Privacy Policy

At Workzil, Inc. ("Workzil," "we," "us," or "our"), we are committed to protecting the privacy and security of your personal information. This Privacy Policy ("Policy") explains how we collect, use, disclose, and safeguard your information when you use our website at www.workzil.com, our mobile applications, APIs, and related services (collectively, the "Services").

This Policy is effective as of January 1, 2025. By accessing or using the Services, you consent to the collection, use, and disclosure of your information as described in this Policy. If you do not agree with this Policy, please do not access or use the Services.

We may update this Policy from time to time. We will notify you of material changes by posting the revised Policy on our website and, where appropriate, sending you a notification. We encourage you to review this Policy periodically.

When you create an account or interact with the Services, we collect the following identity and account information:

• Name and contact details: Your full name, email address, phone number, and mailing address.
• Authentication data: Information necessary to authenticate your identity, managed through Clerk, including login credentials, session tokens, and multi-factor authentication data.
• Professional profile: Your resume, curriculum vitae (CV), cover letters, work history, education, skills, certifications, portfolio links, and professional references.
• Job preferences: Desired job titles, locations, salary expectations, remote work preferences, industry preferences, and availability.
• Profile photo: An optional profile image you choose to upload.
• Employer data: If you use the Services as an employer, we collect company name, company size, industry, job posting details, and hiring preferences.

We automatically collect certain technical information when you access the Services:

• IP address: Your Internet Protocol address, which may be used for approximate geolocation, security, and analytics purposes.
• Browser information: Browser type and version, browser language, and browser settings.
• Device information: Device type (desktop, mobile, tablet), operating system and version, device identifier, screen resolution, and hardware capabilities.
• Network information: Internet service provider, connection type, and network speed.
• Referring URL: The web page or source that directed you to our Services.

This information is collected through standard web technologies including cookies, pixel tags, and server logs. For more details on cookies, please see our Cookie Policy.

We collect data about how you interact with the Services to improve your experience and optimize our platform:

• Page views and navigation: Pages visited, time spent on each page, and navigation patterns within the Services.
• Feature usage: Which features you use, how frequently you use them, and in what context.
• Click and interaction data: Buttons clicked, links followed, forms submitted, and other interactive elements engaged with.
• Search queries: Search terms entered within the Services, including job search queries and filters applied.
• Session data: Session duration, frequency of visits, and timestamps of activity.
• Error and performance data: Error logs, crash reports, and performance metrics that help us identify and fix issues.

When you use our job search and application features, we collect specific data related to your job-seeking activities:

• Search queries: Job titles, keywords, locations, and filters you use when searching for positions.
• Saved jobs: Positions you bookmark or save for later review.
• Application history: A complete record of jobs you have applied to, including application dates, materials submitted, and application statuses.
• Application materials: Tailored resumes, cover letters, and responses to application questions generated or submitted through the platform.
• Job match data: AI-generated match scores, recommendation rankings, and the underlying factors used to calculate them.
• Pipeline data: Your organization of applications into custom pipeline stages and notes associated with each application.

This data is used to personalize your job search experience, improve our matching algorithms, and provide application tracking functionality.

When you use our Interview Rehearsal feature, we collect the following data:

• Interview recordings: Audio and/or video recordings of your mock interview sessions. These recordings are processed by our AI systems to provide feedback and are stored securely.
• Transcripts: AI-generated transcriptions of your interview responses.
• Performance analytics: AI-generated assessments of your interview performance, including metrics on communication clarity, response relevance, confidence indicators, and improvement suggestions.
• Practice history: A record of your mock interview sessions, including topics covered, questions asked, and scores received over time.

Important: Interview recordings are stored for your personal use and review. They are not shared with employers or other third parties without your explicit consent. You may delete your interview recordings at any time through your account settings.

When you subscribe to a paid plan, your payment information is processed securely by Stripe, our third-party payment processor. Workzil does not directly store your full credit card numbers or bank account details.

Information collected through Stripe includes:

• Name on the payment method
• Billing address
• Last four digits of your card number (for display purposes)
• Card brand and expiration date
• Transaction history and payment amounts

Stripe processes and stores your payment information in accordance with the Payment Card Industry Data Security Standard (PCI DSS). For more information, please review Stripe's Privacy Policy.

We collect information from your communications with us and through the Services:

• Support tickets: Messages you submit through our contact form, help center, or email, including attachments and metadata.
• In-app messages: Communications sent through the platform, such as messages between job seekers and employers.
• Marketing preferences: Your opt-in or opt-out preferences for marketing communications, newsletters, and promotional offers.
• Surveys and feedback: Responses to surveys, feedback forms, and product research you voluntarily participate in.

We use the information we collect for the following purposes:

• Provide and maintain the Services: To operate the platform, authenticate your identity, process your job applications, deliver AI-generated content, and facilitate interactions between job seekers and employers.
• Personalize your experience: To customize job recommendations, tailor AI-generated content to your profile, and display relevant information based on your preferences and behavior.
• Improve and develop the Services: To analyze usage patterns, conduct research, train and improve our AI models (using anonymized and aggregated data), and develop new features and products.
• Process payments: To manage subscriptions, process billing transactions, and send payment-related communications.
• Communicate with you: To send service updates, security alerts, billing notifications, marketing communications (where you have opted in), and responses to your inquiries.
• Ensure security and compliance: To detect and prevent fraud, abuse, and security incidents, to enforce our Terms of Service, and to comply with legal obligations.
• Legal compliance: To comply with applicable laws, regulations, legal processes, and government requests.

We retain your personal information for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law. Specifically:

• Active accounts: We retain your information for as long as your account is active and you continue to use the Services.
• After account deletion: Following account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required for legal compliance, fraud prevention, or legitimate business purposes.
• Interview recordings: Mock interview recordings are retained for 12 months from the date of creation, unless you delete them earlier.
• Application data: Job application records are retained for 24 months to maintain your application history and for legal compliance.
• Payment records: Transaction and billing records are retained for 7 years to comply with tax and financial reporting obligations.
• Analytics data: Aggregated and anonymized analytics data may be retained indefinitely to improve the Services.

Depending on your location, you may have the following rights regarding your personal information:

Under the General Data Protection Regulation (GDPR) — for EU/EEA residents:

• Right of access: You have the right to request a copy of the personal data we hold about you.
• Right to rectification: You have the right to request correction of inaccurate or incomplete personal data.
• Right to erasure: You have the right to request deletion of your personal data ("right to be forgotten") under certain circumstances.
• Right to restrict processing: You have the right to request that we restrict the processing of your personal data.
• Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to object: You have the right to object to the processing of your personal data for certain purposes, including direct marketing.
• Right to withdraw consent: Where processing is based on your consent, you have the right to withdraw consent at any time.

Under the California Consumer Privacy Act (CCPA) — for California residents:

• Right to know: You have the right to know what personal information we collect, use, disclose, and sell.
• Right to delete: You have the right to request deletion of your personal information.
• Right to opt-out: You have the right to opt out of the sale of your personal information. Workzil does not sell your personal information.
• Right to non-discrimination: You have the right not to be discriminated against for exercising your privacy rights.

To exercise any of these rights, please contact us at privacy@workzil.com. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

We use cookies and similar tracking technologies to collect information about your browsing activity and to improve the Services. For detailed information about the cookies we use, their purposes, and how to manage them, please refer to our Cookie Policy.

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of the Services.

We implement industry-standard security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include:

• Encryption: All data transmitted between your browser and our servers is encrypted using TLS 1.3. Data at rest is encrypted using AES-256 encryption.
• Access controls: Access to personal data is restricted to authorized personnel on a need-to-know basis, with multi-factor authentication required for all administrative access.
• Infrastructure security: Our infrastructure is hosted on SOC 2 Type II certified cloud providers with continuous monitoring and automated threat detection.
• Regular audits: We conduct regular security assessments, penetration testing, and code reviews to identify and address vulnerabilities.
• Incident response: We maintain a documented incident response plan and will notify affected users and relevant authorities of any data breach in accordance with applicable law.

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Privacy inquiries: privacy@workzil.com
• Data protection officer: dpo@workzil.com
• General contact: www.workzil.com/contact

If you are located in the EU/EEA and believe that our processing of your personal information violates the GDPR, you have the right to lodge a complaint with your local supervisory authority.