Welcome to Starscreen. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered resume screening platform.
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
- Email address (required for authentication)
- Password (encrypted and hashed)
- Full name (optional)
- Company name (optional)
1.2 Resume and Candidate Data
When you upload resumes to Starscreen, we collect:
- Resume files (PDF, DOC, DOCX)
- Candidate information extracted from resumes (names, emails, phone numbers, skills, experience)
- Optional PII provided during upload (first name, last name, email)
- Job descriptions and requirements you create
1.3 Subscription and Payment Information
We use Stripe for payment processing. We collect:
- Subscription plan selection
- Payment history and invoices
Note: We do NOT store your credit card information. All payment data is securely handled by Stripe.
1.4 Usage Information
We automatically collect:
- IP address and device information
- Browser type and version
- Pages visited and features used
- Timestamps of actions
- Error logs and performance metrics
2. How We Use Your Information
We use your information for:
- Service Delivery: Process resumes, match candidates to jobs, provide AI-powered scoring
- Account Management: Create and manage your account, authenticate access
- Communication: Send verification emails, password resets, subscription notifications
- Billing: Process payments, send invoices, manage subscriptions
- Improvement: Analyze usage patterns, improve AI models, fix bugs
- Security: Detect fraud, prevent abuse, enforce terms of service
- Legal Compliance: Comply with legal obligations, respond to lawful requests
3. Data Sharing and Disclosure
We do NOT sell your personal information. We share data only in these limited circumstances:
3.1 Service Providers
- AWS: Cloud hosting, file storage (S3), database (RDS)
- OpenAI: AI-powered resume analysis (anonymized data sent for processing)
- Stripe: Payment processing and subscription management
- SendGrid/AWS SES: Email delivery
3.2 Legal Requirements
We may disclose information if required by law, court order, or government request.
3.3 Business Transfers
If Starscreen is acquired or merged, your information may be transferred to the new owner.
4. Data Security
We implement industry-standard security measures:
- Encryption: TLS/SSL for data in transit, AES-256 for data at rest
- Access Control: Multi-tenant isolation, role-based access control (RBAC)
- Authentication: JWT-based authentication, bcrypt password hashing
- Monitoring: Automated security scanning, intrusion detection
- Backups: Daily automated backups with 7-day retention
5. Data Retention
- Account Data: Retained until you delete your account
- Resume Data: Retained until you delete the candidate or job
- Billing Records: Retained for 7 years for tax compliance
- Logs and Analytics: Retained for 90 days
6. Your Rights (GDPR/CCPA)
You have the right to:
- Access: Request a copy of your personal data
- Correction: Update incorrect or incomplete data
- Deletion: Request deletion of your account and data
- Portability: Export your data in machine-readable format
- Opt-Out: Unsubscribe from marketing emails (we don't send any currently)
- Object: Object to automated decision-making
To exercise these rights, contact us at [email protected]
7. Cookies and Tracking
We use minimal cookies:
- Authentication Cookie: Keeps you logged in (JWT token)
- Session Cookie: Maintains your session state
We do NOT use third-party advertising cookies or tracking pixels.
8. Children's Privacy
Starscreen is not intended for users under 18. We do not knowingly collect information from children.
9. International Data Transfers
Your data is stored on AWS servers in the United States. By using Starscreen, you consent to data transfer to the US.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email.
11. Contact Us
For general inquiries: [email protected]