Privacy Policy
How CareerRecon collects, uses, and protects your personal information.
CareerRecon ("we," "our," or "us") is a Colorado-based limited liability company (LLC). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the CareerRecon platform, Chrome extension, API, and related services (collectively, the "Services").
By creating a CareerRecon account or using our Services, you agree to the practices described in this Privacy Policy.
1. Information We Collect
1.1 Information You Provide Directly
- Account Information: Name, email address, and password when you register for an account
- Profile Information: Work history, education, skills, certifications, resume content, career goals, employment preferences, and salary expectations
- Application Materials: Resume versions, cover letters, and other application documents you create or import
- Preferences and Settings: Target roles, industries, geographies, employment type preferences, and companies or keywords to avoid
- Communications: Messages, support requests, and correspondence you send to us
1.2 Information Collected Automatically
- Usage Data: Features used, pages visited, clicks, search queries within the platform, and session duration
- Device and Browser Information: Browser type, operating system, screen resolution, and IP address
- Extension Activity: With your explicit consent, the Chrome extension collects information about job listings you view and contact research you initiate while using CareerRecon workflows
- Email Metadata: When you connect your Gmail account via OAuth, we access subject lines, sender and recipient addresses, and timestamps of emails relevant to your job search (application confirmations, recruiter outreach, interview scheduling). We do not read the full body of emails without your explicit instruction to do so.
1.3 Information from Third-Party Services
- Job Boards and Aggregators: Publicly available job listing data retrieved via SerpAPI, Remotive, and niche board integrations (ISACA, ISSA, iSecJobs)
- Contact Enrichment: Publicly available professional contact information from services including Hunter.io and Tomba.io, used to surface networking contacts at target companies
- Authentication Providers: If you sign in via Kinde, we receive your email address and name from that provider
2. How We Use Your Information
We use the information we collect to:
- Provide the Services: Operate the job discovery, application generation, pipeline tracking, and networking features
- Personalize Your Experience: Score and rank job opportunities against your stated preferences; generate tailored application materials
- Communicate with You: Send morning standup reports, follow-up reminders, pipeline summaries, and product updates
- Improve the Platform: Analyze usage patterns to identify bugs, improve feature quality, and build new capabilities
- Ensure Security: Monitor for unauthorized access, fraud, abuse, and violations of our Terms of Service
- Comply with Legal Obligations: Respond to lawful requests from government authorities or courts
We do not sell your personal information to third parties. We do not share your resume, application materials, or career goals with employers or recruiters without your explicit action (e.g., you choosing to submit an application).
3. How We Share Your Information
We may share your information with:
- Service Providers: Third-party vendors who help us operate the platform (cloud hosting, email delivery, analytics, AI model providers). These providers are contractually prohibited from using your data for any purpose other than providing services to us.
- AI Model Providers: When you generate application materials, relevant portions of your profile and the job description are sent to AI model providers (Anthropic, Google) for processing. We use contractual protections and, where available, API agreements that prohibit training on your data.
- Legal Requirements: If required by law, court order, or government authority, we may disclose your information as necessary.
- Business Transfers: In the event of a merger, acquisition, or sale of substantially all of our assets, your information may be transferred. We will notify you of any such change.
4. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion + 30 days |
| Resume and application drafts | 2 years from last modification |
| Job opportunity data | 1 year from discovery |
| Email metadata | 90 days |
| Usage and activity logs | 1 year |
| Support communications | 3 years |
After the applicable retention period, data is deleted or anonymized. You may request earlier deletion at any time (see Section 5).
5. Your Rights and Choices
Regardless of your location, we honor the following rights:
- Access: Request a copy of the personal data we hold about you
- Correction: Request that we correct inaccurate or incomplete data
- Deletion: Request deletion of your account and associated personal data
- Portability: Request an export of your data in a machine-readable format
- Opt-Out of Communications: Unsubscribe from marketing emails at any time via the link in any email
- Revoke Integrations: Disconnect your Gmail account or Chrome extension data sharing from your account settings at any time
To exercise any of these rights, contact us. We will respond within 30 days.
California residents may have additional rights under the CCPA. Contact us to learn more.
6. Security
We implement industry-standard security practices to protect your information:
- Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher
- Encryption at Rest: Personal data stored in our databases is encrypted using AES-256
- Secret Management: All credentials and API keys are managed through a password management system with zero plaintext storage
- Access Controls: Access to production systems and personal data is restricted to authorized personnel on a need-to-know basis
- Audit Logging: Access to personal data is logged and reviewed regularly
No security system is perfect. If you believe your account has been compromised, contact us immediately.
7. Cookies and Tracking
CareerRecon uses cookies and similar technologies to operate the platform, maintain your session, and understand how the Services are used. We do not use third-party advertising trackers or sell data to ad networks.
The following table describes the cookies and tracking technologies currently in use:
| Cookie / Technology | Provider | Purpose | Further Information |
|---|---|---|---|
| Session cookies | Kinde | Authentication and session management. Required to keep you signed in and secure your account. | Kinde Cookie Policy |
Clarity cookies (_clck, _clsk, MUID, CLID) | Microsoft Clarity | Analytics, session recording, and heatmaps to understand how users interact with the marketing site. No personally identifiable information is collected. | Clarity Cookie Documentation |
Google Analytics 4 integration is implemented but not currently active. If enabled in the future, GA4 cookies (_ga, _ga_*, _gid) would be used for website traffic analysis. We will update this policy before activating any additional tracking technologies.
You may disable cookies in your browser settings. Note that doing so may affect the functionality of certain platform features, particularly authentication.
8. Children's Privacy
CareerRecon is not intended for users under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has created an account, please contact us and we will delete the account.
9. Changes to This Policy
We will notify you of material changes to this Privacy Policy via email at least 14 days before the changes take effect. Continued use of the Services after the effective date constitutes acceptance of the updated policy.
10. Contact Us
CareerRecon Boulder, CO, USA
For privacy inquiries, data requests, or security concerns, please contact us.