RRewriteHire
Rewrite my resume β†’

// legal

Privacy Policy

Effective date: April 19, 2026

This Privacy Policy describes how Ladder of Life Pte. Ltd., a private company limited by shares incorporated in Singapore (β€œCompany, ” β€œwe,” β€œus, ” or β€œour”), collects, uses, discloses, retains, and protects personal information when you use the RewriteHire website and related services (the β€œService”).

By using the Service you agree to the practices described here and to our Terms of Service. If you do not agree, please do not use the Service.

1. Information We Collect

We collect the categories of information described below. The specific information we collect depends on how you interact with the Service.

  • Account information. When you sign up, we collect your email address, hashed password (or OAuth identifier if you sign in with Google), and account metadata such as creation date and authentication events.
  • Resume & job-search content. Anything you paste, upload, or type into the Service β€” including your resume text, target job descriptions, job titles, and any AI outputs we generate for you (rewritten resumes, ATS scores, keyword analyses, LinkedIn About sections, cover letters).
  • Payment information. When you make a purchase, payment details (card number, billing address, etc.) are collected and processed directly by our payment processor, Stripe, Inc. We do not see or store your full card number. We retain limited payment metadata such as your Stripe customer ID, the plan purchased, the amount, and the transaction date.
  • Usage & technical data. Standard log information including IP address, browser type, device type, operating system, referring URLs, pages viewed, timestamps, feature usage, and error reports.
  • Cookies & similar technologies. We use a small number of strictly necessary cookies (e.g., for authentication sessions) and may use analytics cookies. See section 7.
  • Communications. If you contact us by email or support form, we keep a record of the correspondence.

Sensitive data. Please do not submit special-category personal data (such as government identifiers, health information, religious beliefs, or financial-account numbers) into the Service. Resume content sometimes incidentally includes information that may be sensitive in your jurisdiction β€” you submit such content at your own discretion and on the understanding that it will be processed by AI systems as described below.

2. How We Use Your Information

We process your personal information to:

  • provide, operate, maintain, and improve the Service;
  • generate AI rewrites, ATS scores, and related outputs in response to your requests;
  • authenticate you, manage your account, and enforce usage limits tied to your plan;
  • process payments, prevent fraud, manage chargebacks, and meet tax and accounting obligations;
  • send transactional communications (receipts, security alerts, service updates) and, where permitted, occasional product announcements;
  • monitor performance, debug, secure the Service, and prevent abuse;
  • comply with applicable law and respond to lawful requests from public authorities;
  • defend or assert legal rights and resolve disputes.

We do not use your resume content to train any AI model β€” ours or a third party’s β€” beyond the immediate processing required to return your output.

3. Legal Bases for Processing

Where the laws of the European Economic Area, the United Kingdom, or other jurisdictions with similar frameworks apply, we rely on the following legal bases:

  • Performance of a contract β€” to deliver the Service you request and to process payments;
  • Legitimate interests β€” to operate, secure, and improve the Service, communicate with you, and prevent fraud, balanced against your rights;
  • Consent β€” for optional analytics or marketing where required by law (you can withdraw consent at any time);
  • Legal obligation β€” to meet tax, accounting, anti-money-laundering, or other regulatory requirements.

4. AI Processing & Sub-Processors

To generate rewrites, the resume text and job description you submit are transmitted in real time to one or more third-party large-language-model (β€œLLM”) providers acting as our sub-processors. These currently include providers such as Google (Gemini) and OpenAI, accessed via the Lovable AI gateway. Your inputs may be retained transiently by those providers solely for abuse-monitoring purposes per their published policies and are not used by them to train their models when processed through the gateway. Provider lists may change; the most current list is available on request.

Other key sub-processors include:

  • Stripe, Inc. β€” payment processing, subscription management, billing portal;
  • Supabase β€” database, authentication, and storage hosting;
  • Cloudflare, Inc. β€” edge compute, content delivery, and DDoS protection;
  • Google LLC β€” OAuth sign-in (if you choose Google sign-in).

5. How We Share Information

We disclose personal information only as follows:

  • Service providers / sub-processors identified in section 4, bound by contractual confidentiality and data-protection obligations;
  • Legal & safety β€” when we reasonably believe disclosure is required to comply with law, legal process, or a lawful government request, to enforce our Terms, to detect or prevent fraud or abuse, or to protect the rights, property, or safety of the Company, users, or others;
  • Business transfers β€” in connection with a merger, acquisition, financing, reorganisation, or sale of assets, in which case we will require the recipient to honour this policy or notify you of any material changes;
  • With your direction β€” when you choose to export or share output you generate.

We do not sell your personal information and we do not share it with third parties for their own marketing purposes.

6. International Transfers

We are based in Singapore and our infrastructure providers operate globally. Personal information may be processed in jurisdictions other than your own, including the United States and the European Union. Where required by law, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms to protect international transfers.

7. Cookies

We use a minimal set of cookies and similar local-storage technologies that are strictly necessary to authenticate you, remember your session, and secure the Service. We may also use limited first-party analytics to understand aggregate usage. You can disable non-essential cookies in your browser; doing so may affect Service functionality.

8. Data Retention

We retain personal information only for as long as is reasonably necessary for the purposes described in this policy or as required by law. Specifically:

  • Account & resume data β€” for the life of your account, plus a reasonable period after deletion to cover backup cycles, dispute resolution, and security audits;
  • Billing records β€” retained as required by tax and accounting law (typically up to seven (7) years);
  • Logs & technical data β€” typically retained for up to ninety (90) days, except where longer retention is needed for security investigations.

You may request deletion of your account at any time using the contact details below.

9. Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorised access, disclosure, alteration, or destruction, including encryption in transit (TLS), encryption at rest where supported, access controls, role-based permissions, and logging. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

10. Your Rights

Depending on where you live, you may have the following rights with respect to your personal information:

  • access the personal information we hold about you;
  • correct or update inaccurate or incomplete information;
  • request deletion of your information (subject to legal exceptions);
  • object to or restrict certain processing;
  • request portability of information you provided to us;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with your local data-protection authority (e.g., the Personal Data Protection Commission in Singapore, or an EU/UK supervisory authority).

To exercise any of these rights, contact us using the details in section 14. We will respond within the timeframes required by applicable law and may need to verify your identity before acting on your request.

11. Children

The Service is intended for adults aged 18 and over. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take appropriate steps to delete it.

12. Third-Party Links

The Service may contain links to third-party websites or services that are not operated by us. This policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review their privacy policies before providing them with information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the β€œEffective date” above and, where appropriate, by additional notice in-app or via email. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

14. Contact

Ladder of Life Pte. Ltd.
Singapore
Email: privacy@rewritehire.com