Back to Home

Privacy Policy

Effective date: March 2026

This Privacy Policy explains how Sh1ft (“we”, “our”, or “us”) collects, uses, and protects your personal data when you use Level (“the Service”).

1. Data We Collect

We collect the following categories of personal data:

  • Account data: Email address and name, collected when you sign up via Clerk authentication.
  • Profile data: Career information you provide — your CV, work history, skills, career goals, and LinkedIn profile details.
  • Usage data: How you interact with the Service — features used, pages visited, actions taken, and session duration.
  • Payment data: Billing information processed by Stripe. We do not store your card details — Stripe handles this securely.
  • Technical data: IP address, browser type, device information, and cookies necessary for the Service to function.

2. How We Use Your Data

Your data is used for the following purposes:

  • AI processing: Your profile and career data is processed by AI models to generate CV analysis, cover letters, job matches, and career guidance.
  • Job matching: To identify and surface relevant job opportunities aligned with your skills and career goals.
  • Service improvement: Aggregate, anonymised usage data helps us improve the product.
  • Communications: Transactional emails (account activity, billing receipts). We do not send marketing emails without your consent.

3. Third-Party Services

We use the following trusted third-party providers:

Clerk

Authentication & user management

Stripe

Payment processing & billing

Cloudflare

Hosting, CDN & security

Each provider has their own privacy policy and data processing terms. We select providers who meet high data protection standards.

4. Data We Do Not Sell

We do not sell, rent, or share your personal data with third parties for marketing purposes. Your career data is yours. We use it solely to provide and improve the Service.

5. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required by law to retain it longer (e.g. billing records for tax purposes).

6. Your Rights (GDPR)

If you are located in the European Economic Area, you have the following rights:

  • Right to access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data (“right to be forgotten”).
  • Right to portability: Receive your data in a machine-readable format.
  • Right to object: Object to processing of your data for certain purposes.
  • Right to restrict processing: Request that we limit how we use your data.

To exercise any of these rights, contact us at [email protected].

7. Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted storage, and access controls. However, no method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password for your account.

8. Cookies

We use cookies that are strictly necessary for authentication and session management. We do not use advertising or tracking cookies. You can control cookies through your browser settings, though disabling essential cookies may prevent the Service from functioning correctly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice within the Service. Continued use after changes take effect constitutes acceptance.

10. Contact

For privacy-related questions or to exercise your rights, contact our privacy team at: [email protected]

Sh1ft · Copenhagen, Denmark

Terms of ServiceContactHome