AutoCareer
PricingFAQHow it worksBlogContact
© 2026 AutoCareer
TermsPrivacy

Last updated: April 2026

Privacy Policy

What we collect, how we use it, and how we keep it safe.

AutoCareer ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your information when you use our AI-powered job application service at autocareer.ai (the "Service").

1. Information we collect

We collect the following categories of personal data:

  • Account information: name, email address, and hashed password when you create an account.
  • Profile data: phone number, address, date of birth, nationality, work authorization, and other demographic information you provide during onboarding.
  • Resume & professional data: uploaded resumes (PDF/DOCX), work history, education, skills, certifications, and career preferences.
  • Job preferences: target roles, preferred locations, salary expectations, work-mode preferences, and blocked companies.
  • Application data: records of jobs applied to, application status, confirmation screenshots, and submission logs.
  • Payment information: subscription plan, payment history, and billing cycle. Card details are processed and stored by our payment processor (Creem.io) — we do not store your card number.
  • Usage data: pages visited, features used, session duration, and browser/device information.
  • Authentication data: Google OAuth tokens if you sign in via Google. We receive your email and name from Google, never your Google password.

2. How we use your information

  • Job matching: we use your resume and preferences to match you with relevant job openings via vector similarity search.
  • Automated applications: we use your profile data and resume to fill out and submit job applications on your behalf through employer ATSes.
  • AI analysis: we process your resume text to extract skills, experience, and qualifications for better job matching and application quality.
  • Account management: to manage your subscription, process payments, and communicate service updates.
  • Service improvement: to improve our matching algorithms, application success rates, and user experience.

3. Third-party data processors

We share your data with the following third-party services to operate our platform:

  • OpenAI (USA): resume text and job descriptions are sent to generate vector embeddings for job matching. OpenAI does not use API data for training.
  • DeepSeek (China): resume summaries and job descriptions are processed for AI-powered job ranking and resume suggestions. No raw resume files are sent — only extracted text summaries.
  • Cloudflare R2 (USA): resume files, profile photos, and application screenshots are stored securely on Cloudflare's R2 object storage.
  • Creem.io: email and subscription details are shared to process payments. Creem handles all card processing — we never see or store your card number.
  • Vercel (USA): our application is hosted on Vercel's infrastructure. Request logs and error data may be processed by Vercel.
  • Hetzner (Germany): our database is hosted on Hetzner cloud infrastructure in Germany.

We do not sell your personal data. We do not share data with advertisers or data brokers.

4. Data retention

  • Account data: retained as long as your account is active. Deleted within 30 days of an account-deletion request.
  • Resume files: retained while your account is active. Deletable any time from the dashboard.
  • Application records: retained for 12 months for your reference, then archived.
  • Payment records: retained for 7 years for tax and legal compliance.
  • Usage logs: retained for 90 days, then deleted.

5. Data security

  • All data is transmitted over HTTPS (TLS encryption in transit).
  • Passwords are hashed using industry-standard algorithms — we cannot read your password.
  • Session cookies are Secure, HttpOnly, and scoped to our domain.
  • CSRF protection on all state-changing API endpoints.
  • Rate limiting on authentication endpoints.
  • Database access is restricted to authorized services only.

6. Your rights (GDPR)

If you are located in the European Economic Area (EEA) or UK, you have the following rights under GDPR:

  • Right of access: request a copy of all personal data we hold about you.
  • Right to rectification: request correction of inaccurate personal data.
  • Right to erasure: request deletion of your personal data.
  • Right to data portability: request your data in a structured, machine-readable format.
  • Right to object: object to processing of your personal data for certain purposes.
  • Right to restrict processing: request that we limit how we use your data.

To exercise any of these rights, email support@autocareer.ai. We respond within 30 days.

7. Your rights (CCPA)

If you are a California resident, you have additional rights under the CCPA:

  • Right to know the categories and specific pieces of personal information we collect.
  • Right to delete personal information we have collected.
  • Right to opt-out of sale: we do not sell personal information.
  • Right to non-discrimination for exercising your privacy rights.

8. Cookies

We use essential session cookies to keep you logged in and protect against CSRF attacks. These are strictly necessary for the Service to function. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

9. Children's privacy

Our Service is not intended for individuals under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, contact us immediately.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated "Last Updated" date.

11. Contact us

Questions about this policy or want to exercise your data rights? Email support@autocareer.ai.

← Back to home