Privacy Policy
Last updated: February 2026
This Privacy Policy describes how HireScreen (“we”, “us”, “our”) collects, uses, and handles your information when you use our AI-powered resume screening service at hirescreen.app (the “Service”).
1. Information We Collect
Account Information
- Email address — used for authentication and account communication.
- Full name (optional) — used for display purposes.
- Company name (optional) — used for display purposes on jobs.
Job Data
- Job title, requirements, and nice-to-have qualifications — provided by you when creating a job.
Resume Data
- Resume files — uploaded by you in PDF, DOCX, or TXT format.
- Extracted text — the text content parsed from uploaded resume files.
- Candidate names — extracted from resume text via heuristic parsing.
Payment Information
- Stripe session and payment intent IDs — identifiers linking payments to your account. We do not store credit card numbers, CVVs, or full card details. All payment processing is handled by Stripe.
Automatically Collected
- Usage data — standard web server logs including IP address, browser type, and pages visited. Collected by our hosting provider (Vercel).
2. How We Use Your Information
| Data | Purpose |
|---|---|
| Email address | Authentication, account recovery, transactional emails |
| Job data | Displayed on your dashboard; sent to the AI scoring engine as context for resume evaluation |
| Resume files and extracted text | Sent to the Anthropic Claude API for AI-powered scoring and ranking |
| Candidate names | Displayed in scoring results for identification |
| Stripe payment identifiers | Tracking payment status and enabling access to results |
We use your data solely to provide the Service. We do not sell your data. We do not use your data for advertising.
3. AI Processing
Resume text is sent to the Anthropic Claude API for evaluation against your job requirements. This means:
- Resume content is transmitted to Anthropic's servers for processing.
- Anthropic's data usage policies apply to this processing. As of this writing, Anthropic does not use API inputs or outputs to train its models. See Anthropic's Privacy Policy for their current terms.
- We send only the extracted text content, job requirements, and nice-to-have qualifications. We do not send your email, payment information, or account details to Anthropic.
The AI scoring is assistive, not automated decision-making. The scores, rankings, and analysis are provided as tools to help you make hiring decisions. You retain full control over all hiring decisions.
4. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information (email, name, company) | Retained while your account is active. Deleted upon account deletion request. |
| Job data (title, requirements) | Retained while your account is active. |
| Resume files (uploaded PDFs, DOCXs, TXTs) | Automatically deleted after 30 days. |
| Extracted resume text | Automatically cleared after 30 days. |
| Scoring results (scores, analysis, reasoning) | Retained while the associated job exists. Scoring results contain candidate names but no other PII from the resume. |
| Payment records | Retained for accounting and legal compliance purposes. |
The 30-day automatic deletion of resume files and extracted text is enforced by a scheduled cleanup job. After deletion, the resume content cannot be recovered.
5. Third Parties
We share data with the following third-party services, solely to provide the Service:
| Third Party | Data Shared | Purpose |
|---|---|---|
| Supabase | Account data, jobs, resume metadata, scoring results | Database hosting, authentication, file storage |
| Anthropic | Extracted resume text, job requirements | AI-powered resume scoring |
| Stripe | Email address (for receipts), payment amounts | Payment processing |
| Vercel | Web traffic logs | Application hosting |
We do not share your data with any other third parties. We do not sell data to data brokers or advertisers.
6. Data Security
- All data in transit is encrypted via TLS (HTTPS).
- Database access is restricted by authentication and role-based policies.
- Stripe handles all payment card processing; we never see or store card numbers.
- API keys and secrets are stored as environment variables, never in source code.
- The Supabase service role key (which has elevated database access) is used only server-side and is never exposed to the browser.
7. Your Rights
You have the right to:
- Access your data — View your account information, jobs, and scoring results through the application dashboard.
- Delete your data — Request deletion of your account and all associated data by contacting us. Resume files and extracted text are automatically deleted after 30 days regardless.
- Export your data — Download scoring results as XLSX or CSV from the results page.
- Correct your data — Update your account information through the application.
To exercise these rights, contact us at the email address listed below.
8. Children's Privacy
The Service is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last updated” date. Continued use of the Service after changes constitutes acceptance of the updated policy.
10. Contact
For privacy-related questions or data deletion requests, contact:
See also: Terms of Service