CareerPilot AI
Legal

Privacy Policy

Last updated: June 22, 2026

This policy describes what data CareerPilot AI collects, how we use it, and the rights you have over it. We're a small team — this is the actual policy, not legal boilerplate copy-pasted from a generator.

What we collect

When you sign up and use CareerPilot, we collect:

  • Account info — email, password hash (bcrypt, never plaintext), optional name, and your OAuth provider ID if you sign in via Google.
  • Your resume file — the PDF or DOCX you upload. We extract structured data from it (name, location, work history, skills, etc.) and store both the file and the structured data.
  • Profile preferences — desired roles, salary floor, remote preference, excluded companies, alert settings. All voluntary; you decide what to fill in.
  • Activity data — which jobs you saved, applied to, tailored, and the chat conversations you had. Needed to make the product work.
  • AI usage telemetry — for each AI call we record provider (Anthropic / Voyage), model, token counts, and estimated cost. Used for billing transparency on the Pro plan.

What we do NOT collect

  • No third-party advertising trackers (no Google Analytics, no Meta pixel, no Hotjar).
  • No cross-site tracking cookies.
  • No fingerprinting, no device telemetry beyond standard server access logs.
  • No reading of files outside what you explicitly upload.

Where your data lives

All data is stored in Neon Postgreshosted in AWS US-East-1. Resume files are stored on the application server's local filesystem (encrypted at rest via the underlying infrastructure). Embeddings (numerical vectors derived from your profile and job descriptions) live in the same database via the pgvector extension.

AI processing

We use third-party AI providers to power the features that require AI:

  • Anthropic Claude (Sonnet 4.6 and Haiku 4.5) — for resume extraction, scoring, tailoring, cover letters, and career chat. Per Anthropic's API terms, your data is not used to train their models. Inputs and outputs are retained briefly for safety review then deleted; Anthropic does not retain user-identifying content for longer than 30 days.
  • Voyage AI (voyage-3 embedding model) — for semantic matching. Same no-training guarantee.

We don't send your data to any other AI provider. We don't train our own models on your data either. If we ever change that, we'll require explicit opt-in and update this page first.

Who can see your data

  • You — full access to everything on the account.
  • Our AI providers — only the specific inputs needed for each call (your resume text to tailor a resume, a job description to score it, etc.). They're bound by their published privacy terms.
  • Our SMTP provider (Namecheap PrivateEmail) — delivers your digest emails. They see your email address and the digest contents at delivery time.
  • No one else. We don't sell, rent, or share your data with marketers, recruiters, advertisers, or data brokers.

Cookies and local storage

See our Cookie Policy for the full list. Short version: session auth, theme preference, sidebar state. No tracking.

Your rights

  • Access — view all your data through the app at any time.
  • Edit — change anything via the Profile page.
  • Delete — Settings → Delete account. Removes your User row, profile, resumes (file + DB), job matches, saved jobs, tracker entries, tailored resumes, cover letters, chat history, and OAuth links. The wipe is immediate and complete; no soft-delete recovery.
  • Export — coming soon. In the interim, email info@surgepulse.org and we'll send you a JSON dump within 5 business days.

Data retention

Account data is kept as long as your account is active. If you delete your account, everything is removed immediately as described above. Server access logs are retained for 30 days for security and debugging. Backups are kept for 14 days then overwritten.

Children

CareerPilot is intended for adult job seekers. We don't knowingly collect data from anyone under 16. If you believe a minor has created an account, email us and we'll delete it.

Changes to this policy

We'll update this page when material things change and email account holders at least 7 days before significant changes take effect. The "last updated" date at the top reflects the most recent edit.

Questions? Email info@surgepulse.org and we'll respond within 2 business days.