RoleSift treats CV and job data as sensitive.
You control what job text and profile context you submit. Use a redacted CV or short profile summary where possible, and do not paste passwords, API keys, banking details, National Insurance numbers, passport details, medical information, or other unnecessary sensitive information into RoleSift.
What RoleSift is and is not
RoleSift is decision support for students, graduates, and early-career job seekers. It can help you decide whether to apply, skip, or investigate a role further, but it does not predict employer decisions, guarantee interviews, or replace your own judgement.
Data and security boundaries
Profile setup asks for processing consent before sending CV/profile text to OpenAI API server-side for extraction, and storage consent before saving the reviewed structured job-fit profile. The current setup flow does not save the original CV/profile text or uploaded file to your profile.
AI analysis runs through RoleSift backend endpoints. The Chrome extension and browser frontend do not call OpenAI directly and do not contain OpenAI API keys.
Supabase handles signup, login, email confirmation, and authenticated API tokens. Protected endpoints derive account identity server-side rather than trusting client-supplied user IDs.
Stripe handles checkout and payment details. RoleSift stores plan and subscription status needed to provide access, not full card numbers.
Signed-in users can export account-associated data, delete scan history, and clear profile/preferences from Settings where those controls are available. Billing and immutable credit records may be retained where required.
The extension uses storage, active tab, context menu, scripting, and supported host access so users can scan selected job pages and connect to RoleSift account APIs.
Data minimisation
RoleSift works best with job-fit evidence, not sensitive identity or financial records.
Education, skills, projects, tools, experience summaries, target roles, locations, work style preferences, and dealbreakers that help assess job fit.
Passwords, bank details, National Insurance numbers, passport numbers, full home address, medical data, API keys, or employer-confidential material.
Remove unnecessary personal details from CV text before profile extraction. A short profile summary is often enough for early scans.
How to raise a concern
Use the support route for account access, billing, extension issues, privacy requests, or security concerns.
Report safely.
Email support without including secrets or unnecessary personal data. Redact CV details, tokens, screenshots, and employer-confidential material unless the specific detail is needed to investigate the issue.