Privacy Policy

Last updated: February 11, 2025

For the Terms of Service that govern use of the Platform, see /terms.

1. Information We Collect

User Account Information:

  • Google account information (email, name) obtained through OAuth authentication
  • User ID and account creation timestamp
  • EigenCredits balance and purchase history

Job Description Data:

  • Job title, seniority level, role category
  • Technical stack requirements (primary, secondary, tertiary)
  • Location type, employment type, years of experience required
  • Work authorization requirements
  • Submission cap and role fit parameters

Candidate Application Data:

  • Personal information: name, email address
  • Resume files (PDF format) uploaded by candidates
  • GitHub repository URLs (optional, for junior candidates)
  • Project portfolio links
  • Work preferences: work types, location preferences, compensation expectations
  • Experience level and years of experience
  • Work authorization regions
  • ETI evaluation scores, role-fit assessments, and evaluation breakdowns

Technical Data:

  • IP addresses and browser information
  • Usage logs and analytics data
  • Session storage data (temporarily stored during application submission)

2. How We Use Your Information

We use collected information to:

  • Provide and operate the Platform
  • Process candidate applications and generate ETI evaluations
  • Perform role-fit matching between candidates and job descriptions
  • Process payments and manage EigenCredits
  • Authenticate users and manage accounts
  • Store resumes and candidate data securely
  • Improve Platform functionality and user experience
  • Comply with legal obligations and enforce our Terms

3. Data Processing and AI Services

Candidate data is processed using third-party AI services:

  • Resume Processing: Resume PDFs are sent to Google Document AI to extract text content. The extracted text is then processed by Google Gemini AI for evaluation.
  • GitHub Analysis: For junior candidates who provide GitHub URLs, we access their public repositories via the GitHub API and analyze repository metadata (file structure, commit history, dependency manifests) together with pattern counts derived from automated text/regex matching over the code. This pattern counting runs locally on our servers (CPU only). Repository file content is never sent to the LLM (Google Gemini); only the resulting non-code signal summary is used to generate ESQ scores.
  • Evaluation: Candidate information, resume text, and the GitHub signal summary described above (when available, never raw repository code) are sent to Google Gemini AI to generate ETI scores, role-fit assessments, and evaluation breakdowns.
  • Role Matching: Job descriptions and candidate profiles are compared using Google Gemini AI to determine role-fit compatibility.

All data sent to AI services is processed according to Google's privacy policies and terms of service. We do not use candidate data to train AI models beyond the scope of generating evaluations for your specific job postings.

4. Data Storage

All data is stored using Google Firebase services:

  • Firestore: Stores account information, job descriptions, candidate profiles, evaluation results, and metadata
  • Firebase Storage: Stores resume PDF files securely
  • Firebase Auth: Manages user authentication and session data

Data is stored in Google Cloud infrastructure and is subject to Google's security and privacy practices. We implement industry-standard security measures to protect your data, but no system is completely secure.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data only in the following circumstances:

  • With Service Providers: We share data with third-party service providers (Google, Paddle, GitHub) necessary to operate the Platform, as described in Section 3
  • With Users: Candidate application data and evaluation results are accessible to the user who created the job posting through which the candidate applied
  • Legal Requirements: We may disclose data if required by law, court order, or government regulation
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, data may be transferred to the acquiring entity

6. Cookies and Tracking

The Platform uses session storage to temporarily store form data during the candidate application process. We do not use persistent cookies for tracking purposes. Firebase Auth may use cookies for session management. Paddle may use cookies for payment processing functionality.

You can control cookie settings through your browser preferences. Disabling cookies may affect Platform functionality.

7. Data Retention

We retain your data for as long as necessary to provide the Platform and comply with legal obligations:

  • Account Data: Retained while your account is active and for a reasonable period after account closure
  • Job Descriptions: Retained until you delete them or close your account
  • Candidate Data: Retained until you delete the associated job posting or request deletion
  • Resume Files: Stored in Firebase Storage until deleted by you or upon account closure

You can delete job postings and candidate data through the Platform dashboard. Deletion requests will be processed within 30 days.

8. Your Privacy Rights (GDPR/CCPA)

If you are located in the European Economic Area (EEA), United Kingdom, or California, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Restriction: Request limitation of processing in certain circumstances
  • Data Portability: Request transfer of your data to another service provider
  • Objection: Object to processing of your data for certain purposes
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise these rights, please contact us at [email protected].

California Residents: Under the California Consumer Privacy Act (CCPA), you have the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale of personal information (we do not sell personal information). You will not be discriminated against for exercising your privacy rights.

9. Security

We implement technical and organizational measures to protect your data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Secure authentication via Firebase Auth
  • Access controls and authentication requirements
  • Regular security assessments
  • Secure storage of resume files in Firebase Storage

However, no method of transmission or storage is 100% secure. You use the Platform at your own risk.

10. Children's Privacy

The Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your data may be processed and stored in the United States and other countries where our service providers operate. By using the Platform, you consent to the transfer of your data to these jurisdictions, which may have different data protection laws than your country of residence.

12. Changes to Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified through the Platform or via email. Continued use of the Platform after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about these Terms or our Privacy Policy, please contact EigenWork at:

Company Name: EigenWork
Jurisdiction: India
Email: [email protected]