Talent Score

Privacy Policy

Your privacy is important to us. This Privacy Policy explains how Talent Score ('we', 'us', 'our'), operated by Bilustek, LLC, collects, uses, and protects your personal information when you use our platform, including when logging in through third-party authentication providers.

Data Collection

We store only the minimum information necessary to provide and secure our services.

Any data submitted by users - including resumes and related content - is stored solely for the purpose of providing the functionality of the application.

We do not process this data for any secondary purposes, nor do we share it with third parties except when required to securely operate the service.

Account Data

When you sign in using third-party authentication provider (such as: Google Sign-In), we collect and store:

  • Full Name
  • Email Address
  • Login timestamp and IP address

Payment Data

When you purchase Credits, we also collect and store:

  • Payment and billing details via Stripe (transaction ID, amount, currency)
  • Invoice information (Stripe download PDF links)

Usage Data

We store certain usage data to operate the service, maintain your account, and ensure accurate credit tracking.

This includes:

  • The contents of the files you upload (such as your resume), solely for the purpose of processing, analyzing, and generating results using OpenAI’s API services.
  • Credit consumption records generated when you perform analysis or other operations.
  • Credits earned through purchases or account top-ups.
  • Your full wallet transaction history, stored to keep you informed and to provide transparent accounting of your credits.

All analysis results produced from your resumes are stored only for your use within the application. We do not use this data for any unrelated purposes or share it with any third parties, except as required to operate the service securely.

You can delete any uploaded file at any time with a single click, and all associated stored content will be permanently removed from our systems. We never delete your data automatically.

We do not collect or process video, audio, or biometric data, unless explicitly required for future features (which would be disclosed and consent-based).

How We Use Your Data

We process your data to:

  • Authenticate your account and manage sessions,
  • Execute and improve the service (e.g., process uploaded files),
  • Manage billing, invoicing, and refund requests,
  • Notify you about credit usage, expiry, and transactions,
  • Detect and prevent fraud or unauthorized use.

We never use your information for marketing, profiling, or sale to third parties.

Legal Basis for Processing

Processing is based on:

  • Contractual necessity - to provide the service you requested (Art. 6(1)(b) GDPR),
  • Legitimate interest - to maintain platform security and prevent abuse (Art. 6(1)(f)),
  • Legal obligation - for tax or accounting compliance (Art. 6(1)(c)).

If we introduce optional marketing or research features in the future, we will seek explicit consent (Art. 6(1)(a)) before processing any additional data.

Data Retention

Data Category Retention Period
Account information (name, email) As long as the account remains active
Login records As long as the account remains active
Transaction / billing data As required by financial regulations (up to 10 years)
Credit usage logs As long as the account remains active
Uploaded documents As long as you do not delete them

Inactive accounts (no login for 12 months) may be deleted following prior notice, even if the user has remaining purchased credits.

Purchased or gifted credits must be used within 6 months from the date they are added to your account. Any unused credits will automatically expire after this period.

Data Sharing

We share data only with trusted third-party processors necessary to operate the Platform:

Processor Purpose Region / Safeguard
Google Authentication (Google Sign-In) EU SCCs / GDPR-compliant
Stripe Payment processing and billing PCI-DSS compliant
Cloud Provider Database, secure storage ISO/IEC 27001:2022

No personal data is sold or transferred for advertising. If legally required (e.g., court order), we may disclose limited data to competent authorities.

Data Security

We take reasonable and industry-standard measures to protect the data you store in our service. All communication between your browser and our servers is encrypted using modern SSL/TLS protocols.

Sensitive components such as databases and internal services are isolated from public access and operate within a secured private environment. Access to our systems is restricted, monitored, and protected with appropriate security controls.

We also maintain regular weekly backups to ensure data integrity and service continuity in the event of an unexpected system failure.

Payment information is never stored on our servers; all payments occur via Stripe’s PCI-DSS compliant infrastructure.

Your Rights

You have right to:

  • Access your data
  • Rectify inaccuracies
  • Request account deletion (wipe everything related to you)
  • Request your data (wallet transactions, invoices, resumes etc...)

We respond within 10 business days of receiving a verifiable request.

We also provide a support system where you can open a ticket at any time if you need assistance. We typically respond within 2 business days.

Automated Processing

Our system automatically processes uploads for technical parsing and analytics. However, no automated decision-making or profiling producing legal or significant effects occurs. All credit management and refunds are manually verified.

Data Breach Response

In the unlikely event of a personal-data breach:

  • We identify and contain the incident immediately.
  • Impacted users are notified without undue delay.
  • If required, relevant authorities (GDPR or supervisory body) are informed within 72 hours.
  • Root-cause analysis and preventive measures are implemented.

Children’s Privacy

Our services are not directed to persons under 18 years old. We do not knowingly collect data from minors. If such data is inadvertently collected, it is deleted upon discovery.

Updates to This Policy

We may update this Policy from time to time. Revisions take effect once published on this page. We will notify users via email or in-app notice for material changes.

Contact

For privacy inquiries, data-subject requests, or complaints, contact:

Bilustek, LLC
2261 Market Street STE 86996
San Francisco, CA 94114
USA

Contact Method Details
Office +1 (320) 317-7912
Email support@talentscore.cloud