Early Access — Join 100+ global users who stopped searching and started getting hired. Learn More →

Privacy Policy

Effective date: 1 March 2026 · Last updated: 20 March 2026

1. Who we are

TalentChain Ltd (“TalentChain”, “we”, “us”, “our”) operates the job search platform at thetalentchain.com. We are a UK-based company and act as the data controller for personal data processed through our platform.

Contact us: support@talentchain.io

2. What data we collect

We collect the following categories of personal data:

  • ·
    Account information — your name, email address, and password (stored as a hash) when you register.
  • ·
    CV / resume content — the text of your uploaded CV, including employment history, education, skills, and any personal details you include (address, phone number, links).
  • ·
    Job search preferences — desired roles, locations, salary expectations, and work-type preferences.
  • ·
    Matching and scoring data — AI-generated compatibility scores between your profile and job listings.
  • ·
    Application tracking data — records of jobs you have applied to, their status, and any generated cover letters or personal statements.
  • ·
    Usage analytics — anonymised data on which features you use, to help us improve the platform. We do not use third-party tracking cookies.

3. How we use your data

We use your personal data to:

  • ·Create and manage your account.
  • ·Extract structured information from your CV to build your profile.
  • ·Match your profile to relevant job listings using AI-powered scoring.
  • ·Generate cover letters and personal statements tailored to specific roles.
  • ·Track and display the status of your job applications.
  • ·Send transactional emails (account confirmation, password reset).
  • ·Detect and prevent abuse, spam applications, and prompt injection attempts.
  • ·Improve the platform through aggregated, anonymised usage analysis.

Legal basis: Processing is necessary for the performance of our contract with you (Article 6(1)(b) UK GDPR) and, where AI processing involves transferring data to US-based processors, on the basis of your explicit consent (Article 6(1)(a) and Article 49(1)(a)).

4. Third-party data processors

We share data with the following sub-processors, each bound by a Data Processing Agreement. Where a processor is US-based, transfer is made on the basis of your explicit consent (Article 49(1)(a) UK GDPR).

Anthropic (Claude AI)US-based

CV text extraction, match scoring, cover letter generation.

US transfer — explicit consent required.

View privacy policy →
Voyage AIUS-based

Generating text embeddings used for semantic job matching.

US transfer — explicit consent required.

View privacy policy →
SupabaseCloud-hosted (EU region where possible)

Primary database and file storage for all platform data.

Data processed under Supabase DPA.

View privacy policy →
Firebase (Google)Google Cloud

User authentication and identity management.

Processed under Google's data processing terms.

View privacy policy →
VercelUS-based hosting

Hosting and serving the TalentChain web application.

Processed under Vercel's DPA.

View privacy policy →

5. Your rights (UK GDPR)

You have the right to:

  • ·
    Access: Request a copy of the personal data we hold about you.
  • ·
    Rectification: Correct inaccurate or incomplete data.
  • ·
    Erasure: Request deletion of your data ("right to be forgotten").
  • ·
    Portability: Receive your data in a structured, machine-readable format.
  • ·
    Objection: Object to processing based on legitimate interests.
  • ·
    Withdraw consent: Withdraw AI processing consent at any time from Settings. Withdrawal does not affect past processing.

To exercise any right, email support@talentchain.io. We will respond within 30 days. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

6. Data retention

  • ·Active account data is retained for as long as your account exists on TalentChain.
  • ·Following account deletion, all personal data is permanently deleted within 30 days.
  • ·Anonymised job listing data and aggregated analytics may be retained indefinitely for platform operation and improvement.

7. Cookies

We use session cookies only — strictly necessary to keep you logged in. We do not use third-party tracking cookies, advertising cookies, or analytics cookies that identify you personally.

8. Security

We take the security of your data seriously. Measures include:

  • ·Encryption at rest for all data stored in Supabase.
  • ·HTTPS enforced for all connections to the platform.
  • ·Rate limiting on all API endpoints to prevent abuse.
  • ·Prompt injection detection on all AI-facing inputs.
  • ·Password hashing — we never store plaintext passwords.

Despite these measures, no system is entirely secure. If you discover a vulnerability, please report it to support@talentchain.io.

9. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (to the address on your account) and update the effective date at the top of this page. Continued use of the platform after notification constitutes acceptance.

10. Contact

For any privacy-related questions or to exercise your rights, contact us at support@talentchain.io.

TalentChain Ltd · London, United Kingdom