airoles

Privacy Policy

Last updated 2026-05-13

AIroles is operated by Matheus Tonelotto (Brazil). This policy explains what we collect, why, and your rights over your data. We aim to collect the minimum needed to run a curated job board and to be honest about who processes what.

1. Who we are

AIroles (airoles.io) is a curated job board for AI-fluent roles. The data controller is Matheus Tonelotto, a Brazilian individual. You can reach us at hello@airoles.io.

2. Information we collect

We collect only what we need to operate the service:

  • Account data: your email address and optional display name, used to authenticate you with a magic link.
  • Candidate profile (optional): bio, links, and a resume file you upload to a private bucket. You decide whether to fill this in.
  • Job listings: company name, role details, and description submitted by employers; these are public by design.
  • View tracking: when a job page is loaded, we record the job ID, a session cookie, and a timestamp with a 30-minute deduplication window. This is used to show employers honest view counts.
  • Apply intent: when you click an apply button, we record the job ID, the apply method used, and either your candidate ID (if signed in) or a session identifier.
  • Payment metadata: if you purchase a featured listing, we receive customer and payment metadata from Stripe (no card numbers).
  • Claim requests: if you ask to claim an existing company profile, we store the role you said you hold and any note you submit so an admin can review it.

3. How we use it

We use the information above to:

  • Operate the service: show jobs, run search, route apply clicks, and let you sign in.
  • Send transactional email: magic-link sign-ins, claim-request status, and important account notices.
  • Curate listings: send the job title, company name, and description to an AI model so it can score how well the role matches AIroles' AI-fluency criteria.
  • Process payments for featured listings.
  • Report honest, aggregate analytics to employers about their own listings (views and apply intents). We do not sell data or run ad targeting.

4. Third-party services (sub-processors)

We rely on a small set of vendors. Each one only sees the data needed for its job:

  • Resend transactional email delivery (magic links, claim notifications). Sees your email address. resend.com/legal/privacy-policy
  • OpenRouter routing requests to AI models that score job descriptions. Sees the job title, company name, and description. We don't send personal user data. openrouter.ai/privacy
  • Stripe payment processing for featured-listing purchases. Sees customer and card data directly. stripe.com/privacy
  • Railway hosting for our web app, Postgres database, and object storage (resumes, logos). railway.com/legal/privacy

5. Cookies

We use a minimal set of cookies, all first-party:

  • airoles_sid — a non-tracking session identifier used to deduplicate page views (30-minute window).
  • A better-auth session cookie that keeps you signed in after you click a magic link.
  • We do not run third-party advertising pixels, marketing trackers, or cross-site analytics.

6. Data retention

We keep your data for as long as your account is active, or as needed to operate the service. If you ask us to delete your account, we remove your profile, resume, and personal data within 30 days, except where retention is required by law (for example, payment records).

7. Your rights (LGPD / GDPR-style)

Wherever you live, we offer the following rights over your personal data:

  • Access — request a copy of the data we hold about you.
  • Correction — ask us to fix inaccurate data.
  • Deletion — ask us to delete your account and personal data.
  • Portability — request an export of your data in a machine-readable format.

To exercise any of these rights, email hello@airoles.io from the address associated with your account. We typically respond within 5 business days. If you are based in Brazil, you also have rights under the LGPD; if in the EU/UK, under GDPR.

8. Children

AIroles is not directed at children. The service is intended only for users 18 years of age or older. We do not knowingly collect data from anyone under 18. If you believe we have, please email us so we can delete it.

9. International transfers

Although AIroles is operated from Brazil, your data may be processed in other countries by our sub-processors (for example, Railway servers in the United States or Europe). By using the service, you consent to this transfer. We choose vendors that offer reasonable security and contractual data-protection standards.

10. Changes to this policy

We may update this policy as the service evolves. When we do, we change the "last updated" date at the top of this page and, for significant changes, notify you by email or with a notice on the site.

11. Contact

Questions about this policy or your data? Email hello@airoles.io. We typically reply within 1–2 business days.

Back home
Privacy Policy · AIroles · AIroles