Security & data
How we handle your data
What we collect, why, how long we keep it, and what you can do about it.
Last updated March 7, 2026
What we store and why
| Data type | Purpose | Retention | Your control | Processor |
|---|---|---|---|---|
| Resume upload text (analysis input) | Generate recruiter-style feedback, scoring, and rewrite guidance. | Processed to generate results. Raw input is not stored for anonymous runs. | Sign in to save your history, or delete your account in Settings. | OpenAI, Supabase |
| Report output + resume preview | So you can open past reports, compare versions, and export. | Saved when you keep a report or run one while signed in. Deleted when you delete the report or your account. | Delete individual reports in History, or delete your account in Settings. | Supabase |
| Saved resume profile (default resume) | Job matching and extension workflows. | Stored until you replace it or delete your account. | Replace or remove it in Settings > Matching, or delete your account. | Supabase, OpenAI (embeddings) |
| LinkedIn profile input | Generate profile feedback and recommendations for your LinkedIn. | Saved in your report history when you're signed in. | Delete individual reports in History, or delete your account in Settings. | OpenAI, Supabase |
| Account identity (email, name) | Authentication, account access, and support communication. | Retained while account is active. | Update your profile in Settings, or delete your account. | Supabase |
| Usage, reliability, and abuse-prevention metadata | Rate limiting, reliability diagnostics, billing state, and product health. | Retained for product operation and security needs. | Deleting your account removes app-level history. | Supabase, Sentry, Vercel |
| Product analytics and conversion telemetry | Measure product quality, onboarding friction, and billing funnel health when analytics is enabled. | Retained under the analytics vendors' configured retention windows. | Respects browser Do Not Track and can be disabled at launch. | Mixpanel, Vercel |
| Billing events and invoices | Charge processing, receipts, subscription lifecycle, and dispute handling. | Managed under Stripe billing retention policies. | Manage billing and receipts in Stripe portal. | Stripe |
What we commit to
- Your file is encrypted when you upload it.
- Anonymous reports are not saved to an account automatically.
- Signed-in reports save your history and a short resume preview. You can delete both from Reports or Settings.
- Deleting your account removes your reports and usage history from our database.
- Payment info is handled by Stripe. We never see your card.
- We don't sell your data.
- We don't use your data to train AI models.
- Browser session replay stays off by default.
- Scores estimate your resume's hiring signal. They don't predict hiring outcomes.
- Your first full report is free. No credit card needed.
- You see exactly what you're unlocking before you pay.
- If payment goes through but access looks locked, restore it from Billing.
- All receipts and invoices are available in Billing.
- You can export your data from Settings anytime.
- Security reports can be sent using the disclosure instructions on our Security and Status pages.
Responsible disclosure
If you discover a security issue, please email support@recruiterinyourpocket.com with steps to reproduce it. Our canonical disclosure instructions are also published at /.well-known/security.txt.