Privacy Policy

A.About This Policy

This Privacy Policy describes how impactrackr ("we," "us," or "our") collects, uses, stores, and protects your information when you use our career impact tracking service. By using impactrackr, you agree to the practices described in this policy.

We have written this in plain English. If anything is unclear, contact us at privacy@impactrackr.com.

This policy applies to impactrackr.com and all of its subdomains, the impactrackr web application, and any future native mobile applications. It does not apply to third-party websites you reach via links from impactrackr, or to third-party services you authorize separately (for example, Google when you use OAuth).

B.Information We Collect

We collect only what we need to operate the service. Every category below has a stated purpose. Nothing is collected just in case.

B.1 Account information

When you sign up, we collect your email address (required, used for sign-in) and your name and profile picture (provided by Google OAuth). We never store your Google password and never access your Gmail, Calendar, Drive, or any other Google service.

B.2 Career win content

When you record or type a win, we store the original text you entered, the AI-cleaned summary (when you use Polished or Amplified mode), tags applied to the win, and timestamps. You control this content. You can edit, delete, or export any individual win, or all of them, at any time.

B.3 Optional professional context

You may optionally provide your role or job title, your company name, your industry, and your career focus area. These fields are optional and used only to tailor AI summaries to your context. You can leave them blank or change them in Settings.

B.4 Technical and usage data

When you use impactrackr, we automatically log your IP address, browser type, device type, screen size, pages visited, and features used. This data is used for security, debugging, and aggregated usage statistics. It is not used to identify you individually beyond those operational purposes.

B.5 What we do not collect

• We do not access your Gmail, Calendar, Drive, contacts, photos, or any Google data beyond your name, email, and profile picture.
• We do not access your microphone or camera except during active voice recording (with your explicit click).
• We do not collect biometric information.
• We do not track your activity on other websites. No cross-site tracking. No advertising IDs.

C.How We Use Your Information

We use your information for the purposes you would expect, and only those purposes.

C.1 To provide the service

• Authenticate your sign-in
• Save your wins so they appear when you return
• Generate AI summaries when you request them
• Build your insights dashboard, Spotlight Brief, 90-Day Highlights, and exports
• Send the optional weekly reminder emails you have opted into

C.2 To support and assist you

• Respond to questions you send via the contact form or email
• Investigate and resolve issues you report
• Recover your account if you forget your password
• Provide customer support, training, or onboarding when you request it

C.3 To improve the product (anonymized only)

We track aggregate usage patterns (which features get used, where users get stuck) to improve the product. We monitor performance and errors. Aggregate, anonymized data is never linked to individual users.

C.4 To meet legal and safety obligations

We use information to detect and respond to abuse, fraud, or violation of our Terms of Service; to comply with valid legal requests (subpoenas, court orders); and to protect the safety of users or the public when legally required. We do not use your information for any other purpose. We do not use it to target advertising at you, and we do not sell it to anyone for any reason.

D.Our Privacy Commitments

These are promises we make to you and stand behind.

D.1 We do not sell your data

We do not sell, rent, lease, or trade your personal information to anyone, for any purpose, ever. There are no advertisers, data brokers, or third-party marketers in our data flow.

D.2 We do not extract your data for our benefit

Your wins, tags, summaries, and personal context belong to you. We do not aggregate, repackage, or analyze your individual content for our own benefit beyond the operational purposes in Section C.

D.3 We do not train AI models on your data

The text of your wins is sent to our AI providers (Anthropic, OpenAI) only when you trigger AI processing. Both providers contractually agree, in their API terms, to not use this content to train their models. You will never see your wins resurface as someone else's AI suggestion.

D.4 Your data stays linked to your profile

Every piece of information we store is keyed to your user ID. There is no anonymous data lake we keep on the side. When you delete your account, your data is removed completely. See Section J for details.

D.5 You can leave any time, with your data

You can export everything (PDF, CSV, Word, JSON) and delete your account in two clicks from your profile settings. We do not gate this behind a support ticket or an SLA. It is a self-service action.

E.Internal Access Controls

We are the operators of this service. As operators, our authorized personnel have technical access to the database. That is true of every SaaS in the world. Here is what we commit to about that access.

E.1 We do not view your wins for any reason except the ones below

We do not browse, sample, read, or analyze user wins for curiosity, market research, pattern discovery, or any other casual reason. The text of your wins is yours.

E.2 When personnel may access stored content

Authorized impactrackr staff may access user content only when one of the following is true:

• You have explicitly asked us for help (for example, a support request that mentions a specific win)
• An automated abuse-detection system has flagged a specific entry. Even then, only the flagged content is reviewable, not your full archive
• A valid legal request requires it (we will notify you unless legally prohibited from doing so)
• A security incident requires investigation

E.3 Access is logged

Administrative access to the database is logged. We can audit who accessed what and when.

E.4 Privacy Mode bypasses this entirely

If you have content too sensitive for any of the above to ever apply, use Privacy Mode (Settings → Privacy). In Privacy Mode, your wins are processed locally on your device only. AI features are disabled for those entries. Nothing is sent to our AI providers.

F.AI Processing

F.1 What happens when you use AI features

When you select Polished or Amplified enhancement, or when you generate a Spotlight Brief or 90-Day Highlights, your win text is sent over an encrypted connection to our AI providers (Anthropic Claude, OpenAI). The provider returns the processed output, which we store with your win.

F.2 Provider commitments

• No training use. Anthropic and OpenAI both contractually agree that API content is not used to train their models. (Anthropic API Terms of Service. OpenAI API Data Usage Policy, effective March 2023.)
• 30-day temporary retention. Both providers may retain API content for up to 30 days for safety and abuse monitoring. After 30 days it is deleted from their systems.
• Trust and safety review. If their automated systems flag content, a human reviewer at the provider may look at the flagged content. This is rare and applies only to flagged items.

F.3 Be thoughtful about what you record

You control what you write. We recommend you do not include in your wins:

• Highly sensitive personal, financial, or medical information
• Confidential information that belongs to your employer or a third party (trade secrets, customer PII, internal financial data)
• Content covered by HIPAA, GDPR special-category data, or other regulated frameworks

If you must record sensitive content, use Privacy Mode to keep it local-only and disable AI processing for that entry. The AI processes what you write, so describe outcomes and impact rather than confidential identifiers when possible.

F.4 The AI does not remember you between calls

Each AI call is stateless. The model has no memory of your previous wins, your account, or you. Each request includes only the win text needed for that specific generation.

G.Data Storage and Security

G.1 Encryption

• In transit: All connections use TLS 1.2 or higher. Your data is encrypted from your browser to our servers and from our servers to subprocessors.
• At rest: Our database (Supabase, hosted on AWS) encrypts all data at rest using AES-256.

G.2 Access controls

• The application enforces row-level security: when you are signed in, you can only read your own data.
• Administrative access to the database is restricted to authorized impactrackr personnel and logged.
• Production credentials are stored in a secrets manager, not in source code.

G.3 Account security

• Sign-in via Google OAuth. We never see your Google password.
• Session tokens auto-expire and refresh.
• 15-minute idle timeout signs you out if your device is unattended.

G.4 Vulnerability disclosure

If you discover a security vulnerability, please email privacy@impactrackr.com. We respond within 5 business days and credit researchers who follow responsible disclosure.

G.5 Breach notification

In the event of a security breach affecting your data, we will notify you within 72 hours of becoming aware of the breach, as required by GDPR Article 33-34. Notification will include what happened, what data was affected, what we are doing about it, and what you should do.

H.Subprocessors

We use the following trusted third-party services to operate impactrackr. Each has its own privacy policy and security practices.

We notify users of new subprocessors at least 30 days before activation, via email or in-app notice.

I.Your Rights and How to Exercise Them

You have the rights described below regardless of where you live. Some are required by law in certain jurisdictions (GDPR for the EU/UK, CCPA for California). We extend them to all users.

I.1 Right to access

You can see and download all your data in the app at any time. Export to PDF, CSV, Word, or JSON from the Insights page.

I.2 Right to deletion

You can delete your account in two clicks from Profile → Delete All Data. Deletion is processed immediately and cascades across all your stored data. See Section J for details.

I.3 Right to rectification

You can edit any win text, summary, or tag at any time. Profile information (name, role, company, industry) is editable in Settings.

I.4 Right to portability

Exports are provided in machine-readable formats (CSV, JSON) for easy import into other services.

I.5 Right to restriction (Privacy Mode)

You can restrict AI processing on any entry by enabling Privacy Mode in Settings. Wins recorded in Privacy Mode never leave your device.

I.6 Right to object

You can object to processing by emailing privacy@impactrackr.com. Some processing is required to operate the service. If you object to all processing, the alternative is account deletion.

I.7 Right to non-discrimination

We will not deny service, charge different prices, or provide a different level of service based on your exercising any of these rights.

I.8 How to make a request

For any request beyond the in-app actions above, email privacy@impactrackr.com.

• We respond within 30 days (GDPR requirement)
• For California residents, we respond within 45 days (CCPA requirement)
• We may ask for verification to prevent unauthorized requests on behalf of someone else
• There is no fee for the first request in any 12-month period

J.Data Retention and Deletion

J.1 While your account is active

We retain your data for as long as your account is active and you continue to use the service.

J.2 When you delete your account

Account deletion triggers a cascading purge across all impactrackr-controlled data:

• Your wins, summaries, and tags: deleted immediately
• Your preferences and settings: deleted immediately
• Your moderation logs (if any): deleted immediately
• Your authentication record: deleted immediately
• Database backups: overwritten in our point-in-time recovery system within 30 days

This deletion is enforced at the database layer using foreign-key cascade constraints. It is not just an application-layer cleanup that could be bypassed by a future code path.

J.3 What we may keep after deletion

We may retain limited records when legally required:

• Tax and billing records (if you were a paying customer): 7 years per IRS requirements
• Records of legal disputes: until resolved
• Anonymized aggregate metrics: indefinitely (these contain no PII)

J.4 AI provider retention

After your win text was sent to an AI provider for processing, the provider may hold it for up to 30 days for abuse monitoring. After 30 days, providers delete it from their systems. We have no control over this provider-side retention but it is bound by their published API terms.

J.5 Email logs

SendGrid retains email delivery logs for approximately 30 days. After 30 days these logs are purged from SendGrid.

J.6 Inactive accounts

If you stop using your account for 36 months, we will email you to confirm whether to keep the account active. If we receive no response within 30 days, we will delete the account and all associated data.

K.International Data Transfers

impactrackr is operated from the United States, and our subprocessors are primarily US-based. If you access the service from outside the US, your data is transferred to and processed in the United States.

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we rely on Standard Contractual Clauses (SCCs) with our subprocessors as the legal basis for international transfers, in accordance with GDPR Article 46.

L.Children's Privacy

impactrackr is intended for use by individuals 16 years of age or older. We do not knowingly collect personal information from anyone under 16.

If you are a parent or guardian and believe your child under 16 has provided personal information to us, contact us at privacy@impactrackr.com and we will delete the information.

M.Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

• We will post the updated policy on this page with a new Last Updated date
• For material changes (anything that meaningfully affects your rights or our handling of your data), we will notify you by email at least 30 days before the change takes effect
• Your continued use of impactrackr after the change takes effect constitutes acceptance of the updated policy

N.Contact Us

Or send your question through the form below.