Welcome to Karivio. We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we handle your information when you use our application.

1. Information We Collect

When you log in using Google, we collect your name, email address, profile picture (avatar), and a unique Google ID to create and manage your account.

2. How We Use Your Information

Your information is used solely for authentication and providing the core services of Karivio, such as managing your job applications and CVs.

3. Data Protection and Sharing

We implement industry-standard security measures, including encryption at rest and in transit, to protect your data from unauthorized access, disclosure, or destruction. Regarding your personal and Google user data:

• No Sale: We do not sell your personal information or Google user data to any third parties.
• No Sharing/Transfer: We do not share, transfer, or disclose your information to third parties for purposes other than those explicitly required to provide the Karivio service (e.g., communicating with Google APIs).
• No Advertising: Your data is never used for targeted advertising, credit-worthiness assessment, or any purpose unrelated to the core functionality of Karivio.

4. Google User Data Usage

Karivio uses Google OAuth to allow you to send job applications directly from the platform. We request the https://www.googleapis.com/auth/gmail.send scope to facilitate this.

• Access: We only access your Gmail account to send emails that you explicitly compose and trigger within Karivio.
• Use: Your Google user data is used solely to provide and improve user-facing features. We do not use this data for any other purpose.
• Prohibited Uses: We strictly prohibit the use of Google user data for:
  • Targeted, personalized, or interest-based advertising.
  • Training AI or machine learning models.
  • Selling to data brokers or information resellers.
• Storage: We store your Google Refresh Token securely in our database using encryption. We do not store the content of your emails beyond what is necessary for logging and tracking your applications.

5. Data Retention and Deletion

Karivio is committed to the principle of data minimization and purposeful retention. Regarding Google user data:

• Retention: We retain your Google user data (including email address and OAuth tokens) only as long as you have an active account with Karivio. If your account is inactive for more than 12 months, we will automatically delete your stored OAuth tokens and personal identifiers.
• Deletion: You may request the deletion of your data at any time. Upon your request or when you delete your account, all Google user data (including refresh tokens and profile information) will be permanently purged from our database within 30 days.
• Manual Deletion: You can also revoke Karivio's access to your Google account at any time through the Google Security Settings page.

6. Third-Party Services

We use Google OAuth for authentication and email services. Please refer to Google's Privacy Policy for information on how they handle your data.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@karivio.mhna.my.id.