Privacy Policy

1. Scope and Application

This Policy applies to personal information handled by us in connection with:

• Visitors to our public marketing website and landing pages;
• Registered users and account holders of the Services;
• Prospective customers, business contacts, and support users;
• Any individual whose personal information is included in resume content, application drafts, profile information, or uploaded materials processed through the Services.

In this Policy, "personal information" has the meaning given under the Privacy Act 1988 (Cth), and includes "personal data" under equivalent international privacy laws where applicable.

2. Categories of Personal Information We Collect

Depending on how you use the Services, we may collect:

• Identity and account data: name, email address, login credentials, account preferences, and authentication session data.
• Profile and professional data: resume content, work history, education, skills, portfolio links, certifications, profile notes, and cover letter content.
• Application and job data: target job descriptions, role preferences, location preferences, salary expectations, and generated draft metadata.
• Usage and device data: interaction logs, browser and device identifiers, IP address, timestamps, crash/error telemetry, and feature usage metrics.
• Communications data: support tickets, feedback submissions, survey responses, and correspondence with our team.
• Transactional data: billing contact data and plan/subscription metadata if paid features are used.

3. How We Collect Personal Information

We collect personal information from:

• Information you provide directly to us;
• Information automatically collected when you use the Services;
• Integrations or third-party sources you connect or authorise;
• Publicly available sources where reasonably necessary for the function of our Services.

Where reasonable and practicable, we collect personal information directly from you.

4. Purposes of Processing and Legal Bases

We process personal information only where there is a valid reason to do so. Our purposes include:

• Providing, maintaining, and improving the Services;
• Generating resume drafts, cover letters, and role-fit analyses;
• Personalising your experience and retaining user preferences;
• Account authentication, fraud prevention, and platform security;
• Customer support, communications, and service notifications;
• Compliance with legal obligations and dispute handling;
• Internal analytics, testing, and service reliability work.

For individuals in jurisdictions requiring legal basis disclosure (for example the EU/EEA or UK), our bases may include:

• Performance of a contract with you;
• Legitimate interests not overridden by your rights;
• Compliance with legal obligations;
• Consent, where consent is required or requested.

5. Sensitive Information

We do not intentionally require sensitive information (as defined under Australian law) to provide core functionality. If sensitive information is included in content you submit, you acknowledge that:

• You choose to provide that information for document drafting or optimisation purposes;
• You are responsible for reviewing generated outputs before use;
• We will handle that information in accordance with this Policy and applicable law.

6. Cookies, Similar Technologies, and Analytics

We use cookies and similar technologies for security, session continuity, performance, and product analytics. These technologies may store unique identifiers and usage metadata.

You may manage cookie settings via your browser controls.

Disabling certain cookies may affect product functionality, security features, or sign-in persistence.

7. AI Processing and Automated Assistance

ResumePilot uses automated systems, including AI-powered services, to assist with drafting, ranking, and content optimisation. Automated assistance may process resume and job-related text to generate suggestions and documents.

We do not represent that AI outputs are error-free, complete, or suitable as legal, immigration, employment, financial, or career advice. You remain responsible for reviewing and approving all outputs before use.

8. Disclosure of Personal Information

We may disclose personal information to the following categories of recipients where reasonably necessary:

• Service providers and subprocessors supporting hosting, analytics, authentication, storage, communications, and product operations;
• Professional advisers (for example legal, audit, compliance, or insurance advisers);
• Government, regulatory, law enforcement, or dispute-resolution authorities where required or permitted by law;
• A buyer, investor, or successor entity in connection with a merger, acquisition, restructure, or asset transfer, subject to confidentiality and lawful handling obligations.

We do not sell personal information for third-party advertising purposes.

9. Overseas Disclosure and Cross-Border Transfers

Given the cloud-based nature of our Services, personal information may be processed in Australia and other jurisdictions where our vendors or infrastructure providers operate.

Where APP 8 applies, we take reasonable steps to ensure overseas recipients handle personal information in a manner substantially consistent with Australian privacy requirements, including through contractual controls, security due diligence, and transfer safeguards.

10. Data Security

We implement technical and organisational safeguards designed to protect personal information against misuse, interference, loss, and unauthorised access, modification, or disclosure. These measures include access controls, least-privilege design, encryption in transit, monitoring, and secure development practices.

No method of transmission or storage is completely secure. Accordingly, we cannot guarantee absolute security.

11. Data Retention and De-identification

We retain personal information only for as long as reasonably necessary for the purposes described in this Policy, including for legal, operational, and security requirements.

When personal information is no longer required, we take reasonable steps to destroy or permanently de-identify it, unless retention is required or authorised by law.

12. Your Privacy Rights

Subject to applicable law, you may have rights to request access to and correction of personal information we hold about you.

Depending on your location, you may also have rights to request deletion, restrict processing, object to processing, withdraw consent (where processing is consent-based), or receive a copy of certain personal information in a portable format.

To exercise rights, contact us using the details in Section 17. We may request identity verification before processing a request.

13. Direct Marketing and Service Communications

We may send service-related communications that are necessary for account operation, security, or contractual performance.

Where permitted by law, we may send product updates and marketing communications. You can opt out of marketing communications at any time via unsubscribe links or by contacting us.

14. Children and Minors

The Services are intended for individuals who can lawfully form a binding contract in their jurisdiction. We do not knowingly collect personal information from children in breach of applicable law.

If you believe a child has provided personal information to us without appropriate consent, contact us and we will investigate and take appropriate action.

15. Notifiable Data Breaches and Incident Response

We maintain security incident response processes. Where required under applicable law (including Australia's Notifiable Data Breaches scheme), we will notify affected individuals and/or regulators of eligible data breaches within required timeframes.

16. Complaints and Dispute Resolution

If you have a privacy concern or complaint, contact us first so we can attempt to resolve the issue promptly and fairly.

If you are not satisfied with our response, and you are in Australia, you may contact the Office of the Australian Information Commissioner (OAIC) regarding your complaint.

17. Contact Us

Privacy contact: privacy@vectorfy.co

General support: privacy@vectorfy.co

We may request additional details to verify your identity and process your request securely.