How we protect your information
This page is maintained by The Mid-Level Escape Co. to answer the most common questions about how the platform handles your data. It is not a certification or independent audit. For specific compliance requests, email support@obvioushire.app.
Access & authentication
The platform is invite-only. Each member receives a private invitation link that expires after 14 days; admins can revoke or resend a link at any time. Sign-in uses email and password backed by managed authentication.
Application data is scoped per user. The database enforces row-level access rules so one member cannot read another member's resumes, strategy artifacts, or pipeline.
Data in transit & at rest
All traffic to the app is served over HTTPS. Data is stored in a managed Postgres database and managed object storage, both encrypted at rest by the provider.
What we collect
We collect the information you provide directly — profile details, resumes you upload, target roles, strategy notes, and application tracking entries. We do not sell this data. We use it to generate strategy artifacts, match opportunities, and power your dashboard.
Resume uploads are stored in a private bucket and accessible only to your account and the operations team that supports your strategy.
Third-party services
We use a small number of providers to run the platform: managed authentication, managed Postgres + storage, transactional email, AI inference for strategy generation, and aggregated job-listings APIs. Each operates under its own privacy and security terms.
Retention & deletion
You can edit or remove resumes, applications, and strategy artifacts from inside the app at any time. To delete your account entirely, email support@obvioushire.app and we will remove your record and associated data within 30 days.
Reporting a vulnerability
If you believe you've found a security issue, please email security@obvioushire.app with a description and reproduction steps. We aim to acknowledge within two business days.