Privacy Policy

Introduction

ATS MAKER ("we," "our," "us," or "Company") respects your privacy and is committed to protecting your personal information. This Privacy Policy ("Policy") describes how we collect, use, disclose, store, and protect your information when you access or use our website, services, applications, and related software (collectively, the "Service").

This Policy applies to all users of the Service, including visitors, registered users, and subscribers. By using our Service, you acknowledge that you have read and understood this Policy and agree to the collection, use, and disclosure of your information as described herein. If you do not agree with this Policy, please do not use our Service.

1. Information We Collect

2. How We Use Your Information

We use the information we collect for the following purposes:

• Service Provision: To provide, operate, maintain, and improve the Service, including processing resume optimizations, generating AI-powered content, and delivering requested features
• Account Management: To create and manage your account, authenticate your identity, process transactions, and provide customer support
• Communication: To send you service-related communications, including account notifications, updates, security alerts, and responses to your inquiries
• Personalization: To personalize your experience, remember your preferences, and provide customized content and recommendations
• Analytics and Improvement: To analyze usage patterns, conduct research, improve our algorithms, and enhance Service functionality
• Security and Fraud Prevention: To detect, prevent, and address security threats, fraud, abuse, and other harmful activities
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforce our Terms of Service
• Business Operations: To manage our business operations, including financial reporting, auditing, and business analytics

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal information based on the following legal bases:

• Contractual Necessity: To perform our contract with you and provide the Service you have requested
• Legitimate Interests: To operate and improve our Service, ensure security, prevent fraud, and conduct business analytics
• Legal Obligation: To comply with applicable laws and regulations
• Consent: Where you have provided explicit consent for specific processing activities

4. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information only in the following circumstances:

• Service Providers: We may share information with trusted third-party service providers who perform services on our behalf, including cloud hosting (e.g., AWS, Google Cloud), payment processing (e.g., Stripe, PayPal), email delivery, analytics, customer support, and AI model providers. These providers are contractually obligated to protect your information and use it only for specified purposes
• Legal Requirements: We may disclose information if required by law, court order, subpoena, or governmental authority, or to protect our rights, property, or safety, or that of our users or others
• Business Transfers: In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring or surviving entity
• With Your Consent: We may share information with your explicit consent for specific purposes
• Aggregated or Anonymized Data: We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you

5. Data Security

We implement comprehensive technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit using Transport Layer Security (TLS) protocols and encryption of data at rest using industry-standard encryption algorithms
• Secure password hashing using bcrypt or similar industry-standard algorithms with salt
• Regular security audits, vulnerability assessments, and penetration testing
• Access controls, authentication mechanisms, and role-based access restrictions
• Secure cloud infrastructure hosted by reputable providers with SOC 2 Type II compliance
• Employee training on data protection and security best practices
• Incident response procedures and breach notification protocols

Despite our security measures, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a data breach that may affect your personal information, we will notify you and relevant authorities as required by applicable law.

6. Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect and store information about your use of the Service. Cookies are small text files placed on your device that enable us to recognize your browser and remember certain information.

We use the following types of cookies:

• Essential Cookies: Required for the Service to function properly, including authentication and security features. These cannot be disabled
• Functional Cookies: Remember your preferences and settings to enhance your experience
• Analytics Cookies: Help us understand how users interact with the Service, including Google Analytics and similar tools
• Performance Cookies: Collect information about how you use the Service to help us improve performance

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, if you disable cookies, some features of the Service may not function properly.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information under applicable data protection laws, including the General Data Protection Regulation (GDPR) for EEA residents and the California Consumer Privacy Act (CCPA) for California residents. These rights may include:

• Right of Access: Request access to and receive a copy of your personal information
• Right to Rectification: Request correction of inaccurate or incomplete information
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal information, subject to certain exceptions
• Right to Restrict Processing: Request restriction of processing of your personal information in certain circumstances
• Right to Data Portability: Receive your personal information in a structured, commonly used, and machine-readable format
• Right to Object: Object to processing of your personal information for certain purposes, including direct marketing
• Right to Withdraw Consent: Withdraw consent where processing is based on consent, without affecting the lawfulness of processing before withdrawal
• Right to Non-Discrimination (CCPA): Exercise your privacy rights without discrimination (California residents)

To exercise these rights, please contact us at privacy@atsmaker.com with your request. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law. Factors we consider when determining retention periods include: the nature of the information, the purposes for which it was collected, legal and regulatory requirements, and the potential risk of harm from unauthorized use or disclosure. When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal, regulatory, or legitimate business purposes (such as financial record-keeping, dispute resolution, or enforcement of our Terms of Service).

9. Children's Privacy

Our Service is not intended for individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at privacy@atsmaker.com. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete such information promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your country. When we transfer personal information from the EEA or UK to countries outside the EEA/UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission or other legally recognized transfer mechanisms. By using our Service, you consent to the transfer of your information to these countries.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information held by businesses
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising privacy rights

To exercise your California privacy rights, please contact us at privacy@atsmaker.com or use the contact information provided below.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by: (1) posting the updated Policy on this page with a new "Effective Date" at the top, (2) sending you an email notification to the address associated with your account (if applicable), and/or (3) displaying a prominent notice on our Service. We encourage you to review this Policy periodically to stay informed about how we protect your information. Your continued use of the Service after any changes become effective constitutes acceptance of the updated Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: