Privacy Policy — Carry | How We Protect Your Data

1. Information We Collect

Account & Identity Information

When you create a Carry account we collect your name, email address, and a hashed password. During onboarding you tell us your current job situation (employed, actively searching, or transitioning careers), which helps us tailor the product experience.

Career Profile & History

To power our AI tools, you may provide detailed career information including:

Current and past job titles, employers, dates of employment, and key responsibilities
Target role, target industry, and reasons for your career transition
Skills — both existing and gaps identified through the Skills Gap Analyzer
Career path analysis results and advisor recommendations
Salary expectations and market data queries (role, location, experience level)
Educational background and certifications

This information is stored in your account profile and used to pre-fill and personalise all AI tools. You can review and update it at any time in your account settings.

Resume & Generated Documents

When you use the Resume Builder, Cover Letter Generator, or LinkedIn Optimizer, the inputs you provide and the outputs we generate are stored in your account. This includes:

Uploaded resume text and manually entered work history or accomplishments
AI-generated resume drafts and their revision history
Generated cover letters and the job postings they were tailored to
LinkedIn profile optimisation suggestions and before/after comparisons
Interview preparation questions and your practice responses

Job Search Activity

If you use Carry’s Carry Pilot feature (Launch or Pro plan), we collect data about the automated job search activity conducted on your behalf:

Job postings matched and applied to, including company name, role title, and application date
Application status and outcome tracking (submitted, interviewing, offer, rejected)
Match scores and the criteria used to accept or skip each posting
Your Carry Pilot configuration: target role, match threshold, preferred job boards, salary minimum
Interview scheduling information you enter into the tracker

This data is visible in your Carry Pilot. It is not shared with employers or job boards beyond what is required to submit your application.

Usage & Analytics Data

We collect information about how you use Carry to understand what is working and improve the product. This includes which tools you use, completion rates, upgrade flow interactions, and general navigation patterns. We use PostHog for analytics collection. Events are tied to your account identifier but no career content is included in analytics payloads.

We also collect technical data automatically: IP address, browser type, device type, operating system, and session timestamps.

Payment Information

We collect billing information necessary to process your subscription. See Section 5 for how card, ACH, and crypto payments are each handled.

Support Communications

If you contact us via the support form, email, or in-app chat, we retain records of that correspondence to resolve your issue and improve support quality.

GDPR Consent Record

When you create an account, we record your consent to this Privacy Policy and our Terms of Service, including the date and version number at the time of consent. This record is retained for the duration of your account and for 3 years after closure.

2. How We Use Your Information

We use the information we collect for the following purposes:

Delivering the service: Running AI tools, generating documents, executing Carry Pilot job applications, and maintaining your Carry Pilot
Cross-tool personalisation: Pre-filling information across tools so career path insights flow into your resume, cover letters, and interview prep without re-entry
Subscription management: Processing payments, managing plan changes, sending billing receipts, and handling renewals
Product communications: Trial expiration reminders, billing notices, feature announcements, and re-engagement emails (you can opt out of marketing emails at any time)
Product improvement: Understanding feature usage, identifying friction, and improving AI output quality
Security & fraud prevention: Detecting abuse, protecting accounts, and monitoring for API misuse
Legal compliance: Meeting obligations under applicable law

We do not use your career data or resume content to train AI models. Your content is processed to deliver results to you only. We do not build advertising profiles. We do not sell data.

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area or United Kingdom, we process your personal data under the following legal bases as required by GDPR Article 13(1)(c):

GDPR legal basis for data processing by purpose
Processing Purpose	Legal Basis
Creating and managing your account	Performance of a contract — Art. 6(1)(b)
Delivering AI tools and generating documents	Performance of a contract — Art. 6(1)(b)
Running Carry Pilot job applications on your behalf	Performance of a contract — Art. 6(1)(b)
Processing subscription payments	Performance of a contract — Art. 6(1)(b)
Sending transactional emails (billing, trial notices)	Performance of a contract — Art. 6(1)(b)
Product analytics and usage improvement	Legitimate interests — Art. 6(1)(f): understanding how the product is used to improve it
Security, fraud prevention, abuse monitoring	Legitimate interests — Art. 6(1)(f): protecting our service and users
Marketing and re-engagement emails	Consent — Art. 6(1)(a): you can withdraw at any time
Retaining billing records	Legal obligation — Art. 6(1)(c): financial regulation

Where we rely on legitimate interests, we have assessed that our interests are not overridden by your rights. You have the right to object to processing based on legitimate interests — see Section 9.

4. AI Processing

Carry’s AI tools are powered by the Anthropic API (Claude models). When you run an AI tool — Career Path Advisor, Skills Gap Analyzer, Resume Builder, Cover Letter Generator, Interview Prep, LinkedIn Optimizer, or Pro Assistant — the relevant portions of your profile and career content are transmitted to Anthropic’s servers to generate a response.

      What is sent to Anthropic: The specific career information required for the tool you are using (e.g., work history and target role for Resume Builder; the job description and your experience for Cover Letter Generator). Your payment information, account credentials, and subscription data are never included in AI prompts.
    

All AI requests route through a secure backend proxy hosted by Carry. No Anthropic API credentials are exposed in the browser. Requests are rate-limited to prevent misuse.

Anthropic’s API terms prohibit using API inputs and outputs from paying customers to train models. Your content is not used to train AI. Anthropic’s own privacy practices are governed by their policy at anthropic.com/privacy.

We do not retain logs of raw AI prompts or responses beyond your active session. Generated outputs (resume drafts, cover letters) are stored in your account as described in Section 1.

5. Payment Processing

Card Payments (Stripe)

Credit and debit card payments are processed by Stripe, Inc. Your card number, CVV, and billing address are entered directly into Stripe’s secure fields and never touch Carry’s servers. We receive only a payment token, the last four digits of your card, and billing postal code for display and fraud-screening purposes.

ACH Bank Transfers (Plaid)

ACH payment setup is handled by Plaid, Inc. Your banking credentials are entered in Plaid’s authenticated interface and are not accessible to Carry. We receive only the account token necessary to initiate recurring debits.

Cryptocurrency

For manual crypto payments (BTC, ETH, SOL, XRP, XMR, LTC, AVAX), Carry provides a wallet address and you initiate the transfer independently from your own wallet. For USDC auto-pay, you authorise an ERC-20 approve() transaction that permits Carry to pull the subscription amount on each billing date. No private keys or seed phrases are ever requested or stored by Carry.

Billing Records

We retain records of transactions (amount, date, plan, last four digits of card) for 7 years to comply with financial and tax regulations. These records are stored separately from your career data and are not deleted when you close your account.

6. Information We Share

We do not sell your personal information. We do not share your data with third parties for their marketing purposes. We share information only with the following service providers, each bound by confidentiality obligations and permitted to use your data only to provide services to Carry:

Third-party service providers and their data processing purposes
Provider	Purpose	Data Shared
Anthropic	AI tool processing	Career profile content relevant to each tool request
Stripe	Card payment processing	Card details (entered directly into Stripe, never touch Carry servers)
Plaid	ACH bank transfer setup	Banking credentials (entered directly into Plaid)
PostHog	Product analytics	Anonymised usage events, account identifier, plan type
Vercel	Hosting and serverless infrastructure	All data transiting the application (encrypted in transit via TLS)
HubSpot	Email communications and CRM	Name, email address, plan type, lifecycle stage

We also disclose data in the following circumstances:

Legal requirements: When required by law, court order, or regulatory request, or to protect the rights and safety of Carry and its users
Business transfers: If Carry is acquired or merges with another entity, your data may be transferred as part of that transaction. We will notify you at least 30 days in advance and you will have the option to delete your account before the transfer takes effect
With your consent: In any other circumstance, only with your explicit permission

7. International Data Transfers

Carry is operated primarily from the United States, and all of our service providers (Anthropic, Stripe, Plaid, PostHog, Vercel, HubSpot) are U.S.-based companies. If you are located in the European Economic Area, United Kingdom, or Switzerland, your personal data will be transferred to and processed in the United States.

We rely on the following mechanisms to ensure your data receives appropriate protection:

Standard Contractual Clauses (SCCs): For transfers to our U.S. service providers, we rely on the European Commission’s approved Standard Contractual Clauses where required
Adequacy decisions: Where the European Commission has issued an adequacy decision for a country or transfer framework, we rely on that decision
Provider-specific frameworks: Where applicable, providers who participate in the EU–U.S. Data Privacy Framework

You may request a copy of the transfer safeguards we apply by contacting us at privacy@carryapp.io.

8. Data Retention

We retain different categories of data for different periods based on the purpose for which they were collected:

Data retention periods by category
Data Category	Retention Period
Account identity (name, email)	Active account + 90 days, then permanently deleted
Career profile and work history	Active account + 90 days, then permanently deleted
Generated documents (resumes, cover letters)	Active account + 90 days, then permanently deleted
Job search activity and Carry Pilot logs	Active account + 90 days, then permanently deleted
AI prompt and response logs	Not retained — processed in real time, not stored by Carry
Billing records and invoices	7 years (financial and tax regulation)
Support correspondence	3 years from last interaction
GDPR consent records	Active account + 3 years, then permanently deleted
Anonymised analytics data	Indefinite (cannot be re-linked to any individual)

The 90-day grace period after account closure lets you reactivate and recover your data. After that window, deletion is permanent and irreversible. You may request immediate deletion at any time — see Section 9.

9. Your Rights & Choices

Depending on your location, you have the following rights regarding your personal data:

Access (Art. 15 GDPR): Request a copy of all personal data we hold about you, including the categories collected, processing purposes, and recipients
Rectification (Art. 16): Correct inaccurate or incomplete information via your account settings or by contacting us
Erasure (Art. 17): Request permanent deletion of your account and all associated data. Billing records subject to legal retention are excluded
Portability (Art. 20): Export your profile, resume content, generated documents, and application history in a machine-readable format (JSON or PDF)
Restriction (Art. 18): Request that we limit processing of your data while a dispute is being resolved
Objection (Art. 21): Object to processing based on legitimate interests (analytics, product improvement). We will stop unless we can demonstrate compelling legitimate grounds that override your interests
Withdraw consent: Where we process on the basis of consent (marketing emails), you may withdraw at any time via the unsubscribe link in any email or in account settings. Withdrawal does not affect the lawfulness of processing before withdrawal

To exercise any of these rights, visit your account settings or contact us at privacy@carryapp.io. We will respond within 30 days (one calendar month as required by GDPR Art. 12).

EEA & UK users — right to lodge a complaint: If you believe we have not adequately addressed a privacy concern, you have the right to complain to your local supervisory authority. In the UK: the Information Commissioner’s Office (ICO) at ico.org.uk. In Ireland: the Data Protection Commission (DPC) at dataprotection.ie. In Germany: your relevant Landesbehörde. We would appreciate the opportunity to address any concern directly before you escalate.

10. Automated Processing

Carry’s Carry Pilot feature (Launch and Pro plans) uses automated processing to apply to jobs on your behalf. When Carry Pilot is running, our system:

Discovers job postings matching your target role and criteria across connected job boards
Scores each posting against your profile using a match algorithm (you set the threshold, 75–99%)
Submits applications on your behalf to postings that meet your threshold, using your profile data

This constitutes automated decision-making under GDPR Article 22. However, these decisions do not produce legal or similarly significant effects on you — they are job applications made on your behalf at your direction and under your explicit configuration. You can pause or stop Carry Pilot at any time, review all submitted applications in the tracker, and withdraw from any application by contacting the employer directly.

Carry does not make solely automated decisions about you — your creditworthiness, employment eligibility, or other significant matters — without human oversight.

11. Cookies & Tracking

Carry uses minimal browser storage and one analytics tool. Specifically:

Strictly necessary localStorage (cannot be disabled):
- carry_session_v1 — your login session (name, email, plan)
- carry_sub_v1 — subscription state (plan, billing dates, payment method)
- carry_referral_v1 — your referral code, if you use the referral programme
PostHog analytics: We use PostHog to collect product usage data. PostHog may set cookies or use local storage to track sessions and identify returning users. Events captured include tool usage, upgrade flow interactions, and account lifecycle milestones. No career content is included in analytics events — only account identifiers and plan types. You may opt out of analytics by contacting privacy@carryapp.io.

We do not use advertising cookies, third-party tracking pixels, or behavioural targeting. We do not participate in ad networks.

12. Security

Security measures in place include:

TLS encryption for all data in transit between your browser and our servers
Server-side API credential management — AI provider keys are stored as server environment variables and never exposed to the browser
Hashed passwords — we do not store plaintext passwords at any stage
Rate limiting on all AI API endpoints to prevent abuse
Access controls limiting which team members can access production data

No method of transmission or storage is 100% secure. In the event of a data breach affecting your personal data, we will notify you and relevant supervisory authorities promptly and within the timeframes required by applicable law (72 hours under GDPR where required).

You are responsible for keeping your account credentials confidential. Do not share your password.

13. Children’s Privacy

Carry is a professional job-search tool intended for users who are at least 18 years old. We do not knowingly collect personal information from children under 16 (or under 13 in jurisdictions where that is the applicable threshold). If we become aware that a minor has provided us with personal information, we will delete it promptly. If you believe a minor has created an account, contact us at privacy@carryapp.io.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and display a notice in the app at least 14 days before the changes take effect. The updated policy will be posted at this URL with a revised “last updated” date.

Continued use of Carry after the effective date of a material change constitutes acceptance of the updated policy. If you do not accept the changes, you may close your account before they take effect.

15. Contact Us & Data Controller

The data controller responsible for your personal data is:

Entity: Carry, Inc.
Email: privacy@carryapp.io
Support form: carryapp.io/contact
Mailing address: [To be updated before launch]

We do not currently have a designated Data Protection Officer (DPO). Privacy inquiries should be sent to the email above. We aim to respond to all privacy requests within 30 days.