Privacy Policy
1. Introduction
Karmik is a job application, resume, cover letter, ATS scoring, and job search automation platform. Our services help users create resumes, generate tailored cover letters, analyse job descriptions, score resumes against applicant tracking systems, and, where enabled, automate parts of the job search and application process.
This Privacy Policy explains how Karmik collects, uses, stores, discloses, protects, and deletes personal information when you use our website, web app, ATS tools, desktop app, payment pages, support channels, and related services.
In this Privacy Policy, “Karmik”, “we”, “us”, or “our” means the operator of Karmik. “You” or “user” means any person who accesses or uses our services.
This policy is written for Australian users, but it may also apply to users outside Australia where they access our services.
2. Important summary
Karmik may collect information such as your name, email address, account details, resume/CV content, job history, education history, skills, job preferences, generated resumes, generated cover letters, ATS scores, job application data, usage logs, support messages, billing status, and technical data.
We use this information to provide the service, generate documents, analyse job descriptions, improve user experience, process subscriptions, provide support, prevent abuse, secure the platform, and comply with legal obligations.
We use third-party service providers such as Supabase, Stripe, Vercel, OpenAI or other AI model providers, email providers, analytics providers, and bot protection/security tools. These providers may process limited personal information on our behalf.
We do not intentionally sell your resume, job application data, or personal information to recruiters, advertisers, or data brokers.
We do not intentionally collect highly sensitive documents such as passports, driver licences, tax file numbers, medical records, bank statements, or government identity documents unless you voluntarily upload or include that information inside your resume, cover letter, profile, or messages.
You are responsible for checking the personal information you upload and for removing information you do not want processed by Karmik.
3. What personal information we collect
The information we collect depends on how you use Karmik.
3.1 Account information
When you create an account or sign in, we may collect:
- Full name
- Email address
- Password authentication data, handled through our authentication provider
- Login method, such as email/password or third-party login if enabled
- User ID
- Account creation date
- Subscription status
- Plan type, such as Free, Plus, Pro, or other plans
- Usage limits, credits, quotas, and generation history
- User preferences and onboarding information
We do not intentionally store your plain-text password.
3.2 Resume, CV, and career information
When you use our resume, cover letter, ATS, or automation tools, we may collect and process information you provide, including:
- Resume or CV files
- Resume text
- Cover letter text
- Job titles
- Work experience
- Education history
- Skills
- Certifications
- Projects
- Portfolio links
- LinkedIn or GitHub links, if you provide them
- Location or preferred work location
- Visa/work rights information, if you provide it
- Salary expectations, if you provide them
- Job preferences
- Career goals
- Availability
- Generated resumes
- Generated cover letters
- ATS scores and feedback
- Tailoring instructions
- Job application answers
- Job descriptions you upload or paste into the platform
Your resume may contain sensitive information if you choose to include it. For example, your resume or cover letter may reveal information about your nationality, visa status, health, memberships, or other personal circumstances. You should only upload information you are comfortable having processed by Karmik and its service providers.
3.3 Job application and automation information
If you use Karmik Desktop or any job automation feature, we may collect or process:
- Search keywords
- Job titles
- Job links
- Job descriptions
- Company names
- Job board data
- Application status
- Generated application documents
- Answers to screening questions
- Saved jobs
- Applied jobs
- Automation logs
- Error logs
- Browser automation status
- User approval or review actions
- Timestamps of automation actions
Where automation features are used, Karmik may assist with preparing or filling applications. You remain responsible for reviewing every application, document, answer, statement, and submission before it is sent.
3.4 Payment and subscription information
When you purchase a paid plan, payment processing is handled by Stripe or another payment provider. We may collect or receive:
- Customer ID
- Subscription ID
- Plan purchased
- Subscription status
- Payment status
- Billing email
- Invoice status
- Payment failure or cancellation status
- Current billing period
- Checkout session details
- Limited card metadata, such as card brand and last four digits, if provided by the payment processor
We do not intentionally store your full card number, CVV, or full payment credentials on our own servers. These are handled by the payment provider.
3.5 Support and communication information
When you contact us, we may collect:
- Name
- Email address
- Message content
- Screenshots or attachments you send
- Support history
- Feedback
- Bug reports
- Feature requests
- Social media or direct message communications, if you contact us that way
3.6 Technical, usage, and device information
When you use Karmik, we may automatically collect:
- IP address
- Browser type
- Device type
- Operating system
- Referring page
- Pages visited
- Session data
- Error logs
- App performance data
- Security logs
- Login timestamps
- Approximate location derived from IP address
- Cookie or local storage identifiers
- Usage analytics
- Feature usage data
- Generation counts
- Download events
- Subscription and checkout events
This helps us secure the service, debug issues, prevent abuse, improve performance, and understand how users interact with Karmik.
3.7 Cookies and similar technologies
We may use cookies, local storage, session storage, analytics scripts, and similar technologies to:
- Keep you signed in
- Remember preferences
- Measure website performance
- Understand product usage
- Detect suspicious activity
- Support checkout and subscription flows
- Improve the service
You can control cookies through your browser settings, but blocking certain cookies may affect the functionality of Karmik.
4. Information we do not intentionally collect
Unless you voluntarily provide it, we do not intentionally collect:
- Passport numbers
- Driver licence numbers
- Tax file numbers
- Medicare numbers
- Bank account details
- Medical records
- Criminal history documents
- Biometric data
- Children’s information
- Full payment card details
You should not upload these documents or details unless absolutely necessary for your own job application and you understand that they may be processed by Karmik and its service providers.
5. How we collect personal information
We collect personal information when:
- You create an account
- You complete onboarding
- You upload a resume or CV
- You paste or upload a job description
- You generate a resume, cover letter, ATS score, or application answer
- You use Karmik Desktop
- You save jobs or applications
- You purchase a subscription
- You contact support
- You interact with our website or app
- You connect third-party tools, if supported
- Our systems generate logs, analytics, or security events
We may also receive information from third-party providers such as payment processors, authentication providers, hosting providers, analytics providers, and security tools.
6. Why we collect and use personal information
We collect and use personal information to:
- Provide the Karmik service
- Create and manage user accounts
- Authenticate users
- Generate resumes, cover letters, application answers, and ATS feedback
- Analyse job descriptions
- Match user information to job requirements
- Save user documents and preferences
- Provide job search and automation features
- Track usage limits and subscription entitlements
- Process payments and subscriptions
- Provide customer support
- Improve the product
- Fix bugs and technical issues
- Prevent fraud, spam, scraping, abuse, and unauthorised access
- Protect our systems and users
- Comply with legal obligations
- Enforce our Terms of Use
- Communicate important product, billing, security, or legal updates
7. AI processing
Karmik uses artificial intelligence and language model technology to provide features such as:
- Cover letter generation
- Resume generation
- Resume tailoring
- ATS scoring
- Job description analysis
- Application question assistance
- Career document improvement
- Automation support
- Text rewriting and formatting
To provide these features, we may send relevant user-provided information to AI service providers. This may include resume text, job descriptions, cover letter instructions, generated content, application answers, and related context.
We try to send only the information reasonably required to provide the requested feature. However, because resumes and job documents often contain personal information, you should assume that information you provide for AI generation may be processed by our AI providers.
AI outputs may be inaccurate, incomplete, repetitive, or unsuitable. You are responsible for reviewing, editing, and approving any AI-generated content before using it.
We do not represent that AI-generated resumes, cover letters, ATS scores, or application answers are guaranteed to secure interviews, employment, visa outcomes, recruiter responses, or job offers.
8. Automated decision-making
Karmik may use automated systems to:
- Generate cover letters
- Score resumes against job descriptions
- Suggest improvements
- Analyse job descriptions
- Recommend content
- Detect abuse or suspicious usage
- Enforce usage limits
- Assist automation workflows
These systems may influence the content and recommendations shown to you. However, Karmik does not make final hiring decisions, employment decisions, visa decisions, credit decisions, or legal decisions about you.
Employers, recruiters, job platforms, and other third parties make their own decisions independently.
9. Third-party service providers
We use third-party providers to operate Karmik. These may include:
9.1 Hosting and infrastructure
We may use providers such as Vercel, Supabase, cloud hosting providers, storage providers, and database providers to host the website, app, backend, files, and database.
9.2 Authentication and database
We may use Supabase or similar providers for:
- User authentication
- Database storage
- File storage
- Security rules
- Serverless functions
- User session management
9.3 Payments
We use Stripe or similar payment processors to handle checkout, subscriptions, invoices, payment status, and billing events.
9.4 AI providers
We may use OpenAI or other AI providers to generate or analyse content.
9.5 Email and support
We may use email providers and support tools to send transactional emails, respond to enquiries, and manage support requests.
9.6 Security and bot protection
We may use Cloudflare Turnstile, reCAPTCHA, rate-limiting, monitoring, or other security tools to detect bots, abuse, fraud, spam, and suspicious activity.
9.7 Analytics and product improvement
We may use privacy-conscious analytics or product analytics tools to understand website traffic, feature usage, performance, and errors.
These third parties may process personal information only as reasonably necessary to provide their services to us, comply with legal obligations, protect their systems, or as otherwise described in their own terms and privacy policies.
10. Overseas disclosure
Some of our service providers may store or process information outside Australia, including in countries such as the United States, Singapore, the European Union, or other regions depending on the provider’s infrastructure.
By using Karmik, you understand that your personal information may be processed or stored outside Australia where our providers operate.
We take reasonable steps to use reputable providers and protect user information, but privacy and data protection laws in other countries may differ from Australian laws.
11. Data storage and security
We take reasonable technical and organisational steps to protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure.
These steps may include:
- Authentication controls
- Row-level security where supported
- Access controls
- Encrypted connections
- Secure cloud infrastructure
- Environment variable protection
- Limited access to production systems
- Logging and monitoring
- Bot protection
- Rate limiting
- Secure payment processing through third-party providers
- Separation of payment data from application data
- Regular review of security settings where practical
However, no online service is completely secure. We cannot guarantee that personal information will always be completely secure.
You are responsible for keeping your login credentials safe and for notifying us if you suspect unauthorised access to your account.
12. Data retention
We keep personal information for as long as reasonably necessary to provide the service, comply with legal obligations, resolve disputes, enforce agreements, prevent abuse, and maintain business records.
Indicative retention periods may include:
| Information type | Typical retention approach |
|---|---|
| Account information | Kept while your account is active and for a reasonable period after deletion |
| Resume and cover letter data | Kept while your account is active unless deleted or replaced |
| Generated documents | Kept while your account is active unless deleted |
| Payment and subscription records | Kept as required for accounting, tax, fraud prevention, and legal compliance |
| Support messages | Kept for support history and dispute resolution |
| Security logs | Kept for a limited period where practical |
| Analytics data | Kept in aggregated or limited form where practical |
| Deleted account data | Deleted or de-identified within a reasonable period unless retention is required |
We may retain de-identified, aggregated, or anonymised information for analytics, product improvement, or business purposes.
13. Account deletion and data deletion
You may request deletion of your account or personal information by contacting help@karmik.ai.
When you request deletion, we will take reasonable steps to delete or de-identify personal information associated with your account, unless we need to retain it for legal, accounting, security, fraud prevention, dispute resolution, or legitimate business purposes.
Deletion may not immediately remove:
- Backups
- Logs
- Payment records
- Records required for tax/accounting
- Information already sent to third-party providers
- Information contained in emails or support tickets
- Data we must retain to prevent abuse or enforce legal rights
14. Access and correction
You may request access to personal information we hold about you.
You may also request correction of personal information that is inaccurate, outdated, incomplete, irrelevant, or misleading.
To make a request, contact help@karmik.ai.
We may need to verify your identity before responding. We will respond within a reasonable period.
15. Marketing communications
We may send you service-related emails, such as:
- Account emails
- Security emails
- Subscription emails
- Payment emails
- Product updates
- Important legal notices
- Support responses
We may also send marketing emails if permitted by law. You can unsubscribe from marketing emails where an unsubscribe option is provided. You may still receive transactional or service-related messages.
16. Children
Karmik is not intended for children under 16. We do not knowingly collect personal information from children under 16.
If you believe a child has provided personal information to Karmik, contact us and we will take reasonable steps to delete it.
17. User responsibility for uploaded content
You are responsible for the information you upload, paste, generate, or submit through Karmik.
You should not upload:
- Another person’s personal information without permission
- False employment history
- Misleading qualifications
- Confidential employer information
- Illegal content
- Highly sensitive identity documents unless necessary
- Content that breaches a job platform’s terms
- Content that you are not authorised to use
You are responsible for reviewing all generated content before using it.
18. Data breach response
If we become aware of a data breach involving personal information, we will assess the issue and take reasonable steps to contain and remediate it.
Where required by law, we will notify affected users and relevant regulators.
19. Links to third-party websites
Karmik may link to third-party websites, job boards, employer websites, payment pages, authentication providers, or external resources.
We are not responsible for the privacy practices, content, security, or terms of third-party websites. You should review their privacy policies before using them.
20. Changes to this Privacy Policy
We may update this Privacy Policy from time to time.
If we make material changes, we may notify users by email, in-app notice, website notice, or another reasonable method.
The updated version will apply from the date stated at the top of the policy.
21. Complaints
If you have a privacy complaint, contact us first at help@karmik.ai.
Please include your name, email address, description of the issue, and any relevant details.
We will review your complaint and respond within a reasonable period.
If you are not satisfied with our response and Australian privacy law applies, you may contact the Office of the Australian Information Commissioner.
22. Contact
For privacy questions, access requests, correction requests, deletion requests, or complaints, contact:
Karmik
Email: help@karmik.ai
Website: Karmik
See also: Terms of Use