← Back to Hirely

Privacy Policy

Effective: 2026-04-24 · Last updated: 2026-04-24

TL;DR

Most of your data (profile, JDs, resumes, applications) lives in your browser's localStorage. We never see it unless you use a feature that hits our server.
When you sign in, we store your email address in Supabase so we can identify your account.
When you use hosted AI features, we pass the text of your resume / JD / cover letter to OpenAI to generate output. OpenAI is our only AI subprocessor.
When you upgrade to Pro, PayPal handles billing. We store your PayPal subscription ID so we can grant / revoke access.
We don't sell your data, don't run ads, and don't use analytics that identify individuals.

1. What we collect

Stored in your browser (localStorage), never sent to our servers except when you use AI:

Your profile: name, email you choose to put in it, LinkedIn URL, past roles, education, base resume text, skills, preferences
Job descriptions you paste into the JD Analyser
Tailored resumes, cover letters, interview prep, outreach drafts, offer negotiation drafts that Hirely generates
Your application tracker entries
Your recent AI-call history (last 20 calls)
Theme preference (light / dark)

Stored in our cloud (Supabase — EU or US region depending on your project):

Your account email address (used as your login identifier)
Your Pro tier flag (yes / no) + the date you activated Pro
If subscribed via PayPal: your PayPal subscription ID + plan ID (not card number, not billing address)
Per-feature monthly usage counts for JD Analyse and Fit Score (to enforce the free-tier cap)
If you joined the waitlist: your email + timestamp

Not collected:

We don't log your IP address in application logs beyond what Vercel's hosting platform retains for security (standard web-server access logs, retained for a few weeks).
We don't track cross-site behaviour.
We don't use third-party ad or remarketing trackers.

2. Subprocessors (the third parties we send your data to)

Supabase — stores your account, profile (Pro flag), usage counts, waitlist. Supabase privacy.
OpenAI — receives the text you submit to an AI feature (JD text, resume content, etc.) and returns the generated output. Per OpenAI's API data-use policy, data sent to the API is not used to train models. OpenAI privacy.
PayPal — only when you upgrade to Pro. PayPal handles the actual payment; Hirely never sees your card number. PayPal privacy.
Vercel — hosts the web app and runs the serverless functions. Vercel privacy.

3. Your rights

Access + export: In the app → Settings → Backup & restore, download a JSON file containing all data stored in your browser. We'll honour written requests for the cloud data associated with your account.
Delete: In the app → Settings → "Clear all data" deletes everything in your browser. For cloud data: email support@hirely.me and we will delete your Supabase account + all associated rows within 30 days.
Object / restrict: If you're in the EU / UK and wish to restrict processing, email the address above.
Portability: Your browser data is in plain JSON. The cloud data is limited (email + Pro flag + usage counts) and we'll provide it on request.

4. Cookies & local storage

Hirely uses browser localStorage to store your app data and session token. We don't set third-party cookies for tracking, advertising, or analytics.

Supabase's auth library sets a supabase.auth.token entry in your browser's storage when you sign in. This is essential for keeping you signed in across page loads. Clearing it signs you out.

5. Children

Hirely is not directed at children under 13 (or 16 in the EEA / UK). We don't knowingly collect data from children. If you believe a child has provided us data, contact us and we'll delete it.

6. Security

Cloud data is protected by Supabase Row Level Security policies — you can only read or modify your own account rows. Payments are handled entirely by PayPal; Hirely never receives or stores card numbers. Connections are TLS-encrypted end-to-end.

No system is 100% secure. If we discover a breach, we'll notify affected users by email within 72 hours.

7. Changes

If we materially change what we collect or how we use it, we'll update this page and the "Last updated" date at the top, and notify active accounts by email. Continuing to use Hirely after a change counts as acceptance.

8. Contact

Privacy questions, deletion requests, or data-access requests: support@hirely.me.