Privacy Policy

Last updated: January 2025

1. Introduction

CareerProof.ai ("we", "our", or "us") is committed to protecting your personal data in accordance with the Personal Data Protection Act 2012 of Singapore ("PDPA") and other applicable data protection laws. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our career intelligence platform and services.

2. Data Controller

CareerProof.ai operates from Singapore. For any questions regarding this Privacy Policy or your personal data, please contact us at: privacy@careerproof.ai

3. Personal Data We Collect

We may collect the following types of personal data:

  • Account Information: Email address, name, and password (encrypted)
  • Career Data: Resume/CV content, job titles, skills, work experience, and career goals that you provide for analysis
  • Usage Data: Information about how you interact with our platform, including features used and analysis requests
  • Technical Data: IP address, browser type, device information, and cookies for platform functionality
  • Payment Data: Payment method information processed through our payment provider (we do not store full card details)
  • Communication Data: Any correspondence or feedback you send to us
  • Consent Records: Records of your consent to this Privacy Policy, Terms of Service, and marketing preferences

4. How We Use Your Personal Data

We use your personal data for the following purposes:

  • To provide and maintain our career intelligence services
  • To analyze your career profile and generate personalized insights using AI
  • To authenticate your identity and manage your account
  • To process payments and manage subscriptions
  • To improve and optimize our platform and AI-driven features
  • To communicate with you about service updates and support
  • To send marketing communications (only with your consent)
  • To comply with legal obligations and protect our legitimate interests

5. Legal Basis for Processing

Under the PDPA, we process your personal data based on:

  • Consent: You have given consent for processing for specific purposes
  • Contractual Necessity: Processing is necessary to provide services you requested
  • Legitimate Interests: Processing is necessary for our legitimate business interests
  • Legal Compliance: Processing is required to comply with applicable laws

6. Third-Party Service Providers

We work with trusted third-party service providers to deliver our services. Below is a detailed disclosure of our key service providers and how they may access your data:

OpenAI (AI Processing)

  • Purpose: We use OpenAI's GPT models to power our AI career analysis, resume optimization, and career guidance features
  • Data Shared: Your resume/CV content, career questions, and profile information are sent to OpenAI for AI processing
  • Data Location: OpenAI processes data in the United States
  • Data Retention: OpenAI does not retain your data for training purposes under our business API agreement
  • Privacy Policy: openai.com/privacy

Airwallex (Payment Processing)

  • Purpose: We use Airwallex to process payments, manage subscriptions, and handle credit purchases
  • Data Shared: Your email address, name, and payment method information
  • Data Location: Airwallex is headquartered in Singapore with global processing capabilities
  • Security: Airwallex is PCI DSS Level 1 certified. We do not store your full payment card details
  • Privacy Policy: airwallex.com/privacy

Railway (Cloud Hosting)

  • Purpose: We use Railway to host our application infrastructure, databases, and services
  • Data Stored: All your account data, career information, and application data is stored on Railway's infrastructure
  • Data Location: Singapore - Your data is stored in Singapore and does not leave the region
  • Security: Railway provides enterprise-grade security including encryption at rest and in transit
  • Privacy Policy: railway.app/legal/privacy

Google & Apple (OAuth Authentication)

  • Purpose: Optional sign-in via Google or Apple accounts for convenience
  • Data Received: Your email address and name (if you choose to sign in with these providers)
  • Data Shared: We do not share your CareerProof data back to Google or Apple
  • Privacy Policies: Google | Apple

Tavily (Market Research)

  • Purpose: We use Tavily to gather real-time market intelligence and career insights from public sources
  • Data Shared: Anonymous search queries based on industry and role categories (not your personal data)
  • Privacy Policy: tavily.com/privacy

7. Data Sharing Summary

We may share your personal data with:

  • Service Providers: As detailed in Section 6 above
  • Legal Requirements: When required by law, regulation, or legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal data to third parties for marketing purposes.

8. International Data Transfers

Your primary data (account information, career data, and application data) is stored in Singapore on Railway's infrastructure. However, some data may be transferred to other countries when processed by our service providers:

  • AI Processing (OpenAI): Your career content is sent to the United States for AI analysis
  • Storage & Database: Remains in Singapore
  • Payments (Airwallex): Processed within Airwallex's global network, headquartered in Singapore

We ensure appropriate safeguards are in place to protect your data in accordance with PDPA requirements for overseas transfers, including contractual protections with our service providers.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure password hashing using industry-standard algorithms
  • Access controls and authentication for our systems
  • Regular security reviews and monitoring
  • Secure hosting with enterprise-grade infrastructure

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.

10. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws:

  • Account Data: Retained while your account is active and for 30 days after deletion request
  • Career Analysis Data: Retained while your account is active
  • Payment Records: Retained for 7 years for tax and legal compliance
  • Consent Records: Retained for the duration of consent plus 7 years

When your data is no longer needed, we will securely delete or anonymize it.

11. Your Rights Under the PDPA

Under the PDPA, you have the right to:

  • Access: Request access to your personal data held by us
  • Correction: Request correction of inaccurate or incomplete personal data
  • Withdrawal of Consent: Withdraw your consent for processing at any time
  • Data Portability: Request a copy of your data in a structured format
  • Deletion: Request deletion of your personal data (subject to legal requirements)

To exercise these rights, please contact us at privacy@careerproof.ai. We will respond to your request within 30 days.

12. Marketing Communications

We will only send you marketing communications if you have opted in during registration or through your account settings. You can opt out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Updating your preferences in your account settings
  • Contacting us at privacy@careerproof.ai

Please note that even if you opt out of marketing, we may still send you important service-related communications about your account.

13. Cookies and Tracking

We use essential cookies to ensure our platform functions properly. These cookies are necessary for authentication and security purposes. We do not use third-party tracking or advertising cookies without your explicit consent.

14. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our platform with a revised "Last updated" date. For significant changes, we may also notify you by email. Your continued use of our services after changes indicates acceptance of the updated policy.

16. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact our Data Protection Officer at:

CareerProof.ai

Email: privacy@careerproof.ai

Singapore

You may also lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore if you believe your data protection rights have been violated.

← Back to Sign Up|Terms of Service