Privacy Policy

When you use Sivvy.ai, we collect information to provide and improve our service:

• Account Information: Email address, name, and profile image when you sign up via Google or magic link.
• Content You Provide: Resume data, professional information, photos, and files you upload during onboarding.
• Site Data: Your generated website content, design preferences, and configuration.
• Usage Data: Analytics about site visits, chat interactions, and feature usage (with your consent).
• Payment Information: Processed securely by Stripe. We never store your full card details.

• Generate and host your AI-powered professional website
• Process your resume and professional data through our AI council
• Provide visitor analytics and inquiry management
• Send notifications about your account and site activity
• Process payments and manage subscriptions
• Improve our AI models and service quality (aggregated, anonymized data only)

Sivvy uses Google Gemini AI to process your professional data and generate website content. Your data is sent to Google's API for processing but is not retained by the AI provider beyond the processing session. We do not use your personal data to train AI models.

Your data is stored securely in PostgreSQL databases with encrypted connections. Files are stored in AWS S3 with server-side encryption. All data transfers use TLS encryption.

We use the following types of cookies:

• Functional (Required): Authentication session cookies (NextAuth JWT). These are essential for the service to work.
• Analytics (Optional): Used to understand how visitors interact with your site. Requires your explicit consent.
• Referral Attribution: A 30-day cookie to track referral link attribution.

• Right to Access: View all your data in the dashboard or export it as JSON.
• Right to Portability: Export all your data in machine-readable JSON format.
• Right to Deletion: Delete your account with a 30-day grace period. All data is permanently purged after the grace period.
• Right to Rectification: Edit your site content and profile information at any time.
• Right to Object: Opt out of analytics cookies at any time.

• Active accounts: data retained as long as your account is active
• Inactive Starter sites: archived after 30 days of inactivity, purged after 90 days
• Deleted accounts: all data purged within 30 days of deletion request
• Subdomain cooldown: 90 days after deletion before reuse
• Stripe billing records: retained per Stripe's requirements

• Stripe: Payment processing
• Google AI (Gemini): Content generation and AI processing
• AWS S3: File storage
• Resend: Email delivery

For privacy-related inquiries, data requests, or to exercise your rights, contact us at: privacy@sivvy.ai