Skip to content
TalentRisk

Privacy Policy

Last updated: 7 March 2026

1. Who We Are

TalentRisk (“we”, “us”, “our”) operates the website www.talentrisk.com. We are committed to protecting your personal data and respecting your privacy.

2. What Data We Collect

We collect and process the following personal data:

  • Account data: Name, email address, password (hashed)
  • Career profile: Job title, employer, industry, seniority level, salary, location, skills, years of experience
  • CV data: Uploaded CV files and parsed content
  • Usage data: Job offer checks, monthly check-up results, career recovery data
  • Payment data: Stripe customer ID, subscription status, payment history (card details are held by Stripe, not by us)
  • Technical data: IP address, browser type, device information via cookies and analytics

3. How We Use Your Data

We use your personal data to:

  • Provide and manage your TalentRisk account
  • Generate personalised Job Offer Checks using AI analysis
  • Produce monthly check-up intelligence snapshots
  • Deliver Career Recovery including CV analysis, market briefings, and partner introductions
  • Process payments and manage subscriptions via Stripe
  • Send transactional emails (welcome, report ready, subscription updates)
  • Improve our services and develop new features

4. Legal Basis for Processing

We process your data under the following lawful bases (UK GDPR):

  • Contract: Processing necessary to provide our services to you
  • Consent: Where you have given explicit consent (e.g. marketing emails)
  • Legitimate interest: Improving our services, preventing fraud

5. AI Processing

We use AI services (Anthropic Claude) to generate career analysis and reports. Your career profile data and CV content may be sent to AI providers for processing. This data is used solely for generating your personalised reports and is not used to train AI models.

6. Data Sharing

We share your data with the following third-party processors:

  • Supabase — Database hosting and authentication
  • Stripe — Payment processing
  • Anthropic — AI report generation
  • Resend — Transactional email delivery
  • Vercel — Website hosting
  • Sentry — Error monitoring
  • PostHog — Privacy-respecting analytics (EU data processing, consent required)

We do not sell your personal data to any third party.

7. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it by law.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure of your data
  • Restrict processing
  • Data portability
  • Object to processing

To exercise any of these rights, contact us at privacy@talentrisk.com.

9. Cookies & Analytics

We use the following types of cookies:

  • Essential cookies: Required for authentication and session management. These cannot be disabled as they are necessary for the site to function.
  • Analytics cookies: We use PostHog for privacy-respecting analytics to understand how our service is used and to improve it. PostHog data is processed in the EU (Frankfurt). Analytics cookies are only set after you give explicit consent via our cookie banner or in your Privacy settings.

We respect the Do-Not-Track (DNT) browser signal. If your browser sends DNT, analytics are automatically disabled without showing a consent banner.

You can change your cookie preference at any time by visiting your Settings → Privacy page while logged in.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or an in-app notice.

11. Contact

For privacy-related queries, contact us at: privacy@talentrisk.com