Skip to content

Privacy Policy

Last updated: 10 April 2026

1. Who We Are

Talent Risk (“we”, “us”, “our”) operates the website www.talentrisk.com. We are committed to protecting your personal data and respecting your privacy.

Data protection contact: privacy@talentrisk.com

2. What Data We Collect

We collect and process the following personal data:

  • Account data: Name, email address, password (hashed)
  • Career profile: Job title, employer, industry, seniority level, salary, location, skills, years of experience
  • CV data: Uploaded CV files and parsed content
  • Usage data: Job offer checks, monthly update results, career recovery data
  • Payment data: Stripe customer ID, subscription status, payment history (card details are held by Stripe, not by us)
  • Technical data: IP address, browser type, device information via cookies and analytics

3. How We Use Your Data

We use your personal data to:

  • Provide and manage your Talent Risk account
  • Generate personalised Job Offer Checks using AI analysis
  • Produce monthly update intelligence snapshots
  • Process payments and manage subscriptions via Stripe
  • Send transactional emails (welcome, report ready, subscription updates)
  • Improve our services and develop new features

4. Legal Basis for Processing

We process your data under the following lawful bases (UK GDPR):

  • Contract: Processing necessary to provide our services to you
  • Consent: Where you have given explicit consent (e.g. marketing emails)
  • Legitimate interest: Improving our services, preventing fraud

5. AI Processing

We use AI services to generate career analysis and reports. Our primary AI provider is Google (Gemini). We also maintain connections to Anthropic (Claude) and OpenAI as backup providers in case of service disruption. Your career profile data and CV content may be sent to these providers for processing. This data is used solely for generating your personalised reports and is not used to train AI models.

We also use automated profiling to generate advisory outputs such as career health scores and risk indicators. These outputs are designed to support your decisions. They are not used to make decisions that produce legal or similarly significant effects without human involvement.

6. Data Sharing

We share your data with the following third-party processors:

  • Supabase: Database hosting and authentication
  • Stripe: Payment processing
  • Google: AI analysis and report generation (primary provider)
  • Anthropic: AI analysis and report generation (backup provider)
  • OpenAI: AI analysis and report generation (backup provider)
  • Tavily: Web search enrichment for employer and market context
  • Resend: Transactional email delivery
  • Vercel: Website hosting
  • Sentry: Error monitoring
  • PostHog: Privacy-respecting analytics (EU data processing, consent required)

We do not sell your personal data to any third party.

7. International Transfers

Some providers may process personal data outside the UK. Where this happens, we rely on appropriate safeguards such as contractual protections and provider security commitments.

8. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it by law.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure of your data
  • Restrict processing
  • Data portability
  • Object to processing

To exercise any of these rights, contact us at privacy@talentrisk.com.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk.

10. Cookies & Analytics

We use the following types of cookies:

  • Essential cookies: Required for authentication and session management. These cannot be disabled as they are necessary for the site to function.
  • Analytics cookies: We use PostHog for privacy-respecting analytics to understand how our service is used and to improve it. PostHog data is processed in the EU (Frankfurt). Analytics cookies are only set after you give explicit consent via our cookie banner or in your Privacy settings.

We respect the Do-Not-Track (DNT) browser signal. If your browser sends DNT, analytics are automatically disabled without showing a consent banner.

You can change your cookie preference at any time by visiting your Settings → Privacy page while logged in.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or an in-app notice.

12. Contact

For privacy-related queries, contact us at: privacy@talentrisk.com

For a plain-language summary of platform protections, see our Security page.