Privacy Policy

When you use ReadySet, we may collect the following information:

• Account information — name, email address, and authentication data managed by our identity provider (Clerk).
• Profile & resume data — your current role, target role, target companies, and resume content you upload (including parsed skills, experience, and projects).
• Interview session data — questions, answers, transcripts, scores, and AI-generated feedback from practice sessions.
• Live Assist data — real-time interview transcripts, detected questions, AI-generated answer suggestions, screen captures (used for coding question analysis), and session notes.
• Uploaded documents — files you upload (PDF, DOCX, TXT) and their extracted text content.
• Billing information — managed by Stripe. We store your Stripe customer ID and subscription status but never your payment card details directly.
• User-provided API keys — if you choose to bring your own API keys, they are encrypted at rest using AES-256-GCM encryption and are only decrypted at the time of each request.

We use your data exclusively to provide and improve ReadySet:

• Generating AI-powered interview questions tailored to your resume and goals.
• Providing real-time answer suggestions during live interviews.
• Scoring and providing feedback on your practice sessions.
• Processing screen captures to analyze coding interview questions.
• Managing your subscription and billing.

We do not sell, rent, or share your personal data with advertisers or data brokers.

To deliver our service, your data may be processed by the following third-party providers:

• Anthropic (Claude) — processes resume content, interview transcripts, and screen captures to generate interview questions, feedback, and answer suggestions. Subject to Anthropic's Privacy Policy.
• OpenAI (Whisper) — processes audio recordings for speech-to-text transcription only. No resume or personal context is sent. Subject to OpenAI's Privacy Policy.
• Stripe — processes subscription payments and billing. Subject to Stripe's Privacy Policy.
• Clerk — manages authentication and user identity. Subject to Clerk's Privacy Policy.

We do not use any analytics, telemetry, or tracking frameworks. No data is sent to Google Analytics, Mixpanel, Sentry, or similar services.

Your data is stored and protected using industry-standard practices:

• Data is stored in a PostgreSQL database hosted by Neon.
• User-provided API keys are encrypted at rest using AES-256-GCM with a dedicated encryption key.
• All connections use HTTPS with HSTS enforcement (2-year max-age).
• Security headers include X-Frame-Options (DENY), X-Content-Type-Options (nosniff), and a strict Permissions-Policy.
• CSRF protection and origin validation are enforced on all state-changing requests.
• Rate limiting is applied to API endpoints to prevent abuse.

Your data is retained for as long as your account is active. When you delete your account, all associated data — including your profile, resume, interview sessions, transcripts, documents, and billing records — is permanently deleted from our database.

Depending on your location, you may have the following rights:

• Access — request a copy of your personal data.
• Deletion — request that we delete your account and all associated data.
• Correction — update or correct your personal information through your account settings.
• Portability — request your data in a structured, machine-readable format.
• Objection — object to certain processing of your data.

For California residents (CCPA): You have the right to know what personal information we collect, request its deletion, and opt out of any sale of personal information. We do not sell personal information.

For EU/EEA residents (GDPR): Our legal basis for processing your data is contract performance (providing the service you signed up for) and legitimate interest (improving the service). You may exercise any of the rights above by contacting us.

The ReadySet desktop application (Live Assist) runs locally on your Mac. It captures screen content and audio only during active interview sessions and only when you explicitly enable it. Screen captures are sent to our API for AI analysis and are not stored on our servers beyond the duration of the session processing.

The desktop overlay uses macOS content protection to ensure it is not visible in screen recordings or screen shares.

ReadySet is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

We may update this privacy policy from time to time. When we do, we will update the "last updated" date at the top of this page. We encourage you to review this policy periodically.

If you have questions about this privacy policy or want to exercise your data rights, please contact us at support@readysethired.io.