Skip to main content
ReadyCheck Lab — Measure. Learn. Improve.
LEGAL

Privacy Policy

What we collect, why we collect it, and the control you have over your data. Aligned with GDPR (EU) and DPDP Act (India).

Last updated: May 16, 2026

1. Who we are

ReadyCheck Lab ("we", "us") is the data controller for personal data processed via readychecklab.com and related services. Contact: privacy@readychecklab.com.

2. Data we collect

  • Account data — name, email, phone number, password hash, role.
  • Profile data — education, work history, skills, target roles, location.
  • User content — resumes, assessment responses, interview transcripts, generated roadmaps.
  • Usage data — feature interactions, AI requests, page views, performance metrics.
  • Technical data — IP address, browser, device, session tokens, error logs.

3. How we use it

  • Operate the Platform and personalize your experience.
  • Run AI analysis (resume scoring, mock interviews, role readiness, recommendations).
  • Provide institutional and recruiter analytics in aggregated, anonymized form.
  • Send transactional emails (verification, password reset, important account notices).
  • Detect abuse, enforce rate limits, and investigate security incidents.
  • Improve the Platform (subject to the limits in Section 7).

4. Legal basis (GDPR / DPDP)

  • Contract — to deliver the services you signed up for.
  • Consent — for optional analytics, marketing email, and AI-feature opt-ins.
  • Legitimate interest — security, fraud prevention, and product improvement.
  • Legal obligation — tax, accounting, and law-enforcement requests.

5. Sub-processors

We use a small set of trusted vendors to deliver the Platform:

  • Lovable Cloud (managed Postgres, Auth, Storage) — EU/US hosting.
  • Lovable AI Gateway — routed to Google Gemini and OpenAI models for AI features.
  • Cloudflare — edge runtime, DDoS protection.
  • Email provider — transactional email delivery.

All sub-processors are bound by data-processing agreements. We do not sell personal data.

6. Retention

Account data is retained while your account is active. Resumes and assessment data are retained for 24 months after last activity, then anonymized or deleted. Audit logs (security events) are retained for 12 months. You may request earlier deletion at any time.

7. AI processing

Your prompts and content are sent to upstream AI providers (Gemini, OpenAI) under their zero-retention API terms. We do not use your personal content to train third-party models. We may use aggregated, de-identified usage signals to improve our own prompts and rubrics.

8. Your rights

You can:

  • Access & export — download all your data from your profile page ("Export my data").
  • Correct — edit your profile at any time.
  • Delete — request account deletion via privacy@readychecklab.com.
  • Object / restrict — opt out of marketing, analytics, or specific AI features.
  • Portability — receive your data in machine-readable JSON.
  • Complain — to your supervisory authority (EU DPA, India DPB) if you believe we mishandled your data.

9. Security

We enforce row-level security on every table, encrypt data in transit (TLS 1.2+) and at rest, log security events, and apply per-user quotas and cooldowns to prevent abuse. See our Security & Status page for the full posture.

10. Children

The Platform is not directed to children under 16. We do not knowingly collect data from children.

11. International transfers

Data may be processed outside your country of residence. We rely on Standard Contractual Clauses or equivalent safeguards for cross-border transfers.

12. Changes

We may update this Policy. Material changes will be notified by email or in-app banner.

13. Contact

Privacy questions: privacy@readychecklab.com.