Privacy Policy

At Gignix ("we," "us," or "our"), we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our career development platform, website, mobile applications, and related services (collectively, the "Service").

This Privacy Policy applies to all users globally and complies with applicable data protection laws, including the European Union's General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other regional privacy regulations.

By using our Service, you consent to the collection and use of your information as described in this Privacy Policy.

Personal Information You Provide

• Account Information: Name, email address, password, profile picture
• Resume & Career Data: Work experience, education, skills, certifications, projects
• Contact Information: Phone number, address, LinkedIn profile, website
• Payment Information: Credit card details, billing address (processed securely by third-party providers)
• Communication Data: Messages, support tickets, feedback, survey responses

Information We Collect Automatically

• Usage Data: Pages visited, features used, time spent, click patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Location Data: General location based on IP address (not precise location)
• Cookies & Tracking: Session cookies, preference cookies, analytics cookies

Information from Third Parties

• Social Media: Profile information when you connect social accounts
• Analytics Providers: Usage statistics and performance metrics
• Security Services: Fraud prevention and security monitoring data

We use your personal information for the following purposes:

Service Provision

• Create and manage your account
• Provide resume building, cover letter, and portfolio services
• Process payments and manage subscriptions
• Deliver AI-powered career recommendations
• Enable template customization and document generation

Communication & Support

• Respond to your inquiries and provide customer support
• Send service-related notifications and updates
• Provide educational content and career tips
• Conduct surveys and gather feedback

Improvement & Analytics

• Analyze usage patterns to improve our services
• Develop new features and functionality
• Conduct research and analytics
• Personalize your experience

Legal & Security

• Comply with legal obligations and regulations
• Protect against fraud, abuse, and security threats
• Enforce our terms of service
• Resolve disputes and legal claims

We do not sell your personal information. We may share your information in the following limited circumstances:

Service Providers

We work with trusted third-party service providers who help us operate our platform:

• Cloud Hosting: AWS, Google Cloud for secure data storage
• Payment Processing: Stripe, PayPal for secure payment handling
• Email Services: SendGrid, Mailchimp for communications
• Analytics: Google Analytics, Mixpanel for usage insights
• Customer Support: Zendesk, Intercom for support services

Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal processes, court orders, or government requests
• Protect our rights, property, or safety
• Investigate fraud or security incidents
• Enforce our terms of service

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such change.

With Your Consent

We may share your information with your explicit consent for specific purposes not covered in this policy.

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Network Security: Firewalls, intrusion detection, and monitoring systems
• Regular Audits: Security assessments and penetration testing

Organizational Measures

• Employee Training: Regular security and privacy training for all staff
• Data Minimization: We collect only necessary information
• Incident Response: Established procedures for security incidents
• Vendor Management: Security requirements for all third-party providers

We retain your personal information only as long as necessary for the purposes outlined in this policy:

Retention Periods

• Account Data: Retained while your account is active and for 3 years after deletion
• Resume & Career Data: Retained while account is active, deleted upon request
• Payment Information: Retained for 7 years for tax and legal compliance
• Usage Analytics: Aggregated data retained for 2 years
• Support Communications: Retained for 3 years for quality assurance

Deletion Process

When you delete your account or request data deletion:

• Personal data is removed from active systems within 30 days
• Backup systems are purged within 90 days
• Some data may be retained for legal compliance
• Anonymized analytics data may be retained indefinitely

Depending on your location, you may have the following privacy rights:

GDPR Rights (EU Residents)

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to certain types of processing
• Right to Withdraw Consent: Withdraw consent for data processing

CCPA Rights (California Residents)

• Right to Know: Information about data collection and use
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale of personal information
• Right to Non-Discrimination: Equal service regardless of privacy choices

How to Exercise Your Rights

To exercise your privacy rights, contact us at:

• Email: privacy@gignix.com
• Online Form: Available in your account settings
• Response Time: We respond within 30 days
• Verification: Identity verification may be required

We use cookies and similar technologies to enhance your experience and analyze usage:

Types of Cookies

• Essential Cookies: Required for basic site functionality (always active)
• Analytics Cookies: Help us understand how you use our service
• Marketing Cookies: Used for advertising and remarketing
• Preference Cookies: Remember your settings and preferences

Third-Party Tracking

• Google Analytics: Website usage and performance analytics
• Facebook Pixel: Social media advertising and conversion tracking
• LinkedIn Insight: Professional network advertising
• Hotjar: User behavior analysis and heatmaps

Cookie Management

You can control cookies through:

• Our cookie consent banner and settings
• Your browser settings and preferences
• Third-party opt-out tools and services
• Account settings for logged-in users

As a global service, we may transfer your personal information across international borders:

Data Processing Locations

• Primary Servers: United States (AWS, Google Cloud)
• Backup Systems: European Union (GDPR-compliant facilities)
• CDN Services: Global network for performance optimization
• Support Centers: United States, European Union

Transfer Safeguards

• Standard Contractual Clauses: EU-approved data transfer agreements
• Adequacy Decisions: Transfers to countries with adequate protection
• Binding Corporate Rules: Internal data protection standards
• Certification Programs: Privacy Shield and similar frameworks

Your Rights for International Transfers

If you are in the EU or other regions with data protection laws:

• You have the right to information about transfer safeguards
• You can request copies of transfer agreements
• You can object to transfers in certain circumstances
• You can file complaints with supervisory authorities

We are committed to protecting children's privacy and comply with applicable laws:

Age Restrictions

• Minimum Age: 16 years old (or local legal age)
• COPPA Compliance: No collection from children under 13 (US)
• GDPR Compliance: Parental consent required for users under 16 (EU)
• Account Verification: Age verification during registration

Parental Rights

Parents and guardians have the right to:

• Review their child's personal information
• Request deletion of their child's data
• Refuse further collection of their child's information
• Contact us about their child's account

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements:

Notification Process

• Email Notification: We'll email you about significant changes
• Website Notice: Prominent notice on our website
• In-App Notification: Alerts within the application
• Effective Date: Changes take effect 30 days after notification

Types of Changes

• Material Changes: Significant changes to data use or sharing
• Legal Updates: Changes due to new laws or regulations
• Service Changes: Updates reflecting new features or services
• Clarifications: Minor edits for clarity or accuracy

Your Options

When we make changes, you can:

• Continue using our service under the new policy
• Contact us with questions or concerns
• Exercise your privacy rights (access, deletion, etc.)
• Close your account if you disagree with changes

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Supervisory Authorities

If you are in the EU, you also have the right to lodge a complaint with your local supervisory authority:

• EU Residents: Contact your national data protection authority
• UK Residents: Information Commissioner's Office (ICO)
• California Residents: California Attorney General's Office