← Back to Home

Privacy Policy

Last Updated: December 30, 2025

1. Introduction

CareerShotAI ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclosure, and safeguard your information when you use our website and AI photo generation services.

We operate globally and adhere to major privacy standards including the General Data Protection Regulation (GDPR) for European users.

2. Information We Collect

  • Personal Account Information: Name, email address, and authentication details provided via Google or Email login.
  • User Content: Photos you upload for the purpose of generating headshots.
  • Generated Content: The AI-generated images created by our service.
  • Usage Data: Information about how you interact with our website (e.g., pages visited, time spent).
  • Payment Information: We do not store your credit card details. All payments are processed by secure third-party payment processors (e.g., Stripe).

3. How We Use Your Information

We use your information specifically to:

  • Provide and maintain our Service.
  • Train a temporary, specific AI model to generate your requested headshots.
  • Send you your results and service communications.
  • Monitor the usage of the Service to detect, prevent and address technical issues.

4. AI Training and Data Retention

Important: How we handle your photos

Your photos are ONLY used to train a model for your specific session. We do not use your face to train a universal model, nor do we share your biometric data with other users.

  • Temporary Models: The AI model trained on your photos is temporary and is deleted after the generation process is complete or after a short retention period for debugging.
  • Image Retention: We purge uploaded images and generated results from our servers periodically (typically every 30 days) to protect your privacy and manage storage. You are responsible for downloading your results promptly.

5. Disclosure of Data

We may share your data with the following third-party Trusted Service Providers enabling us to operate: Payment Processors (e.g., Stripe), Cloud Infrastructure (e.g., AWS, Cloudflare, Supabase), Authentication (e.g., Google Firebase).

  • Cloud Infrastructure: AWS, Cloudflare, and Supabase (for hosting and database).
  • Authentication: Google Firebase (for secure login).

We do not sell, trade, or rent your personal identification information to others.

6. Your Data Rights (GDPR & CCPA)

Depending on your location, you have rights regarding your data:

  • The right to access: You have the right to request copies of your personal data.
  • The right to deletion: You have the right to request that we delete your personal data ("Right to be Forgotten"). You can delete your account and data directly from the Dashboard.
  • The right to portability: You can request that we transfer the data that we have collected to another organization, or directly to you.

If you make a request, we have one month to respond to you.

7. Security

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. We use commercially acceptable means (encryption in transit and at rest) to protect your Personal Data.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us via our website.

Return to Home