← Back

Privacy Policy

Last updated: April 3, 2026

1. Who We Are

SleepHire ("we", "us", "our") operates the SleepHire web application (the "Service"). This Privacy Policy explains what personal data we collect, how we use it, and your rights regarding that data. By using the Service you agree to this policy.

2. Data We Collect

We collect only what is necessary to provide the Service:

  • Account information — your name, email address, and a securely hashed password. We never store your password in plain text.
  • Profile preferences — job search criteria you provide: salary expectations, remote preference, role type, contract preference, seniority levels, preferred regions, tech stack, culture signals, company size preference, growth stage, job functions, and excluded companies.
  • Application tracking — jobs you save, mark as applied, or track through your pipeline, including status changes and notes you add.
  • Match results — AI-generated match scores, score breakdowns, and brief explanations for why a job was recommended or flagged.
  • Feedback signals — when you mark a job as saved or not interested, we store that to improve future recommendations.
  • Session data — authentication tokens (JWT) to keep you signed in. We do not use tracking cookies, advertising cookies, or any third-party analytics cookies.

3. How We Use Your Data

  • Job matching — your profile preferences are used to filter and score job listings against your criteria.
  • AI scoring — job descriptions (public information from job boards) are sent to third-party AI services (Google Gemini and/or OpenAI) for analysis and scoring against your profile. Your email, name, and password are never sent to these services. Only your preference criteria (role type, seniority, salary range, tech stack, etc.) and the public job description text are transmitted.
  • Email digests — if you opt in, we send daily digest emails containing your top job matches via Resend (our email delivery provider). Your email address is shared with Resend solely for delivery purposes.
  • Service improvement — we log AI API calls (model used, token counts, latency) for debugging and cost monitoring. These logs do not contain your personal information.

4. Third-Party Services

We use the following third-party services to operate:

  • Google Gemini / OpenAI — AI language models used to analyse and score job listings. Public job descriptions and your anonymised preferences are sent for processing. These providers have their own privacy policies and data processing agreements.
  • Resend — email delivery service. Your email address is shared with Resend when digest emails are sent. Resend processes this data as a sub-processor under their privacy policy.

We do not use any advertising networks, social media trackers, or analytics platforms. We do not embed third-party tracking scripts on the Service.

5. Data We Do NOT Collect or Share

  • We do not sell, rent, or trade your personal data to any third party.
  • We do not share your data with employers, recruiters, or job boards.
  • We do not use your data for advertising or profiling purposes beyond job matching.
  • We do not collect payment card information directly. Payment processing is handled by our payment provider, and we do not store your card details.

6. Data Retention

We retain your account data and profile preferences for as long as your account is active. Job match results and digest history are retained for up to 90 days. If you delete your account, we will delete all your personal data within 30 days, except where retention is required by law.

7. Data Security

Passwords are hashed using bcrypt before storage. All data is transmitted over HTTPS. Database access is restricted to the application server. We follow industry-standard security practices, but no system is 100% secure. We cannot guarantee absolute security of your data.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access — request a copy of the personal data we hold about you.
  • Correction — update or correct inaccurate data via your profile settings.
  • Deletion — request deletion of your account and all associated data.
  • Data portability — request your data in a machine-readable format.
  • Withdrawal of consent — you may stop using the Service at any time.

To exercise any of these rights, contact us at the email address listed below. We will respond within 30 days.

9. Cookies

We use a single session cookie to keep you authenticated. This is a strictly necessary cookie and does not require consent under GDPR. We do not use any tracking, advertising, or analytics cookies.

10. Children

The Service is not intended for anyone under the age of 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions or to exercise your data rights, contact us at: privacy@sleephire.dev