ZhiZhao Privacy Policy

Last Updated: April 2026

1. Information We Collect

You provide:

  • Account info: email, phone, name, password
  • Profile info: location, work history, education, skills
  • Content: resumes, job posts, messages, interview feedback

Automatically collected:

  • Device info: IP address, browser, OS
  • Usage data: pages viewed, features used, timestamps
  • Cookies: session, preferences, analytics

2. How We Use It

  • Provide and improve the Service (matching, search, messaging)
  • AI processing for resume parsing, JD generation, candidate-job matching
  • Customer support and security monitoring
  • Service emails (transactional, not marketing without consent)

3. Sharing

We do NOT sell your personal information. We share only:

  • For matching: candidate resumes shown to applied companies; jobs visible to all visitors
  • Service providers: hosting (Neon DB), AI (Anthropic Claude / DeepSeek), email (Resend), payment (Stripe)—all bound by data protection agreements
  • Legal compliance: when required by law or court order

AI processing note: We use Anthropic Claude / DeepSeek APIs. Per their terms, your data is NOT used to train their models.

4. Data Storage

  • Servers: hosted in the US / EU (depending on user region)
  • Encryption: TLS in transit, AES-256 at rest
  • Retention: account data deleted within 30 days of account closure (legal retention may extend)

5. Your Rights

Under GDPR, CCPA, and similar laws, you can:

  • Access your data via Profile / My Resumes / My Applications
  • Correct any information you've provided
  • Delete your account and associated data
  • Port your data (request export via Not disclosed yet)
  • Object to processing for marketing
  • Withdraw consent for optional features

To exercise these rights, email Not disclosed yet.

6. Children

The Service is not for users under 16. We do not knowingly collect data from minors.

7. International Transfers

If you access from outside the US, your data may be transferred to and processed in the US under standard contractual clauses (SCCs).

8. Cookies

We use:

  • Essential: login session, language preference
  • Analytics: anonymous usage patterns (you can opt out)
  • No third-party tracking: we don't use ad networks or behavioral tracking

9. Updates

Material changes notified 30 days in advance. Check the "Last Updated" date.

10. Contact

  • Data Protection: Not disclosed yet
  • For EU residents: contact us to designate an EU representative if needed
⚠️ This is a draft template. Have it reviewed by qualified legal counsel (GDPR + CCPA + applicable laws) before launch.