Privacy Policy

Last Updated: April 25, 2026

1. Information We Collect

When you use Elcano, we collect:

  • Account data: Email address, display name (when you create an account via Supabase Auth)
  • Analysis results: Dimension scores, role matching results, detected job family and seniority level — structured data only
  • Anonymous analyses (no login): When you run an analysis without an account, we persist only aggregate counters: detected family, detected seniority, whether a job description was attached, top-role readiness, ATS pass probability, AI-screener pass probability, and request latency. We do not store the resume text, the per-axis scores, the role detail, or the response narrative for anonymous runs. The function that writes anonymous rows in our codebase literally does not accept those fields — type-system enforced.
  • Attribution metadata: If your visit URL contains UTM parameters (e.g., utm_source, utm_medium, utm_campaign) or a non-self referrer, we capture those for each analysis. We also generate a per-browser session token (UUID) at first visit and store an HMAC hash of it (never the plaintext).
  • Usage data: Number of analyses performed per billing period
  • Payment data: Managed by Stripe — we store only your Stripe customer ID, never your card details
  • Job descriptions (JDs): When you paste a job description for ATS / JD Radar / AI Screener analysis, we store the JD in a deduped corpus to study how roles are evolving over time. Each JD is sanitized to strip emails, phone numbers, and identifiable employer markers before persistence. JDs are public artifacts (companies post them publicly to attract applicants); resumes are not. We treat them differently. You can opt out per-analysis via the “don’t train on this” toggle.
  • Outcome reports (opt-in): When you tell us whether you got a callback, an interview, an offer, or a rejection for a role you applied to, we store that as a separate user_outcomes row keyed to the analysis run. This data is used to recalibrate the algorithm against real outcomes; aggregate views (per-role callback rates) explicitly exclude employer names. Reports are voluntary; you can decline or delete them at any time.

2. What We Do NOT Collect or Store

  • We never store raw resume text. Your resume is processed in real-time and discarded after analysis. This is enforced at the type level in our codebase: the function that writes anonymous rows accepts only aggregate counters; for authenticated users we store the structured response, not the source text.
  • We never log resume content in server logs or error reports.
  • If LLM (AI) processing is used, only a one-way hash of the input is stored for auditing — the original text cannot be recovered.
  • We do not store employer names from outcome reports in any aggregate or analytics view. Per-row employer data is visible only to the user who reported it.

3. How We Use Your Data

  • To provide and improve resume analysis results
  • To maintain your analysis history (Pro subscribers)
  • To enforce usage limits on the free tier
  • To send transactional emails (subscription confirmations, usage warnings) via Resend
  • To process payments via Stripe

4. Data Storage and Security

Your data is stored in Supabase (PostgreSQL) with Row Level Security (RLS) ensuring you can only access your own data. All data is encrypted at rest and in transit (TLS). Our API server runs on DigitalOcean with HTTPS enforced.

5. Third-Party Services

  • Supabase: Authentication and database
  • Stripe: Payment processing
  • Anthropic (Claude) / OpenAI: AI-powered analysis enrichment. Resume text is sent to the LLM provider during the core scoring and detailed-analysis passes (including the optional JD-aware Pass-Through Check). Narrative generation uses only structured scores. See Section 11 for the full per-feature breakdown. Resume text is never stored by Elcano.
  • Resend: Transactional email delivery
  • Mixpanel: Product analytics. Receives pseudonymous event data about feature use. Not given resume text or personal identifiers beyond an account ID when you are signed in.
  • Vercel: Hosts the marketing site and web app. May collect anonymized performance data.

6. Data Retention

Analysis results are retained for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting tyler@mizudev.com. Deletion cascades through all tables — profiles, analysis runs, LLM generation records, and usage counters.

7. GDPR Rights (EU/EEA Users)

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification (correct inaccurate data)
  • Right to erasure ("right to be forgotten") — you can delete your account directly from the app
  • Right to restrict processing
  • Right to data portability (export your data)
  • Right to object to processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

To exercise any of these rights, use the in-app "Delete Account" feature or email elcanoteam@gmail.com.

8. CCPA Rights (California Users)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information — We do NOT sell your personal information
  • Right to non-discrimination for exercising your CCPA rights

9. International Data Transfers

Your data may be processed in the United States, where our service providers (Supabase, Stripe, Anthropic, OpenAI) maintain their servers. We rely on standard contractual clauses and the data processing agreements of our service providers to ensure adequate protection of your personal data in accordance with applicable data protection laws.

10. Children's Privacy

Elcano is not intended for users under the age of 16. We do not knowingly collect personal data from children. If you believe a child under 16 has provided us with personal information, please contact us so we can promptly delete it.

11. AI Processing Disclosure

Elcano uses third-party AI services to power its analysis and generation features:

  • Your resume text is sent to Anthropic (Claude) and/or OpenAI during the core scoring pass, the detailed-analysis pass (when a job description is provided), and the JD-radar extraction pass — each time for real-time analysis only.
  • When you provide a job description, the JD text is also sent to the LLM alongside the resume for the Pass-Through Check (ATS + AI-screener pass probability) and detailed analysis.
  • For narrative generation we send structured signals (axis scores, dimensions) — not raw resume text.
  • For cover letter, resume rewrite, and interview prep features, resume text is sent to the LLM on each request.
  • LLM providers process data under their own data processing agreements.
  • No resume text is permanently stored by Elcano. Only a one-way hash of the input is retained for auditing the LLM generation record — the original text cannot be recovered from the hash.

12. Your Rights

You have the right to access, correct, export, or delete your personal data. For specific rights based on your location, see Section 7 (GDPR Rights) for EU/EEA users and Section 8 (CCPA Rights) for California users. To exercise these rights, use the in-app "Delete Account" feature or contact us at the email addresses below.

13. Contact

Elcano

Email: elcanoteam@gmail.com / tyler@mizudev.com

Website: elcano.team

Terms of ServiceCookie Policy