Privacy Policy

Last updated: 2026-01-02

Our Approach to Privacy

We built this service to help people improve their resumes and access global remote job opportunities. It's a simple tool created for the community, with a clear mission to help people build better lives through meaningful work.

To make this possible, we process some user data as part of the service. We take privacy seriously, but fully complying with regulations like UU PDP or GDPR requires significant resources, including technical infrastructure, legal support, and compliance expertise. As a small, non-commercial project, we're not there yet.

Still, we aim to follow the core principles of these regulations. You can export or delete your data at any time, and we believe you should always stay in control of your information. We also implement security measures to help protect your data. More details are available in the document below.

We don't sell your data. We only use it to deliver resume evaluation services and improve the product for you.

1. What We Collect

When you use our service, we collect:

  • Email address - To authenticate and manage your account
  • Resume PDF files - Your work experience and professional information
  • Transaction records - To track your coin usage

Please avoid uploading sensitive documents like KTP/SIM/SKCK/Diploma/Certificates. We don't need them for resume evaluation.

2. How We Use Your Data

We use your data to:

  • Analyze your resume and provide feedback
  • Manage your account and coins
  • Improve the AI model to give you more accurate and helpful feedback

3. Third-Party Services

We use trusted services to power our platform:

  • Google Gemini API - For resume analysis
  • AWS S3 - For secure file storage
  • Firebase Authentication - For secure login

4. Data Storage

Your data is stored securely on AWS cloud infrastructure. Data may be processed at AWS data centers in various regions.

5. Security Measures

We take security seriously and implement measures to keep your data safe:

  • Our system is hosted on AWS (Amazon Web Services), which provides GDPR-ready infrastructure. Learn more
  • Secure authentication through Firebase
  • Data encryption in transit and at rest
  • Private storage with no public access to your files
  • Access controls to ensure only authorized systems can access your data
  • Automatic data deletion after 31 days to minimize data exposure

6. Your Control

You have control over your data:

  • Export - Download your data anytime using "Export My Data"
  • Delete - Remove all your data anytime using "Delete My Data"

7. Questions

If you have questions, please send an email to hello@ghazlabs.com with subject:

"Ask About Privacy Policy"