Privacy Policy

Personal Information

When you create an account, we collect personal information such as your name, email address, date of birth, role, and other identifying information. This information is used to create your account, authenticate you, and provide personalized services.

Professional Information

Through your use of the Platform, you may provide professional information including your major, university, employer details, or investor profile. This information helps us match you with appropriate opportunities and provide relevant services.

Work History

The Platform records your work history, including projects you participate in, roles you hold, tasks you complete, and achievements you earn. This information is used to build your professional portfolio, assess your performance, and verify your experience.

Reputation & Ratings

The Platform collects multi-dimensional reputation ratings from other users, including execution, collaboration, leadership, ethics, and reliability scores. This information is used to provide a comprehensive view of your capabilities and performance.

Communication Data

The Platform may collect communications data such as messages, notifications, and interactions with other users. This information is used to facilitate platform features, provide customer support, and improve user experience.

Service Provision

We use your information to provide, maintain, and improve the Platform's services. This includes creating and managing your account, processing requests, delivering notifications, and facilitating platform features.

Authentication & Security

We use your information for authentication purposes, verifying your identity, and securing your account. This includes using your email and password for login, implementing multi-factor authentication where applicable, and monitoring for suspicious activity.

Personalization & Analytics

We use your information to personalize your experience and analyze platform usage. This includes customizing dashboards, providing relevant recommendations, and aggregating statistics to improve platform functionality.

Communication

We use your information to communicate with you about platform updates, security alerts, and other important information. This includes sending email notifications, displaying in-app messages, and providing customer support.

Legal Compliance

We use your information to comply with applicable laws and regulations, including responding to legal requests, conducting audits, and maintaining required records.

With Other Users

Your professional profile, work history, and reputation ratings may be shared with employers, investors, and other stakeholders based on your privacy settings and the nature of your relationship.

With Universities

Your student information, project participation, and performance metrics may be shared with your affiliated university based on your privacy settings and the university's role in the verification process.

With Service Providers

We may share your information with third-party service providers who help us operate the Platform, such as cloud hosting providers, analytics services, and payment processors.

With Legal Authorities

We may share your information with legal authorities when required by law, such as responding to subpoenas, court orders, or regulatory inquiries.

Encryption

We use encryption to protect your information in transit and at rest. All sensitive data, including passwords, personal information, and professional records, is encrypted using industry-standard encryption algorithms.

Access Controls

We implement access controls to ensure that only authorized personnel can access your information. This includes role-based access, need-to-know basis, and regular access reviews.

Secure Storage

We use secure storage solutions and follow best practices for data management. Your information is stored on secure servers with regular backups and disaster recovery procedures in place.

Monitoring & Auditing

We monitor platform activity and conduct regular security audits to identify and address potential vulnerabilities. This includes monitoring for unauthorized access, suspicious activity, and security incidents.

Vulnerability Management

We have processes in place to identify, assess, and remediate security vulnerabilities in a timely manner. This includes regular security assessments, penetration testing, and bug bounty programs.

Right to Access

You have the right to access, review, and update your personal information at any time. You can also request deletion of your account and associated information.

Right to Rectification

You have the right to request correction of inaccurate or incomplete personal information. We will make reasonable efforts to correct such information promptly.

Right to Erasure

You have the right to request deletion of your personal information, subject to certain legal obligations. We will delete your information unless we have a legitimate business reason to retain it.

Right to Object

You have the right to object to certain types of information processing, including automated decision-making, profiling, and direct marketing. You can configure your preferences and opt out of certain processing activities.

Right to Withdraw Consent

You have the right to withdraw your consent at any time for the collection, use, or sharing of your personal information, where applicable. Withdrawal of consent may result in the inability to use certain platform features.

Right to Complaint

You have the right to file a complaint with a supervisory authority regarding our handling of your personal information. We will respond to your complaint in accordance with applicable laws.

Right to Data Portability

You have the right to receive a copy of your personal information in a commonly used, machine-readable format. You can request that we transfer your data to another service provider.

Active Accounts

For active accounts, we retain your personal information for the duration of your account. Upon account termination, we will delete or anonymize your personal information in accordance with applicable laws.

Inactive Accounts

For inactive accounts, we may delete or anonymize your personal information after a specified period of inactivity, subject to applicable legal requirements.

Project & Task Data

We retain project and task data for as long as necessary to fulfill the purposes for which it was collected, including for record-keeping, compliance, and legal obligations.

Reputation & Ratings Data

We retain reputation and ratings data for as long as necessary to maintain accurate profiles and support platform functionality. Historical ratings may be anonymized after a specified period.

Communications Data

We retain communications data for as long as necessary to provide customer support, maintain records, and comply with legal obligations. This may include message histories, notification logs, and support tickets.

Analytics & Usage Data

We may retain analytics and usage data for business purposes, including improving platform functionality, analyzing trends, and developing new features. This data may be anonymized or aggregated.

Material Changes

We may make material changes to this Privacy Policy and will notify you of any such changes that significantly affect your rights or our use of your personal information. We will provide a summary of the changes and your options.

Periodic Reviews

We will review this Privacy Policy periodically to ensure it remains accurate, up-to-date, and compliant with applicable laws and best practices.

Effective Date

Any changes to this Privacy Policy will become effective on the date specified in the revised policy. Your continued use of the Platform after the effective date constitutes acceptance of the updated policy.

Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at: support@CareerToDo.com. We will make reasonable efforts to address your inquiries in a timely manner.

Cloud Hosting & Storage

We use third-party cloud hosting providers to store your information securely. These providers are contractually obligated to maintain industry-standard security practices and comply with applicable data protection laws.

Analytics Services

We may use third-party analytics services to understand platform usage and improve user experience. These services collect anonymous usage data and are configured to respect your privacy choices.

Email Services

We use third-party email services to send notifications and communications. These services are contractually obligated to protect your email address and comply with applicable data protection laws.

Payment Processors

We may use third-party payment processors for handling transactions. These providers are subject to their own privacy policies and security practices. We recommend reviewing their policies before making payments.

Authentication Services

We may use third-party authentication services for single sign-on and identity verification. These services are subject to their own privacy policies and terms of use.

Support Services

We may use third-party support services to provide customer assistance. These services have access to limited information necessary to provide support and are subject to confidentiality agreements.

Adequacy of Protection

We will ensure that appropriate technical and organizational measures are in place to protect your information during international transfers, including encryption and access controls.

Regulatory Compliance

We will comply with all applicable international data transfer laws and regulations, including but not limited to GDPR, CCPA, and other regional data protection frameworks.

User Rights

We will ensure that your rights under applicable international data transfer laws are protected, including the right to information, access, rectification, erasure, and objection.

Contractual Safeguards

We will require third-party recipients to maintain appropriate contractual safeguards to protect your information in accordance with applicable international data transfer laws and regulations.

Notification

We will notify you when your information is transferred to another country and provide information about the applicable laws and regulations governing such transfers.

Collection from Children

We do not knowingly collect personal information from children under 13. If we accidentally collect such information, we will delete it immediately.

Deletion upon Request

If we become aware that we have collected personal information from a child under 13, we will delete it promptly upon request from the child's parent or legal guardian.

Parental Consent

We do not knowingly collect personal information from children under 13 without verifiable parental consent. If we become aware of such collection without consent, we will delete the information immediately.

Educational Resources

We provide educational resources for parents and guardians regarding children's privacy and security online. These resources include tips for safe online behavior, information about privacy settings, and guidance on monitoring children's platform use.

Reporting to Authorities

If we become aware of violations of children's privacy laws, we will report such violations to appropriate authorities and cooperate with investigations.

General Inquiries

For general inquiries about the Platform, privacy practices, or this Privacy Policy, please contact us at:

Email: support@CareerToDo.com

We will make reasonable efforts to respond to your inquiries within 5-7 business days.

Data Subject Rights

To exercise your rights regarding your personal information, please contact our Data Protection Officer (DPO) at:

Email: dpo@CareerToDo.com

Privacy Complaints

If you wish to file a privacy complaint or have concerns about how your personal information is being handled, please contact our independent supervisory authority or the relevant data protection authority in your jurisdiction.

Legal Inquiries

For legal inquiries regarding this Privacy Policy or our handling of personal information, please contact our legal department at:

Email: legal@CareerToDo.com

Emergency Contact

For urgent security concerns or data breaches involving your personal information, please contact our emergency hotline immediately:

Email: emergency@CareerToDo.com

Applicable Jurisdictions

For users in the United States, this Privacy Policy shall be governed by the laws of the United States, including but not limited to the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation.

European Union

For users in the European Union, this Privacy Policy shall be governed by the General Data Protection Regulation (GDPR) and other applicable EU data protection laws.

United Kingdom

For users in the United Kingdom, this Privacy Policy shall be governed by the UK Data Protection Act 2018 and other applicable UK data protection laws.

Canada

For users in Canada, this Privacy Policy shall be governed by the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable Canadian data protection laws.

Australia

For users in Australia, this Privacy Policy shall be governed by the Privacy Act 1988 and other applicable Australian data protection laws.

Other Jurisdictions

For users in other jurisdictions, this Privacy Policy shall be governed by the applicable data protection and privacy laws of such jurisdictions.

Governing Law Selection

In the event of a conflict between the laws of different jurisdictions, the law that provides the greater protection for your personal information shall prevail, to the extent permitted by applicable law.

Cross-Border Data Transfers

For cross-border data transfers, we will ensure that appropriate safeguards are in place and that transfers comply with applicable international data transfer laws and regulations.

Dispute Resolution

Any disputes regarding your personal information and our handling thereof shall be resolved through binding arbitration in accordance with the rules of the American Arbitration Association, unless prohibited by applicable law.

Class Action Waivers

Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, or the waiver of class actions. To the extent permitted by applicable law, we disclaim all warranties and limit our liability to the maximum extent permitted by law.