Home Ai Analyzer

Privacy Policy

How we handle your data — no legal fog, just straight answers.

Last updated: March 2026

1. What We Collect

When you use Career Gap, we collect the following depending on how you interact with the service:

  • CV / Resume data — the PDF you upload or the text you paste. This is sent to our AI provider for analysis and is not permanently stored on our servers after processing.
  • Account information — if you sign up, we collect your email address and a password. Your password is stored using industry-standard one-way hashing (bcrypt) and is never stored in readable form. Even we cannot see your password.
  • Analysis results — your match scores, skill gaps, and career advice are saved to your account so you can revisit them.
  • IP address — used for rate limiting and guest trial tracking. Not linked to your identity.
  • Target location — the city or region you enter (or that we detect from your CV) to find relevant jobs.

We do not ask for or collect government IDs, financial records, social security numbers, or any sensitive personal data. Please avoid including such information in your uploads.

2. How We Use It

Your data is used solely to power the service you signed up for:

  • Extracting your skills and experience from your CV.
  • Searching live job postings that match your profile and location.
  • Running AI-powered gap analysis between your CV and real job descriptions.
  • Generating your career report, including match scores, missing skills, career pivots, and resume tips.
  • Sending you report emails when you request them.

3. What We Don't Do

We never sell your data We never serve ads We never share CVs with employers We never read your password

Your CV content is processed by our AI provider to generate your analysis and is not used to train AI models, sold to recruiters, or shared with any party beyond what is necessary to deliver the service.

4. Cookies & Tracking

We use a minimal set of cookies — only what's needed for the service to function:

  • Session cookie — keeps you logged in. Expires when you close your browser or after inactivity.
  • Guest trial cookie — a signed, HTTP-only cookie that tracks how many free analyses you've used (up to 3). Contains only a number, no personal data. Expires after 1 year.
  • Session storage — used in your browser to remember whether you dismissed the sign-up prompt. Not sent to our servers.

We do not use analytics trackers, advertising pixels, fingerprinting, or any third-party tracking scripts.

5. Third-Party Providers

To deliver the service, your data passes through these specific providers:

Provider Purpose What They Receive
Groq AI analysis (LLM) Your CV text + job description text
SerpAPI Live job search Job role + location (no CV data)
Resend Email delivery Your email address + report HTML
Railway Application hosting All application data (encrypted in transit)
Upstash Redis cache Temporary session data (expires in 15 min)
Cloudinary Media storage Static assets only — no user data

Each provider has their own privacy policy. We select providers that offer encryption in transit and reasonable data handling practices.

6. Data Storage & Security

We take the following measures to protect your data:

  • Passwords are hashed with bcrypt — a one-way algorithm designed to be slow to brute-force. We cannot reverse or read your password.
  • All connections use HTTPS (TLS encryption in transit).
  • Guest trial cookies are cryptographically signed to prevent tampering.
  • CSRF tokens protect all form submissions.
  • Rate limiting is applied across all endpoints to prevent abuse.
  • Pending analysis data in Redis expires automatically after 15 minutes.

No method of transmission over the Internet is 100% secure. We implement industry-standard protections but cannot guarantee absolute security.

7. Data Retention

  • CV text — processed in memory during analysis. Not permanently stored on our servers after your report is generated.
  • Analysis results — saved to your account. We keep a maximum of 10 analyses per user. When you exceed this limit, the oldest analysis is automatically deleted.
  • Pending analysis data — stored temporarily in Redis and automatically deleted after 15 minutes.
  • Guest IP records — stored for trial tracking purposes. Contain only the IP address and usage count.
  • Account data — retained until you request deletion.

8. Your Rights

You have the right to:

  • Export your data — you can download any analysis as a PDF report directly from the app.
  • Delete your data — you can request full account deletion by contacting us. We will remove your account, all saved analyses, and any associated data.
  • Access your data — all your saved analyses are visible in your account dashboard at any time.
  • Opt out of emails — report emails are only sent when you explicitly click "Send to Email." We do not send marketing emails.

9. Geographic Scope

Career Gap serves users across multiple regions including Saudi Arabia, the UAE, the United Kingdom, the United States, and parts of Europe. Our infrastructure and data handling practices are designed with this in mind.

If you're in a region with specific data protection rights and feel something isn't right, reach out to us and we'll sort it out.

10. Contact

If you have questions about this policy, want to request data deletion, or need to report a concern, please reach out via the email link in the footer. We aim to respond within 48 hours.

Back to Ai Analyzer