Privacy Policy

Last updated: August 8, 2025

This Privacy Policy explains how Autofolio ("Autofolio", "we", "us") collects, uses, discloses, and safeguards personal information when you access or use our websites, applications, and related services (collectively, the "Service"). By using the Service you agree to the practices described below. If you do not agree, please do not use the Service.

Controller

For the purposes of applicable data‑protection laws, Autofolio is the controller of your personal information processed in connection with the Service. Where we act as a processor on your behalf (for example, processing files you upload to build a portfolio), we will process such data only under your instructions and as required to provide the Service.

Personal Information We Collect

Information you provide to us

  • Account data (name, email, authentication identifiers).
  • Portfolio content, including resume files, profile details, and media.
  • Support communications and feedback.
  • Subscription and billing identifiers received from our payment processor.

Information collected automatically

  • Log and device data (browser type, IP address, timestamps, URLs).
  • Product analytics (page views, feature usage, referral data).
  • Cookies, local storage, and similar technologies (see “Cookies & Tracking”).

Information from third parties

  • Authentication providers for sign‑in and profile data.
  • Payment processors for subscription and invoice information.
  • Vendors that provide infrastructure, storage, security, and AI processing.

Legal Bases for Processing (EEA/UK)

We process personal information on the following legal bases:

  • Contract: to provide and support the Service you request.
  • Legitimate interests: to secure, improve, and market the Service.
  • Consent: where required, e.g., certain analytics/marketing cookies.
  • Legal obligation: to comply with law, tax, and regulatory requirements.

How We Use Information

  • Deliver, maintain, personalize, and improve the Service and features.
  • Generate portfolio content from your uploaded resumes using AI tooling.
  • Authenticate users; prevent fraud, abuse, and security incidents.
  • Provide customer support and communicate about updates and changes.
  • Process payments and manage subscriptions through Stripe.
  • Perform analytics to understand usage and guide product decisions.
  • Comply with legal obligations and enforce our Terms of Service.

AI/LLM Processing

Autofolio may send text you provide (such as resume text) to AI/LLM providers to extract, structure, or generate content. We apply data‑minimization practices and do not share billing information with AI providers. We do not use your portfolio content to train our models except as necessary to provide the Service; any third‑party model training is controlled by those providers’ terms. Do not upload confidential or sensitive personal information you do not wish to process with AI.

Sharing of Information

We share information with the following categories of recipients:

  • Hosting, storage, analytics, and security vendors.
  • Authentication and communication providers.
  • Payment processors (e.g., Stripe) for billing and subscription management.
  • Professional advisors, auditors, and legal authorities where required by law.
  • In connection with a merger, acquisition, or asset sale (with notice where required).

We do not sell your personal information.

International Data Transfers

We may transfer personal information to countries other than your own, including the United States, where our vendors operate. Where required, we implement appropriate safeguards such as Standard Contractual Clauses. By using the Service you authorize such transfers subject to applicable law.

Data Retention

We retain personal information for as long as necessary to provide the Service, to comply with legal obligations, resolve disputes, and enforce agreements. You can delete uploaded files and portfolio content at any time from your account. Backups may persist for a limited period before being purged.

Cookies & Tracking

We use cookies and similar technologies for authentication, security, preferences, analytics, and performance. You can control cookies through browser settings and available consent tools. Our Service does not respond to "Do Not Track" signals.

Your Rights

Depending on your location, you may have the right to request access, correction, deletion, portability, restriction, or objection to certain processing. You may also withdraw consent where processing is based on consent. California residents may have additional rights to opt out of certain sharing and to limit the use of sensitive personal information.

To exercise rights, please contact us via the Contact page. We will verify requests as required by law and respond within applicable timelines.

Security

We implement reasonable technical and organizational measures designed to protect personal information (e.g., encryption in transit, access controls, monitoring). No security program is perfect; you are responsible for maintaining the security of your credentials and promptly notifying us of suspected compromise.

Children

The Service is not directed to children under 13 (or the age of digital consent in your jurisdiction). We do not knowingly collect data from children. If you believe a child has provided personal information, please contact us to request deletion.

Changes to this Policy

We may update this Privacy Policy from time to time. We will update the date above and, where required, provide additional notice (e.g., via the Service or email).

Contact

Questions about this policy or our data practices? Contact us via the Contact page.