your personal information when you use our AI-powered career management platform (the "Service").

By accessing or using CraftCareer, you agree to the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

Important: This policy applies to all users of CraftCareer, including free and premium subscribers.

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly to us:

  • Account Information: Name, email address, password, and profile photo
  • Contact Information: Phone number, mailing address (if provided)
  • Payment Information: Billing details, credit card information (processed securely through third-party payment processors)
  • Professional Information: Job title, company, industry, years of experience

2.2 Resume and Career Data

When you use our resume building and optimization features, we collect:

  • Resume Content: Work experience, education, skills, certifications, projects
  • Job Preferences: Desired job titles, industries, locations, salary expectations
  • Application History: Jobs applied to, application status, interview notes
  • Career Goals: Professional objectives, target companies, career timeline
  • Document Uploads: Resumes, cover letters, portfolios, and other career documents

2.3 Usage Data

We automatically collect certain information when you use our Service:

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Information: Pages viewed, features used, time spent on platform, search queries
  • Performance Data: Error logs, system diagnostics, feature performance metrics
  • Analytics Data: User behavior patterns, feature engagement, conversion metrics

2.4 Communications

  • Email correspondence with our support team
  • Feedback, survey responses, and user research participation
  • Community forum posts and comments (if applicable)

3. How We Use Your Information

3.1 AI Processing and Career Optimization

  • Resume Analysis: AI algorithms analyze your resume to provide optimization suggestions, ATS compatibility scores, and improvement recommendations
  • Job Matching: Machine learning models match your skills and experience with relevant job opportunities
  • Career Recommendations: Personalized career path suggestions based on your profile and goals
  • Content Generation: AI-powered writing assistance for resumes, cover letters, and LinkedIn profiles
  • Interview Preparation: Custom interview questions and practice scenarios based on your target roles

3.2 Service Provision and Improvement

  • Provide, maintain, and improve our Service
  • Process payments and manage subscriptions
  • Send transactional emails (account updates, password resets, billing notifications)
  • Provide customer support and respond to inquiries
  • Detect, prevent, and address technical issues and security threats
  • Conduct research and development to enhance our AI capabilities

3.3 Marketing and Communications

  • Send promotional emails about new features, tips, and special offers (with your consent)
  • Personalize your experience based on your preferences and usage patterns
  • Conduct surveys and gather feedback to improve our Service

Note: You can opt-out of marketing communications at any time through your account settings or email unsubscribe links.

3.4 Legal Compliance

  • Comply with legal obligations and enforce our Terms of Service
  • Protect our rights, privacy, safety, and property
  • Respond to lawful requests from public authorities

4. Data Storage and Security

4.1 Data Storage

  • Location: Your data is stored on secure cloud servers compliant with industry standards
  • Retention: We retain your personal data for as long as your account is active or as needed to provide services
  • Backups: Regular encrypted backups are maintained for disaster recovery purposes
  • Data Residency: Data may be transferred to and processed in countries outside your country of residence

4.2 Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption: SSL/TLS encryption for data in transit and AES-256 encryption for data at rest
  • Access Controls: Role-based access control (RBAC) and multi-factor authentication for administrative access
  • Network Security: Firewalls, intrusion detection systems, and DDoS protection
  • Regular Audits: Periodic security audits and vulnerability assessments
  • Employee Training: All staff undergo security awareness training
  • Incident Response: Documented procedures for responding to security breaches

Important: While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

5. Third-Party Services and Data Sharing

We may share your information with trusted third-party service providers who assist us in operating our platform:

5.1 Payment Processors

  • Stripe/Razorpay: Process payments and manage subscriptions (they receive billing information but not resume content)
  • Payment processors operate under their own privacy policies
  • We do not store complete credit card information on our servers

5.2 AI and Machine Learning APIs

  • OpenAI, Anthropic, Google: Power our AI resume optimization and content generation features
  • Resume content is sent to these APIs for processing but is not used to train their models without explicit consent
  • All API communications are encrypted and comply with data protection standards

5.3 Analytics and Performance

  • Google Analytics: Track website usage and user behavior (anonymized data)
  • Performance Monitoring: Tools like Sentry for error tracking and performance optimization

5.4 Cloud Infrastructure

  • AWS/Google Cloud: Host our application and store data securely
  • CDN Providers: Deliver content efficiently across global regions

5.5 When We Share Data

We may share your information in the following circumstances:

  • With Your Consent: When you explicitly authorize data sharing
  • Legal Requirements: To comply with laws, regulations, or legal processes
  • Business Transfers: In connection with mergers, acquisitions, or asset sales (users will be notified)
  • Aggregate Data: Anonymized, aggregated data for research and industry insights

We Never: Sell your personal information to third parties or share your resume content with employers without your explicit permission.

6. Your Rights and Choices

You have the following rights regarding your personal information:

6.1 Access and Portability

  • Access Your Data: Request a copy of all personal data we hold about you
  • Data Export: Download your resumes, cover letters, and profile data in portable formats (PDF, DOCX, JSON)
  • Account Dashboard: View and manage your information through your account settings

6.2 Correction and Update

  • Edit Profile: Update your account information, preferences, and profile details at any time
  • Correct Inaccuracies: Request correction of any inaccurate or incomplete data

6.3 Deletion and Deactivation

  • Delete Account: Request complete deletion of your account and associated data
  • Delete Specific Data: Remove individual resumes, documents, or profile sections
  • Retention Period: Deleted data is permanently removed within 30 days (unless required by law to retain)
  • Backup Copies: Backups containing your data will be deleted within 90 days

6.4 Communication Preferences

  • Opt-Out: Unsubscribe from marketing emails via account settings or email links
  • Notification Settings: Control email, SMS, and push notification preferences
  • Transactional Emails: Some service-related emails (password resets, billing) cannot be disabled

6.5 Object to Processing

  • Marketing: Object to use of your data for marketing purposes
  • AI Processing: Opt-out of certain AI features while maintaining basic functionality
  • Analytics: Disable analytics tracking through browser settings or privacy preferences

6.6 How to Exercise Your Rights

To exercise any of these rights:

We will respond to your request within 30 days.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform.

7.1 Types of Cookies We Use

Essential Cookies (Required)

Necessary for the website to function properly. These cannot be disabled.

  • Authentication and session management
  • Security and fraud prevention
  • Load balancing and performance optimization

Functional Cookies (Optional)

Remember your preferences and settings.

  • Language and region preferences
  • Theme settings (light/dark mode)
  • Recently viewed resumes and jobs

Analytics Cookies (Optional)

Help us understand how users interact with our platform.

  • Page views and user journeys
  • Feature usage and engagement metrics
  • Performance monitoring

Marketing Cookies (Optional)

Used to deliver relevant advertisements and measure campaign effectiveness.

  • Retargeting and remarketing
  • Conversion tracking
  • A/B testing and personalization

7.2 Managing Cookies

  • Cookie Consent Banner: Manage your preferences when you first visit our site
  • Account Settings: Update cookie preferences in Settings > Privacy
  • Browser Settings: Configure cookie settings directly in your browser
  • Do Not Track: We respect Do Not Track (DNT) browser signals

7.3 Third-Party Cookies

Some cookies are placed by third-party services:

  • Google Analytics (analytics)
  • Social media plugins (Facebook, LinkedIn, Twitter)
  • Payment processors (Stripe, Razorpay)

These third parties have their own privacy policies governing cookie use.

8. GDPR and International Data Protection

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and other data protection laws.

8.1 Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract Performance: To provide our Service under our Terms of Service
  • Legitimate Interest: To improve our Service, prevent fraud, and ensure security
  • Consent: For marketing communications and optional features (you can withdraw consent anytime)
  • Legal Obligation: To comply with applicable laws and regulations

8.2 GDPR Rights

Under GDPR, you have the right to:

  • Right to Access: Obtain confirmation of data processing and a copy of your data
  • Right to Rectification: Correct inaccurate or incomplete personal data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data in certain circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent for processing at any time
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

8.3 International Data Transfers

Your data may be transferred to and processed in various locations to provide our services. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • Appropriate safeguards to protect your data rights

8.4 Data Protection Officer

For GDPR-related inquiries, you can contact our Data Protection Officer at: dpo@craftcareer.org

8.5 Other Data Protection Laws

We also comply with:

  • CCPA (California Consumer Privacy Act): Rights for California residents
  • PIPEDA (Canada): Privacy rights for Canadian users
  • LGPD (Brazil): Data protection for Brazilian users
  • Other Regional Laws: Applicable data protection regulations in your jurisdiction

9. Children's Privacy

CraftCareer is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16.

If we discover that we have inadvertently collected information from a child under 16, we will delete that information immediately. If you believe we have collected information from a child under 16, please contact us at privacy@craftcareer.org.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make changes:

  • We will update the "Last Updated" date at the top of this page
  • For material changes, we will notify you via email or prominent notice on our platform
  • We will provide at least 30 days' notice before changes take effect
  • Your continued use of our Service after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email

privacy@craftcareer.org

For general privacy inquiries

Data Protection Officer

dpo@craftcareer.org

For GDPR and data protection matters

Security Team

security@craftcareer.org

For security concerns and data breach reports

We aim to respond to all privacy-related inquiries within 30 days.

This Privacy Policy is effective as of October 27, 2025. By using CraftCareer, you acknowledge that you have read and understood this Privacy Policy.

Terms of ServiceContact Support