Privacy Policy

Last Updated: March 10, 2026 · Version: 2026.03.10

1. Introduction

LensCareer ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your information in compliance with:

  • GDPR (General Data Protection Regulation) - EU
  • KVKK (Kisisel Verilerin Korunmasi Kanunu) - Turkey

2. Information We Collect

2.1 Account Information

  • Name and email address
  • Profile information (optional: company, job title, location)
  • Authentication credentials (hashed passwords)
  • OAuth data (if using Google/GitHub login)

2.2 User-Generated Content

  • Company reviews, salary submissions, interview experiences, comments, and votes
  • If you submit while logged in, we store the submitting account internally for moderation, fraud prevention, export, and deletion requests
  • If a contribution is shown publicly as anonymous, that anonymity applies to the public surface, not our internal moderation systems
  • Anonymous survey responses may include optional company information, compensation fields, and optional email address

2.3 Trust & Safety Signals

  • Hashed IP address for abuse prevention and duplicate detection
  • Pseudonymous anonymous survey identifier stored in a first-party cookie on your browser
  • Risk and moderation metadata, such as duplicate detection and outlier flags
  • We do not use browser fingerprinting for anonymous survey tracking

2.4 Usage Data

  • Pages visited and features used
  • Search queries
  • Browser type and device information needed for compatibility and security
  • Cookies and similar technologies

2.5 AI Usage Data

  • AI feature usage (cover letters, summaries)
  • Token usage and costs (for admin purposes)

3. How We Use Your Information

We use your data to:

  • Provide Services: Display reviews, salaries, and job listings
  • Improve Platform: Analyze usage patterns and fix bugs
  • Communication: Send notifications (opt-in only)
  • Security: Prevent fraud, duplicate submissions, and abuse
  • Legal Compliance: Comply with laws and regulations
  • Analytics: Understand user behavior (anonymized)
  • Moderation: Review risky or duplicate submissions and link authenticated contributions to the submitting account internally

Legal Basis (GDPR):

  • Contract performance (account services)
  • Legitimate interests (platform improvement, security)
  • Consent (optional features, marketing)
  • Legal obligations (compliance)

4. Data Retention

Data TypeRetention Period
Account dataUntil account deletion
Authenticated reviews, salaries, interviews, comments, and votesUntil account deletion, unless longer retention is required for legal or safety reasons
Anonymous survey anti-abuse logs, hashed IPs, and pseudonymous anonymous survey identifiersUp to 90 days
Operational usage logsUp to 90 days
AI usage logs12 months

5. Your Rights (GDPR/KVKK)

You have the right to:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for optional processing

To exercise your rights:
Email us at privacy@lenscareer.com

6. Cookies

We use cookies for:

  • Essential: Authentication, security, and session continuity
  • Trust & Safety: A first-party anonymous survey identifier cookie to detect repeat submissions and abuse on anonymous survey forms
  • Preferences: Language, theme settings

We do not use browser fingerprinting for anonymous survey traceability. You can control cookies via browser settings, but disabling essential cookies may affect functionality and anonymous survey abuse protections.

7. Third-Party Services

We use the following third-party services:

  • Google OAuth: Authentication (Google Privacy Policy applies)
  • GitHub OAuth: Authentication (GitHub Privacy Policy applies)
  • Sentry: Error tracking (anonymized, PII scrubbed)
  • Cloudflare: Hosting and CDN
  • OpenAI: AI features (data not used for training)
  • Google Analytics: Anonymous usage analytics

8. Data Security

We implement industry-standard security measures:

  • HTTPS encryption for all connections
  • Password hashing with bcrypt (12 rounds)
  • Regular security audits
  • Access controls and authentication
  • PII scrubbing in error logs
  • Rate limiting to prevent abuse

9. International Data Transfers

Your data may be processed in Turkey and other countries where our service providers operate. We ensure adequate safeguards for international transfers as required by GDPR.

10. Children's Privacy

LensCareer is not intended for users under 16 years old. We do not knowingly collect data from children. If you believe we have collected data from a child, contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via:

  • Email notification
  • Platform banner
  • Updated "Last Modified" date

12. Contact & Data Protection Officer

For privacy inquiries or to exercise your rights:

Email: privacy@lenscareer.com
DPO: [Data Protection Officer Name/Email]
Address: [Your Company Address]

Supervisory Authority (EU):
You have the right to lodge a complaint with your local data protection authority.

KVKK Authority (Turkey):
Kisisel Verileri Koruma Kurumu
Website: www.kvkk.gov.tr

Summary: Logged-in contributions are linked to your account internally for moderation and account-rights workflows. Anonymous survey submissions may use a first-party pseudonymous device identifier plus hashed IP for up to 90 days to prevent abuse. We do not use browser fingerprinting. Contact privacy@lenscareer.com with questions.