Privacy Policy

1. Overview

bothsidez ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the bothsidez platform at bothsidez.com.

By using the Service, you agree to the collection and use of information in accordance with this policy. This policy applies to all users of the Service, including job seekers, company administrators, and hiring managers.

2. Information We Collect

Information you provide directly

• Account information: Name, email address, password, and role (job seeker or employer)
• Profile information: Resume, work history, skills, education, job preferences, and professional headline
• Contact information: Phone number (collected for verification and optional SMS notifications)
• Company information: Company name, description, size, industry, and job listings
• Communications: Messages, support requests, and feedback you send us

Information collected automatically

• Usage data: Pages visited, features used, job views, swipe interactions, and time spent on the platform
• Device information: Browser type, operating system, IP address, and device identifiers
• Log data: Server logs including access times, error logs, and API requests

Information from third parties

• Authentication providers: If you sign in with Google, we receive your name, email, and profile photo from Google
• Payment processors: Stripe provides us with transaction confirmations and billing status; we do not store your full card details

3. How We Use Your Information

We use the information we collect to:

• Create and manage your account
• Provide AI-powered job matching and candidate scoring
• Facilitate the hiring workflow between job seekers and companies
• Send transactional emails and SMS notifications related to your account activity
• Verify your phone number for account security
• Process payments and manage billing
• Improve the accuracy and fairness of our matching algorithms
• Detect fraud, abuse, and violations of our Terms of Service
• Respond to your support requests and communications
• Comply with legal obligations

We do not sell your personal information to third parties for advertising purposes.

4. SMS and Phone Data

Phone number collection

Your phone number is collected when you add it to your account profile. It is used exclusively for:

• Verification OTPs: A one-time 6-digit code sent to confirm your phone number belongs to you. This is required to enable phone-based features on your account.
• Transactional notifications: SMS alerts about interviews, job offers, and application updates — only when you have explicitly opted in via your account settings.

SMS opt-in and opt-out

Transactional SMS notifications require explicit opt-in. You may enable or disable SMS notifications at any time in your account settings under Profile → Notifications.

To opt out of all SMS messages, reply STOP to any message we send. To request help, reply HELP. Standard message and data rates from your carrier may apply.

Phone number storage and security

Phone numbers are stored in encrypted form and are never shared with third parties for marketing or advertising purposes. SMS messages are delivered via AWS Simple Notification Service (SNS). We retain phone verification records for security and fraud prevention purposes.

5. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

With other users on the platform

• Job seeker profiles (resume, skills, headline) are shared with companies whose job listings you match with or apply to, subject to confidentiality settings you control
• Company information is shared with job seekers who match with their listings, subject to their chosen confidentiality level

With service providers

• AWS (Amazon Web Services): Cloud hosting, file storage (S3), email delivery (SES), and SMS delivery (SNS)
• Stripe: Payment processing and subscription billing
• Sentry: Error monitoring and performance tracking
• Anthropic / OpenAI: Resume parsing and AI-assisted profile extraction (processed transiently; not stored by these providers beyond the API call)

For legal reasons

We may disclose your information if required by law, court order, or government authority, or if we believe disclosure is necessary to protect the rights, property, or safety of bothsidez, our users, or the public.

Business transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you before your information is subject to a different privacy policy.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal information within 90 days, except where we are required to retain it for legal, tax, or audit purposes.

Application history and placement records may be retained for up to 7 years for business and legal compliance purposes. Email and SMS logs are retained for up to 2 years.

7. Security

We implement industry-standard security measures to protect your information, including:

• Encryption in transit (TLS) and at rest
• Hashed passwords using bcrypt with per-user salts
• Two-factor authentication (TOTP) available for all accounts and required for administrative accounts
• Phone OTPs hashed with SHA-256 before storage
• Role-based access controls limiting data access to authorized personnel
• Audit logging of all sensitive administrative actions

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

8. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Update or correct inaccurate information via your account settings or by contacting us
• Deletion: Request deletion of your account and personal information
• Portability: Request your data in a machine-readable format
• Opt-out of SMS: Reply STOP to any SMS or disable SMS notifications in account settings
• Opt-out of marketing emails: Use the unsubscribe link in any marketing email

To exercise any of these rights, contact us at privacy@bothsidez.com. We will respond within 30 days.

9. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a prominent notice on the Service prior to the change taking effect. Your continued use of the Service after changes become effective constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

• Email: privacy@bothsidez.com
• Support: support@bothsidez.com
• Website: bothsidez.com