Your Data Protection Rights

🇪🇺 GDPR Rights (European Union/EEA)

If you are located in the European Union, European Economic Area, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

1. Right to Access (Article 15)

You have the right to obtain:

• Confirmation that we are processing your personal data
• A copy of your personal data in a structured, commonly used format
• Information about how we process your data
• Categories of data we hold about you
• Recipients or categories of recipients of your data
• Retention periods for your data
• The source of your data (if not collected from you)

2. Right to Rectification (Article 16)

You can request correction of:

• Inaccurate personal data
• Incomplete personal data (by providing supplementary information)

3. Right to Erasure / "Right to be Forgotten" (Article 17)

You can request deletion of your data when:

• Data is no longer necessary for the purposes it was collected
• You withdraw consent and there's no other legal basis for processing
• You object to processing and there are no overriding legitimate grounds
• Data has been unlawfully processed
• Erasure is required for compliance with legal obligations

Note: We may retain certain data if required by law (e.g., tax records for 7 years) or to establish, exercise, or defend legal claims.

4. Right to Restriction of Processing (Article 18)

You can request we limit processing when:

• You contest the accuracy of data (during verification)
• Processing is unlawful but you don't want data deleted
• We no longer need the data but you need it for legal claims
• You've objected to processing (pending verification of grounds)

5. Right to Data Portability (Article 20)

You can receive your data in a machine-readable format and transmit it to another controller when:

• Processing is based on consent or contract
• Processing is carried out by automated means

We provide data exports in JSON format for easy portability.

6. Right to Object (Article 21)

You can object to processing based on:

• Legitimate interests: We must demonstrate compelling legitimate grounds or stop processing
• Direct marketing: We must stop processing immediately (no questions asked)
• Profiling: You can object to automated decision-making

7. Rights Related to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing that significantly affects you, except when:

• Necessary for entering or performing a contract
• Authorized by law
• Based on your explicit consent

Our Practice: While we use AI to generate suggestions, all final decisions (such as which jobs to apply for) are made by you. You are not subject to purely automated decision-making.

8. Right to Withdraw Consent (Article 7)

Where processing is based on consent, you can withdraw consent at any time. This does not affect the lawfulness of processing before withdrawal.

9. Right to Lodge a Complaint

You have the right to lodge a complaint with your supervisory authority:

• Where you reside
• Where you work
• Where the alleged infringement occurred

Find your Data Protection Authority: EDPB Member List

🇿🇦 POPIA Rights (South Africa)

If you are located in South Africa, you have the following rights under the Protection of Personal Information Act (POPIA):

POPIA Rights Include:

• Right to Access: Request confirmation of what personal information we hold and access it
• Right to Correction: Request correction or deletion of inaccurate, irrelevant, or outdated information
• Right to Object: Object to processing of your personal information
• Right to Restriction: Request we stop processing your information
• Right to Lodge a Complaint: Submit complaints to the Information Regulator

Information Regulator (South Africa)

🇺🇸 CCPA Rights (California)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

1. Right to Know

You can request information about:

• Categories of personal information collected
• Sources of personal information
• Business or commercial purpose for collecting
• Categories of third parties we share with
• Specific pieces of personal information we have about you

2. Right to Delete

You can request deletion of your personal information, subject to certain exceptions (legal obligations, fraud prevention, etc.).

3. Right to Opt-Out of Sale

4. Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights. You will receive the same level of service whether or not you exercise your rights.

5. Right to Correct

You can request correction of inaccurate personal information.

6. Right to Limit Use of Sensitive Personal Information

You can limit how we use sensitive personal information. We only use such information as necessary to provide the service.

🇬🇧 UK GDPR Rights (United Kingdom)

If you are located in the United Kingdom, you have the same rights as under EU GDPR:

• Right to be informed
• Right of access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object
• Rights related to automated decision-making

UK Information Commissioner's Office (ICO)

🌍 Universal Rights (All Users)

Regardless of your location, we provide the following rights to all users:

Basic Rights for Everyone

• Access Your Data: Request a copy of your personal information
• Correct Your Data: Update inaccurate information through account settings or by contacting us
• Delete Your Data: Request permanent deletion of your account and data
• Export Your Data: Download your data in portable format (JSON)
• Opt Out of Marketing: Unsubscribe from promotional emails
• Control Cookies: Manage cookie preferences through our banner
• Contact Support: Get help with privacy concerns

📝 How to Exercise Your Rights

Method 1: Self-Service (Recommended)

You can perform the following actions directly through your account:

• Edit CV/Resume: Dashboard → My CVs → Edit
• Delete CV/Resume: Dashboard → My CVs → Delete
• Manage Marketing Emails: Unsubscribe link in any email

Note: For all other data rights (account deletion, data export, profile updates, etc.), please contact us via email as described below.

Method 2: Email Request (Primary Method)

For most privacy requests, including account deletion, data export, and profile updates, email us at:

Method 2: Email Request

For requests that cannot be completed through account settings, email us at:

Verification Process

To protect your privacy, we must verify your identity before processing requests:

• We'll send a verification email to your registered email address
• You must confirm the request by clicking the verification link
• For sensitive requests, we may ask additional security questions
• We cannot process requests we cannot verify

Authorized Agents (California)

California residents can designate an authorized agent to make requests on their behalf. The agent must provide:

• Written authorization signed by you
• Proof of their identity
• Proof of your identity

⏱️ Response Times

Note: We aim to respond to all requests within the legal timeframes. In complex cases, we may extend the period by an additional 30/45 days with notification.

📢 Filing Complaints

If you believe we have not adequately addressed your privacy concerns, you can file a complaint with the appropriate authority:

Supervisory Authorities by Region

📞 Contact Our Data Protection Team