Hirable
Get started

Privacy Policy

Last updated: May 2026

1. Introduction

Hirable ("we," "our," or "us") operates an AI-powered SaaS platform that generates ATS-friendly resumes tailored to specific job postings. This Privacy Policy explains how we collect, use, share, and protect your information when you use our website, application, Chrome extension, and related services (collectively, the "Service"). By using the Service, you agree to the practices described in this policy.

2. Information We Collect

2.1 Information You Provide

When you create a profile and use our Service, you may provide:

  • Professional profile data — work history, education, skills, certifications, projects, languages, and awards
  • Resume-import data — uploaded resumes, pasted resume text, and the structured profile draft extracted from that content
  • Contact information — phone number, LinkedIn URL, GitHub URL, and portfolio URL
  • Job information — job titles, company names, and job descriptions you submit for resume tailoring
  • Generated content — resumes (PDF/DOCX) and cover letters created through the Service
  • Payment information — processed entirely by Stripe; we never see or store your credit card numbers

2.2 Information from OAuth Providers

We use Clerk for authentication via Google and Apple OAuth. When you sign in, we receive your email address and display name from your OAuth provider. We do not store passwords — authentication is managed entirely by Clerk.

2.3 Information Collected Automatically

When you access the Service, we automatically collect:

  • IP address and approximate location
  • Browser type and version
  • Device type and operating system

We do not use third-party analytics services (such as Google Analytics or Mixpanel). Our authentication provider, Clerk, sets essential session cookies but its telemetry features are disabled.

2.4 Information from the Chrome Extension

Our optional Chrome extension scrapes job postings from job boards on your behalf. When activated, it collects the job title, company name, and job description from the page you are viewing, and sends that data to our backend for resume tailoring. The extension only operates when you explicitly trigger it.

2.5 Sensitive Information We Do Not Request

Hirable does not ask you to provide Social Security numbers, government ID numbers, passport numbers, driver's license numbers, credit card numbers, dates of birth, photographs, race or ethnicity, gender, disability status, religious affiliation, or other sensitive identifiers. Please do not upload resumes or documents that contain this information.

Because resume files and pasted resume text are user-submitted, they may accidentally contain sensitive identifiers. When you import a resume, we scan the extracted text before sending it to an AI provider. Depending on the type of information detected, we may block the import until you remove or acknowledge the risk, redact matching values before AI processing, or warn you before continuing.

Our sensitive-information scan logs only summary metadata, such as the category and count of findings. It does not log the matched Social Security number, credit card number, passport number, driver's license number, or date-of-birth value itself.

3. How We Use Your Information

We use the information we collect to:

  • Deliver the Service — generate tailored resumes and cover letters, analyze job descriptions, and match your skills to job requirements
  • Process AI-powered generation — send relevant profile and job data to AI providers to produce resume content on your behalf
  • Manage your account — authenticate your identity, process payments, and maintain your profile
  • Communicate with you — send transactional emails, service updates, and optional marketing communications
  • Improve the Service — use bug reports, support requests, and general usage patterns to enhance features, fix issues, and inform product decisions
  • Comply with legal obligations — respond to lawful requests and enforce our terms

4. AI Processing

To generate resumes and cover letters, we send portions of your profile data and job description information to third-party AI providers such as Google Gemini (our current provider; providers may change over time). The data sent may include your work history, skills, education, and the target job description — limited to what is necessary for content generation.

Resume import requires your consent before AI processing. If our import scanner detects sensitive identifiers in the extracted resume text, we may block the import until you remove or acknowledge those findings. We redact matching sensitive identifier values from the text sent to AI providers when our scanner classifies them as blocking or redactable.

We do not use your resume data to train AI models. Your data is sent to AI providers solely for the purpose of generating the specific content you requested. Under our API agreements, AI providers process this data transiently and do not retain it for their own training purposes.

AI providers operate under their own privacy policies and terms of service. We select providers that offer commercial API terms with appropriate data handling commitments, but we encourage you to review their policies as well.

5. Information We Share

We never sell your personal information. We share data only with the following categories of service providers, and only to the extent necessary to operate the Service:

  • Clerk — authentication and session management (receives your OAuth credentials and email)
  • Stripe — payment processing (receives billing information directly; we never handle your card details)
  • Google Cloud Platform — infrastructure hosting and file storage (all user data is stored on GCP servers)
  • AI providers (e.g., Google Gemini) — content generation (receives profile excerpts and job descriptions as described in Section 4)
  • Legal authorities — when required by law, court order, or governmental regulation, or to protect the rights and safety of our users

6. Chrome Extension Data

The Hirable Chrome extension is an optional tool that lets you capture job postings directly from job board websites. Here is how it handles your data:

  • What it collects — job title, company name, and job description text from the active page, only when you trigger the extension
  • How data is transmitted — scraped data is sent over HTTPS to our backend API for processing
  • Authentication — the extension uses a user-scoped API key (not your password) that you can revoke at any time from your dashboard
  • Your control — you can disable or uninstall the extension at any time; it does not run in the background or collect data without your explicit action

7. Cookies & Tracking

We use a minimal set of cookies to operate the Service:

  • Essential session cookies — set by Clerk for authentication; these are httpOnly and secure cookies required for sign-in functionality

We do not use analytics cookies, third-party advertising cookies, or cross-site tracking technologies. We do not serve ads. If we introduce analytics in the future, we will update this policy accordingly.

8. Data Security

We take the security of your data seriously and implement the following measures:

  • All data in transit is encrypted using HTTPS/TLS
  • Data at rest is encrypted on Google Cloud Platform infrastructure
  • API keys are cryptographically hashed before storage — we cannot view your raw keys
  • Authentication credentials are managed by Clerk and never stored in our database

While we strive to protect your personal information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but are committed to following industry best practices.

9. Data Retention

  • Active accounts — your data is retained for as long as your account remains active and is necessary to provide the Service
  • Deleted accounts — account deletion starts immediate removal of your Hirable profile, generated files, uploaded files, and account data; invoices, receipts, charge records, refunds, and minimal audit records may be retained where required for tax, accounting, fraud prevention, dispute handling, or legal compliance, with personal references redacted where possible
  • AI processing data — data sent to AI providers for content generation is processed transiently and is not retained by providers under our API terms

10. Your Rights

You have the following rights regarding your personal data:

  • Access — request a summary of the personal data we hold about you by emailing us; we will respond within 30 days
  • Correction — update or correct inaccurate information in your profile at any time through your account settings
  • Deletion — delete your account and all associated data from your account settings
  • Marketing opt-out — unsubscribe from marketing emails at any time using the link in each email

Structured data export for portability is not yet available but is on our roadmap. To exercise any of these rights, contact us at privacy@hirable.me.

11. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a person under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us at privacy@hirable.me.

12. International Users

Hirable is based in and operates from the United States. All data is processed and stored on servers located in the United States via Google Cloud Platform. If you access the Service from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States. By using the Service, you consent to the transfer and processing of your data in the United States.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email at least 30 days before the changes take effect and update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

14. Contact

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at privacy@hirable.me.

Privacy Policy | Hirable