OpenView
OpenViewRole decision workflow

Privacy Policy

Last updated: February 17, 2026

1. Scope

This policy applies to the OpenView website, extension, and related API services. By using the service, you confirm that you have read and accepted this policy and the Terms of Service.

2. Data We Collect

We collect only the data required to provide the service, and we aim to minimize processing of sensitive information.

  • Account data: email, user identifiers, sign-in sessions, and security logs.
  • Content data: job descriptions (JDs), resume text, and uploaded file metadata.
  • Product data: analysis outputs, match scores, reports, history, and operation timestamps.
  • Billing data: plan status, credit balance, payment events, and invoice status.
  • Technical data: device/browser details, IP, error logs, and anti-abuse telemetry.

3. JD Collection, Storage, and Analysis

When you submit a JD, the system performs structured extraction, deduplication, scoring, and report generation. For performance and abuse controls, we may store JD text, structured fields, hashes, and processing status.

  • Normalized content hashes may be used to detect duplicates and avoid duplicate quota charges.
  • The platform may use de-identified and aggregated JD data for quality improvements and statistical insights.

4. Resume Upload and Analysis

After resume upload, the system parses text for match analysis, keyword coverage, gap detection, rewrite suggestions, and tailored outputs. This is automated text analysis and does not constitute hiring decisions.

  • Do not include unnecessary sensitive personal information in resumes (for example, full ID or card numbers).
  • You may update, replace, or request deletion of resume content via account features.

5. Purposes and Legal Bases

We process data under the following legal bases: contract performance (service delivery), legitimate interests (security and anti-abuse), legal obligations, and consent where required.

6. Regional Compliance and Data Subject Rights

Where applicable, we align with the Hong Kong Personal Data (Privacy) Ordinance (PDPO) and other data protection laws (such as GDPR/UK GDPR and CCPA/CPRA).

  • You may request access, correction, deletion, restriction, or portability where legally available.
  • You may object to certain processing or withdraw consent (without affecting prior lawful processing).

7. Sharing and Processors

We do not sell your personal data. We share data only when necessary with service providers (for example, Supabase, Stripe, cloud, and logging infrastructure) for authentication, payments, storage, operations, and security.

8. Security Measures

We apply transport encryption, access controls, audit logging, rate limits, and abuse detection to reduce risks. However, no internet transmission or storage can be guaranteed as absolutely secure.

9. Retention and Deletion

We retain data based on operational, anti-abuse, and legal requirements. Data is deleted, de-identified, or anonymized when no longer required.

10. Cookies and Local Storage

We use essential cookies and local storage to maintain sign-in state, language preference, and core session functionality.

11. International Data Transfers

Because infrastructure may operate across jurisdictions, your data may be transferred internationally. We apply contractual and technical safeguards as required by applicable law.

12. Minors

This service is intended for users with legal capacity. If you believe a minor has submitted personal data without authorization, contact us for review and deletion handling.

13. Policy Updates

We may update this policy due to product, regulatory, or security requirements. Material changes will be announced through in-product notices or updated effective dates.

14. Contact

To exercise data rights or ask privacy-related questions, contact support@openview.works.