Privacy Policy

1. Who we are

Shortlisted is an AI-assisted resume and cover letter tailoring service designed to help seekers create more relevant, accurate, and reviewable application materials.

If you have questions about this Privacy Policy, you can contact us at:

Email: support@get-shortlisted.com

Legal entity and data controller

Shortlisted is operated by Nancy Chau (the "seller"), trading as "Shortlisted". Nancy Chau is the data controller responsible for personal information processed in connection with the service.

2. Information we collect

We collect information you provide directly to us, information generated when you use the service, and limited information from third-party services you choose to connect or use.

Account information

When you create an account, we may collect:

• Name
• Email address
• Password or authentication credentials
• Login method, such as email/password or Google sign-in
• Account preferences
• Subscription or plan status

If you sign in with Google or another third-party login provider, we may receive basic profile information such as your name, email address, and profile image, depending on your settings with that provider.

Resume and career information

To provide the service, you may upload, paste, or enter information such as:

• Resume content
• Work history
• Education
• Skills
• Certifications
• Opportunity titles
• Career achievements
• Cover letter drafts
• Other information you choose to include in your application materials

You are responsible for deciding what information to include. Please do not upload information you do not want processed by Shortlisted.

Opportunity description information

You may provide job descriptions or job posting details, including:

• Opportunity title
• Company name
• Job responsibilities
• Required qualifications
• Preferred qualifications
• Salary or location information included in the posting
• Links or text copied from external boards or employer websites

AI-generated content

When you use Shortlisted, we may generate and store outputs such as:

• Tailored resume drafts
• Tailored cover letter drafts
• Suggested edits
• Keyword or role alignment notes
• Formatting or application recommendations

You are responsible for reviewing all AI-generated content before using it. Shortlisted is designed to assist you, not replace your judgment.

Payment information

If you purchase a paid plan or one-time service, payments are processed by Lemon Squeezy, LLC ("Lemon Squeezy"), which acts as the Merchant of Record for all our orders. Lemon Squeezy handles payment processing, billing, tax compliance, invoicing, subscription management, and refund requests.

We do not store full credit card numbers on our servers. Lemon Squeezy collects and processes payment details, billing information, transaction history, and related fraud-prevention information in accordance with its own privacy policy.

Usage information

We may collect information about how you use Shortlisted, such as:

• Pages viewed
• Features used
• Buttons or links clicked
• Date and time of activity
• Device type
• Browser type
• Referring page or source
• Error logs
• Approximate location based on IP address

This information helps us improve the service, fix bugs, understand product performance, and protect against misuse.

Communications

If you contact us, respond to a survey, join a waitlist, request support, or provide feedback, we may collect:

• Your name
• Email address
• Message content
• Support history
• Feedback or testimonials you choose to provide

3. How we use your information

We use your information to provide, maintain, secure, and improve Shortlisted.

Specifically, we may use your information to:

• Create and manage your account
• Authenticate your login
• Provide resume and cover letter tailoring features
• Generate AI-assisted drafts and recommendations
• Save your drafts, history, or preferences
• Process payments and manage subscriptions
• Provide customer support
• Send service-related emails
• Improve product quality and user experience
• Debug errors and monitor performance
• Prevent fraud, abuse, or unauthorized access
• Comply with legal obligations
• Enforce our Terms of Service

4. Legal basis for processing

We process your personal information on the following legal bases, depending on the activity:

• Performance of a contract — to create your account, deliver the resume and cover letter tailoring service you request, process your purchases, and provide customer support.
• Legitimate interests — to secure the service, prevent fraud and abuse, debug and improve product quality, measure performance, and communicate service-related updates, balanced against your rights and interests.
• Consent — where required by law, for example for non-essential cookies or certain marketing communications. You may withdraw consent at any time.
• Legal obligation — to comply with applicable laws, tax, accounting, and record-keeping requirements, and to respond to lawful requests from authorities.

5. How we use AI providers

Shortlisted generates tailored resume drafts, cover letters, skill-gap insights, and support replies using large-language-model APIs. Requests are routed through the Lovable AI Gateway (operated by Lovable) to the underlying model providers below. All traffic is encrypted in transit (TLS).

Google (Gemini API) — used for the majority of generation tasks (tailoring, keyword analysis, skill-gap insights, support chat). Per Google's Gemini API skill-gap insights, support chat). Per Google's Gemini API terms for paid tier usage, your inputs and outputs are not used to train Google's models and are retained for up to 30 days solely for abuse monitoring before deletion. See Gemini API Additional Terms.

OpenAI (GPT API) — used as a secondary model in some tailoring paths. Under OpenAI's API data-usage policy, inputs and outputs submitted via the API are not used to train OpenAI's models and are retained for up to 30 days for abuse and misuse monitoring before deletion (zero-retention is available only to approved enterprise customers and does not currently apply to us). See OpenAI API data usage policies.

We may add, remove, or change AI providers as the service evolves and will update this section accordingly. We do not share your data with these providers for any purpose other than fulfilling the specific request you initiated (e.g. tailoring a resume to a job description you provided).

We aim to use AI providers and settings that are appropriate for handling user-submitted career materials. However, you should avoid submitting sensitive personal information that is not necessary for resume or cover letter tailoring. We do not intentionally ask you to provide sensitive information such as Social Security numbers, government identification numbers, financial account numbers, medical records, or passwords in your resume or job materials.

6. How we share information

We do not sell your personal information.

We may share information in the following limited circumstances:

Service providers and subprocessors

We may share information with vendors and service providers who help us operate Shortlisted, such as:

• Hosting and infrastructure providers
• Database providers
• Authentication providers
• AI model providers
• Analytics providers
• Email and customer support tools
• Security and error-monitoring tools
• Professional advisers (legal, accounting, tax)

These providers are permitted to use information only as needed to provide services to us, subject to their own contractual and legal obligations.

Merchant of Record (Lemon Squeezy)

We use Lemon Squeezy, LLC ("Lemon Squeezy") as our Merchant of Record. Lemon Squeezy handles the sale of our products, subscription management, payments, tax compliance, invoicing, and refund requests. When you make a purchase, your payment and billing information is collected and processed by Lemon Squeezy under its own privacy policy. We may receive limited information from Lemon Squeezy such as your billing email, country, payment status, plan type, order ID, and subscription status.

Legal and safety reasons

We may disclose information if we believe it is necessary to:

• Comply with applicable law, regulation, legal process, or government request
• Protect the rights, property, or safety of Shortlisted, users, or others
• Detect, prevent, or address fraud, security, or technical issues
• Enforce our Terms of Service

Business transfers

If Shortlisted is involved in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, user information may be transferred as part of that transaction. If that happens, we will take reasonable steps to protect your information and notify users where required by law.

7. Data retention

We keep personal information for as long as reasonably necessary to provide the service, comply with legal obligations, resolve disputes, enforce agreements, and maintain business records.

Resume content, job descriptions, and AI-generated drafts may be retained while your account is active so you can access your work and history.

Saved resumes and tailored drafts are retained while your account is active. When you delete a document, it is removed from your dashboard immediately and purged from backups within 30 days. When you delete your account, all stored content is purged within 30 days, except where retention is required by law.

You can self-serve both data export and account deletion from Profile & Billing → Download my data and Profile & Billing → Delete my account. The export is a JSON file containing your profile, baseline resume, tailored applications, and saved suggestions. Account deletion requires typing DELETE to confirm, signs you out immediately, and finalizes the hard-delete of your data within 30 days.

You may also request deletion of your account or certain personal information by contacting us at:

Email: support@get-shortlisted.com

We may retain limited information where necessary for legal, security, fraud-prevention, backup, tax, accounting, or legitimate business purposes. Any retained references are anonymized so they no longer identify you.

8. Your choices and rights

Depending on where you live, you may have rights over your personal information, including the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Delete certain personal information
• Request a copy of your information
• Object to or restrict certain processing
• Opt out of certain marketing communications
• Withdraw consent where processing is based on consent

To make a request, contact us at:

Email: support@get-shortlisted.com

We may need to verify your identity before completing certain requests.

9. California privacy rights

If you are a California resident, you may have rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act.

These rights may include:

• The right to know what personal information we collect, use, disclose, or share
• The right to request deletion of personal information
• The right to correct inaccurate personal information
• The right to opt out of the sale or sharing of personal information
• The right to limit use of sensitive personal information, where applicable
• The right not to be discriminated against for exercising your privacy rights

We do not sell personal information.

If we use analytics or advertising technologies that may be considered “sharing” under California law, we will provide appropriate notice and opt-out mechanisms where required.

To exercise your rights, contact us at:

Email: support@get-shortlisted.com

10. Cookies and similar technologies

Shortlisted uses cookies and browser local storage to keep you signed in, remember your preferences, and (with your permission) understand how the site is used.

When you first visit Shortlisted from the UK, EU, or any other region where consent is required, we show a cookie banner with three options: Accept all, Reject all (non-essential), and Cookie settings for granular control over Necessary, Analytics, and Marketing categories. Non-essential cookies are not set until you accept them. Your choice is stored locally for 12 months and can be changed at any time from the Cookie preferences link in the footer.

Cookies and storage we set

You can also control cookies through your browser settings. Disabling necessary cookies may prevent sign-in and other core features from working.

11. Email communications

We may send you service-related emails, such as account confirmations, password resets, payment notices, security alerts, and important product updates.

If you opt in to marketing emails, we may also send product announcements, tips, or promotional content. You can unsubscribe from marketing emails at any time by using the unsubscribe link or contacting us.

You may still receive transactional or service-related emails even if you opt out of marketing.

12. Data security

We use reasonable administrative, technical, and organizational measures to protect personal information.

However, no method of transmission or storage is completely secure. We cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account credentials and for reviewing any AI-generated content before using it in an application.

13. International users

Shortlisted may be operated from the United States or use service providers located in the United States and other countries.

If you access Shortlisted from outside the United States, your information may be transferred to, stored in, or processed in countries that may have different data protection laws than your country of residence.

14. Children’s privacy

Shortlisted is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

If we learn that we have collected personal information from a child under 13, we will take reasonable steps to delete it.

15. Third-party links

Shortlisted may contain links to third-party websites, job boards, payment processors, authentication providers, or other services.

We are not responsible for the privacy practices, content, or security of third-party services. You should review their privacy policies before providing information to them.

16. Accuracy of AI-generated content

Shortlisted uses AI to assist with resume and cover letter tailoring. AI-generated content may be incomplete, inaccurate, inappropriate, or unsuitable for a specific application.

You are responsible for reviewing, editing, and verifying all outputs before using them.

Shortlisted does not guarantee interviews, offers, employment outcomes, salary increases, or applicant tracking system performance.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

If we make material changes, we will take reasonable steps to notify users, such as updating the “Last updated” date, posting a notice in the service, or sending an email where appropriate.

Your continued use of Shortlisted after an updated Privacy Policy becomes effective means you accept the updated policy.

18. Contact us

If you have questions, requests, or concerns about this Privacy Policy, contact us at:

Nancy Chau
Trading as Shortlisted
Email: support@get-shortlisted.com

See also our Terms of Service and Refund Policy.