Privacy Policy
Last Updated:
(“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website
Table of Contents
1. Information We Collect
1.1 Information You Provide Directly
We collect information you voluntarily provide when you:
- Create an Account: First name, last name, email address, username, password (encrypted)
- Complete Your Profile: Display name, profile photo/avatar, biographical information, custom profile fields
- Contact Us: Name, email address, message content, phone number (if provided)
- Participate in Activities: Job applications, announcements acknowledgments, resource downloads, custom field data
1.2 Information Collected Automatically
When you access our services, we automatically collect:
- Usage Data: Pages visited, features used, time spent, referring pages
- Device Information: IP address, browser type and version, device type, operating system
- Authentication Data: Login timestamps, login count, last login date, session tokens
- Security Data: Failed login attempts, security events, rate limit violations
1.3 Cookies and Similar Technologies
We use the following types of cookies:
- Essential Cookies: Required for authentication and site functionality (cannot be disabled)
- Preference Cookies: Remember your settings and preferences
- Security Cookies: Session management, auto-logout tracking, security monitoring
- Analytics Cookies: Understand how visitors use our site (if enabled)
2. How We Use Your Information
We use your information for the following purposes:
2.1 Service Delivery
- Create and manage your member account
- Authenticate your identity and prevent unauthorized access
- Provide access to member-only features and content
- Process your job applications and resource downloads
- Display your profile to other members (if you opt-in)
2.2 Communications
- Send account-related notifications (approval, rejection, password resets)
- Deliver announcements and important updates
- Respond to your inquiries and support requests
- Send marketing communications (only with your consent, with easy opt-out)
2.3 Security and Fraud Prevention
- Monitor for suspicious activity and prevent abuse
- Enforce our Terms of Service
- Protect against security threats and unauthorized access
- Maintain activity logs for security auditing
2.4 Improvement and Analytics
- Analyze usage patterns to improve our services
- Track resource library engagement and downloads
- Understand member behavior and preferences
- Develop new features and functionality
3. Legal Basis for Processing (GDPR)
If you are in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on:
- Consent: You have given clear consent for us to process your data (e.g., marketing emails, optional profile fields)
- Contract Performance: Processing is necessary to fulfill our membership agreement with you
- Legal Obligation: We must process your data to comply with the law (e.g., tax records, security logging)
- Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., fraud prevention, service improvement), provided this doesn’t override your rights
4. Data Sharing and Disclosure
4.1 We Do NOT Sell Your Personal Information
We do not sell, rent, or trade your personal information to third parties for monetary or other valuable consideration.
4.2 When We Share Your Information
We may share your information only in the following limited circumstances:
- Service Providers: Third-party vendors who help us operate our website (hosting, email delivery, security services). These providers are contractually obligated to protect your data.
- Legal Requirements: When required by law, court order, or government regulation
- Business Transfers: In the event of a merger, acquisition, or sale of assets (with notice to affected users)
- With Your Consent: When you explicitly authorize us to share your information
- Public Profile: If you enable a public profile, your chosen information will be visible to other members or the public
4.3 Third-Party Services We Use
Our website may integrate with the following third-party services:
- Google reCAPTCHA: Spam and bot protection (subject to Google’s Privacy Policy)
- Web Hosting Provider:
- Email Service:
Each service has its own privacy policy governing their use of your data.
5. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy:
- Active Accounts: Retained while your account is active
- Activity Logs: Automatically deleted after 90 days
- Security Logs: Failed login attempts cleared after 30 days; IP addresses anonymized after 30 days
- Deleted Accounts: Personal data anonymized or deleted within 30 days of account deletion request
- Legal Requirements: Some data may be retained longer if required by law (e.g., tax records, legal disputes)
6. Your Privacy Rights
Depending on your location, you have the following rights regarding your personal data:
6.1 Rights for All Users
- Access: View the personal data we hold about you
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and personal data
- Opt-Out: Unsubscribe from marketing emails at any time
6.2 GDPR Rights (EU/EEA/UK/Switzerland)
- Right to Access: Obtain a copy of your personal data
- Right to Rectification: Correct inaccurate data
- Right to Erasure (“Right to be Forgotten”): Request deletion of your data
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent for marketing or optional processing
- Right to Lodge a Complaint: File a complaint with your local data protection authority
6.3 CCPA/CPRA Rights (California)
- Right to Know: Request disclosure of data collection and sharing practices
- Right to Delete: Request deletion of your personal information
- Right to Correct: Request correction of inaccurate data
- Right to Opt-Out of Sale: We do not sell data, so this right is not applicable
- Right to Limit Sensitive Data Use: Control use of sensitive personal information
- Right to Non-Discrimination: We will not discriminate against you for exercising your rights
6.4 Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA)
- Right to access, correct, delete, and obtain a copy of your data
- Right to opt-out of targeted advertising and profiling (not applicable as we don’t do these)
- Right to appeal our decision on your privacy request
6.5 How to Exercise Your Rights
To exercise any of these rights, you can:
- Self-Service: Log in to your account and use the “Download My Data” or “Delete Account” features
- Email Us: Send a request to “>contact page
Response Time: We will respond to your request within 30 days (45 days for CCPA requests).
Verification: We may need to verify your identity before fulfilling your request to protect your privacy.
8. Data Security
We implement industry-standard security measures to protect your personal data:
- Encryption: Passwords are encrypted using bcrypt hashing; SSL/TLS encryption for data transmission
- Access Controls: Role-based access with least-privilege principles
- Authentication Security: Brute force protection, rate limiting, account lockout after failed attempts
- Session Security: HttpOnly and Secure cookies, SameSite protection, automatic session expiration
- Input Validation: Protection against SQL injection, XSS, CSRF attacks
- Monitoring: Security event logging and anomaly detection
- Regular Updates: Software and security patches applied promptly
Data Breach Notification: In the unlikely event of a data breach affecting your personal information, we will notify you and relevant authorities as required by law (within 72 hours for GDPR).
9. International Data Transfers
Your information may be transferred to and stored on servers located outside your country of residence. When we transfer data internationally, we ensure adequate protections are in place:
- Standard Contractual Clauses (SCCs): EU-approved contracts for data transfers
- Adequacy Decisions: Transfers only to countries deemed adequate by the EU Commission
- Your Consent: With your explicit consent for specific transfers
Server Location: Our primary servers are located in .
10. Children’s Privacy
Our services are not intended for children under 16 years of age (13 in the US).
We do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will delete it immediately. If you believe a child has provided us with personal information, please contact us at
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes: Continued use of our services after changes constitutes acceptance of the updated policy.11. Changes to This Privacy Policy
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
For EU/EEA Residents
Our Data Protection Officer can be reached at: “>