Overview

This Privacy Policy explains how HireMeh (the “Service”) collects, uses, and protects your information. By using the Service, you agree to this Policy and our Terms of Service.

Information We Collect

• Account data (email and authentication identifiers) via Supabase Auth.
• Profile and resume content you provide (e.g., experience, skills, projects, uploads).
• Application and journal data you enter in product workflows.
• Billing metadata (Stripe customer id, price ids) necessary to process purchases; we do not store full card details.
• Service usage and technical logs for security and reliability.

How We Use Information

• Authenticate and manage sessions using Supabase.
• Operate resume tailoring and insights, including AI‑powered features.
• Provide billing, subscriptions, credits, and passes using Stripe.
• Generate signed URLs for media you store (e.g., profile pictures) via Supabase Storage.
• Improve reliability, troubleshoot, and protect against abuse.
• Communicate important notices related to your account or purchases.

Data Sharing

We do not sell your personal information. We share limited data with service providers strictly to operate the Service:

• Supabase for authentication, session management, and storage.
• Stripe for payments, subscriptions, credits, and passes.
• LLM providers used to power AI features; relevant prompt text may be sent when you use those features.
• Pusher/WebSockets for real‑time features where enabled.

AI Processing

When you use AI features, we may send relevant text from your resume content and job descriptions to LLM providers to generate suggestions. Avoid including sensitive personal data in prompts. AI outputs can contain errors; review before use.

Data Access & Portability

You can export your account data from the Account Management page using the Export button. No manual API calls are required.

Deletion

You can delete your account and associated content from the Account Management page using the Delete Account button. Some records (e.g., minimal billing records, security logs) may be retained as required by law or for fraud prevention.

Data Retention

We retain data for as long as necessary to provide the Service and comply with legal obligations. Storage items (like profile pictures) use signed URLs and can be removed by deleting or replacing the file path.

Your Choices

• Export and delete your data from Account Management using the provided buttons.
• Update your profile and resume content within the application.
• Control cookies and local storage via your browser; disabling may impact functionality.

Security

We implement administrative and technical safeguards appropriate for the data we process, including authenticated endpoints, signed storage URLs, and role‑based access in the backend. No method of transmission or storage is 100% secure.

Children

The Service is not directed to individuals under 13 (or the minimum age in your jurisdiction). We do not knowingly collect data from children.

Regional Disclosures

If you are in a region with specific privacy rights (e.g., GDPR/EEA, CCPA/CPRA), you may have rights to access, delete, or correct data. Use the export and deletion endpoints or contact us to exercise these rights.

Changes

We may update this Policy from time to time. We will post updates with a new “Last updated” date. Material changes may be communicated through the Service.

Contact

Questions about this Policy? Please reach out via our Contact page.