MatchCraft

Privacy Policy

Last Updated: 3/30/2026

1. Introduction

MatchCraft ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our job matching platform and related services ("Service").

This Privacy Policy applies to all users of our Service and complies with applicable privacy laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other regional privacy regulations.

2. Information We Collect

Personal Information You Provide

  • Account Information: Name, email address, password
  • Profile Information: Location, job preferences, skills
  • Resume Data: Work experience, education, skills, contact information
  • Communication Data: Messages, support inquiries
  • Payment Information: Billing details (processed by third-party providers)

Information We Collect Automatically

  • Usage Data: Pages visited, features used, time spent on Service
  • Device Information: IP address, browser type, operating system
  • Cookies and Tracking: See our Cookie Policy for details
  • Log Data: Access times, error logs, performance metrics

Information from Third Parties

  • Job Boards: Public job listings and related data
  • Authentication Providers: OAuth data from Google, GitHub, etc.
  • Analytics Services: Aggregated usage statistics

3. How We Use Your Information

We use your information for the following purposes:

Service Provision

  • Create and manage your account
  • Analyze resumes and match with job opportunities
  • Provide personalized job recommendations
  • Process payments and manage subscriptions

Communication

  • Send service-related notifications
  • Respond to your inquiries and support requests
  • Send marketing communications (with your consent)

Improvement and Analytics

  • Analyze usage patterns to improve our Service
  • Develop new features and functionality
  • Conduct research and analytics

Legal and Security

  • Comply with legal obligations
  • Protect against fraud and abuse
  • Enforce our Terms of Service
  • Protect the security and integrity of our Service

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for processing your personal data includes:

  • Contract: Processing necessary to perform our contract with you
  • Consent: You have given consent for specific processing activities
  • Legitimate Interests: Processing necessary for our legitimate business interests
  • Legal Obligation: Processing required to comply with legal requirements

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers

We share data with trusted third-party service providers who assist us in:

  • Cloud hosting and infrastructure (Supabase, Vercel)
  • Payment processing (Stripe, PayPal)
  • Email communications
  • Analytics and monitoring
  • Resume parsing and AI services

Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal process or government requests
  • Protect our rights and property
  • Prevent fraud or illegal activities
  • Protect user safety

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction.

6. Data Security

We implement appropriate security measures to protect your personal information:

  • Encryption: Data is encrypted in transit and at rest
  • Access Controls: Limited access on a need-to-know basis
  • Regular Audits: Security assessments and vulnerability testing
  • Secure Infrastructure: Industry-standard cloud security practices
  • Authentication: Strong password requirements and optional 2FA

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your information.

7. Data Retention

We retain your personal information for as long as necessary to:

  • Provide you with our Service
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

All Users

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal information
  • Opt-out: Unsubscribe from marketing communications

GDPR Rights (EEA Users)

  • Portability: Receive your data in a portable format
  • Restriction: Request restriction of processing
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time

CCPA Rights (California Users)

  • Know: Right to know what personal information is collected
  • Delete: Right to delete personal information
  • Opt-out: Right to opt-out of sale (we don't sell data)
  • Non-discrimination: Right to equal service and pricing

To exercise your rights, contact us at privacy@matchcraft.io

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Adequacy decisions by relevant authorities
  • Standard contractual clauses
  • Certification schemes
  • Codes of conduct

10. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

11. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we may also send you an email notification.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: support@matchcraft.io

Data Protection Officer: dpo@matchcraft.io

EU Representative

If you are in the European Union and have concerns about our data processing, you may also contact our EU representative or your local data protection authority.