Find roles

Legal

Privacy Policy

This Privacy Policy explains how Statlyne LLC, the Delaware company that operates roles.cc, collects, uses, shares, and protects personal data, including the CVs engineers entrust to us and the AI processing that powers our matching. We wrote it to be read, not just filed.

EffectiveJune 3, 2026Last updatedJune 3, 2026Version2.0

The short version

  • We collect what you give us (email, CV, preferences) and a little usage data, so we can match engineers to roles and put you forward for the right ones.
  • We never sell your dataand we don’t run advertising trackers or share your data for cross-context behavioral advertising.
  • AI reads your CV to produce a summary, skills, and a fit estimate. Through our providers’ APIs, your data is not used to train their models, and a human makes the decisions that matter.
  • Your identity stays private until an employer signs engagement terms and you approve the specific introduction.
  • You can access, correct, export, or delete your data anytime, from your account or at legal@roles.cc.

This summary is a convenience, not a contract. The full text below is what governs.

01

Who we are & scope

Statlyne LLC (“Statlyne,” “we,” “us,” “our”), 131 Continental Drive, Newark, Delaware 19713, USA, is the controller of personal data processed through roles.cc and related services (the “Service”). This policy applies to Candidates, Clients, and visitors. It does not cover third-party websites or the companies behind the job listings we aggregate, which have their own policies.

02

The data we collect

Information you provide

  • Account & contact data: your email address and, if you provide it, your name.
  • Candidate profile: the content of your CV/résumé, an optional LinkedIn or portfolio URL, preferred locations, seniority, what you are looking for, what to avoid, and how you want to be represented.
  • Client data: for founders and employers, company details, role requirements, billing contact, and engagement terms.
  • Communications: messages you send us (for example, to legal@roles.cc) and your preferences.

Information generated automatically

  • Usage & event data: pages and roles viewed, filters used, searches, clicks, and similar interactions.
  • Device & network data: IP address (truncated or hashed where feasible), browser and operating system, referring URL, and UTM/attribution parameters.
  • Cookies & similar technologies (see Section 9).

Information we derive

  • Derived profile data: a summary, skills, seniority, and AI fit estimates produced by analyzing your CV against job descriptions (see Section 6).

A CV can contain sensitive details. Please don’t include information you don’t want analyzed, such as government ID numbers, health, or financial data. We use any sensitive information in a CV only to provide the Service, not to infer characteristics about you for unrelated purposes.

03

Where data comes from

  • From you directly, when you join the pool, sign in, or contact us.
  • Automatically from your device as you use the Service.
  • From public job sources. Job listings are aggregated from third-party applicant-tracking systems (Greenhouse, Lever, Ashby) and public career pages. This is company and role data, not your personal data.
04

How & why we use data

  • Run the matching engine: surface relevant live roles to Candidates and assemble relevant shortlists for Clients.
  • Represent Candidates: calibrate fit and, with your approval, introduce you to Clients under signed engagement terms.
  • Power AI features: parse a CV and score it against a specific job description (see Section 6).
  • Communicate: send sign-in codes, confirmations, service notices, and, only where permitted, updates you can opt out of.
  • Operate, secure & improve the Service, prevent abuse and fraud, debug, and analyze usage in aggregate.
  • Comply with law, enforce our Terms, and establish or defend legal claims, including maintaining immutable introduction records for fee accounting.

We do not sell personal data, and we do not use it for cross-context behavioral advertising.

06

AI & automated processing

We use a third-party large-language-model provider (Anthropic) to read and analyze CVs and job descriptions and to generate structured outputs: a summary, skills, seniority, strengths, gaps, and a fit estimate.

  • These outputs are informational estimates that help us and Candidates, and may be incomplete or wrong.
  • When we use the provider via its API, your inputs and outputs are not used to train its models, and the provider acts as our processor under contract.
  • A human stays in the loop. We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing; a person reviews and decides which Candidates are represented or introduced. Where you have rights regarding automated decision-making, contact us to request human review.
07

When we share data

Candidate identity

We disclose a Candidate’s identifying information (name, contact details, full CV) to a prospective employer only after (a) that employer has signed an engagement agreement with Statlyne and (b) the Candidate has approved the specific introduction. This is enforced at our data layer. Before an approved introduction, we may share de-identified signals (such as a summary, seniority, and derived skills). Every identifying introduction is logged in an immutable record.

Other sharing

  • Service providers (sub-processors) who process data on our instructions under contract (see Section 8).
  • Legal & safety: to comply with law, respond to lawful requests, enforce our Terms, or protect the rights, property, or safety of users, the public, or Statlyne.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to this policy.
  • With your direction or consent for any other purpose you ask us to.
08

Sub-processors

We rely on the following providers to run the Service. Each processes personal data only on our instructions and under a data-processing agreement.

  • Supabase: database, authentication, and private file storage for CVs (US hosting).
  • Vercel: application hosting, CDN, and edge runtime (US).
  • Anthropic: AI model provider used to parse CVs and score CV-to-role fit; not used to train its models via the API (US).
  • Resend: transactional email such as sign-in codes and confirmations (US).
  • Stripe: payment processing for Client fees; we do not store full card numbers (US).
  • PostHog: first-party product analytics (pageviews, events, attribution).

We may add or change providers as the Service evolves; we will keep this list current. To request the latest list, email legal@roles.cc.

09

Cookies & analytics

We use cookies and similar technologies for two purposes: essential functions (such as keeping you signed in) and product analytics via PostHog to understand and improve how the Service is used. We do not run third-party advertising trackers, and we do not share data for cross-context behavioral advertising.

You can control cookies through your browser settings; blocking essential cookies may stop sign-in from working. Where required, we honor opt-out preference signals such as Global Privacy Control (GPC).

10

Data retention

We keep personal data only as long as needed for the purposes above:

  • Candidate account & CV: while your account is active. After you delete your account or CV, we remove the CV file and profile data within 30 days, except for limited residual copies in backups that expire on our normal cycle.
  • Usage & analytics data: retained for a limited period in identifiable form, then aggregated or deleted.
  • Introduction records: retained as an append-only ledger to support engagement-fee accounting and dispute resolution.
  • Records we must keep for legal, tax, audit, or fraud-prevention reasons are retained for the required period.
11

Security

We use industry-standard safeguards to protect personal data, including encryption in transit (TLS) and at rest, row-level security on the database, scoped access controls, and private storage buckets served only through short-lived signed URLs. No method of transmission or storage is perfectly secure; if we become aware of a breach affecting your personal data, we will notify you and the authorities as required by law.

12

International transfers

We process personal data primarily in the United States. If you access the Service from outside the US, you understand your data will be transferred to and processed in the US. Where we transfer personal data subject to EEA, UK, or Swiss law, we rely on appropriate safeguards such as the Standard Contractual Clauses.

13

Your privacy rights

Subject to applicable law, you may have the right to access, correct, export (portability), or delete your personal data, to object to or restrict certain processing, and to withdraw consent. You can exercise many of these directly from your account page, or by emailing legal@roles.cc.

We will respond within the time required by law. We may need to verify your identity before acting, and some data may be retained where an exception applies (for example, immutable introduction records or legal obligations). You will not be discriminated against for exercising these rights. EEA/UK users may also lodge a complaint with their local data-protection authority.

14

California privacy rights (CCPA/CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act, as amended. In the past 12 months we have collected these categories of personal information: identifiers (such as email and IP address); professional or employment information (your CV and profile); internet or other electronic activity (usage and device data); and inferences (derived skills, seniority, and fit estimates). A CV may contain sensitive personal information, which we use only to provide the Service.

You have the right to:

  • Know the categories and specific pieces of personal information we collect, use, and disclose;
  • Delete personal information we collected from you, subject to exceptions;
  • Correct inaccurate personal information;
  • Limit the use of sensitive personal information to what is necessary to provide the Service; and
  • Not be discriminated against for exercising your rights.

We do not sell your personal information and do not share it for cross-context behavioral advertising, and we do not knowingly do so for anyone under 16. To make a request, email legal@roles.cc; you may use an authorized agent, and we will verify the request as required.

15

Other US state rights

Residents of states with comprehensive privacy laws, including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and others, may have rights to access, correct, delete, and obtain a copy of their personal data, and to opt out of targeted advertising, the sale of personal data, and certain profiling. We do not sell personal data or conduct targeted advertising. To exercise your rights, email legal@roles.cc. If we deny a request, you may appeal by replying to our decision; where available, you may also contact your state attorney general.

16

Children

The Service is intended for adults and is not directed to children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact legal@roles.cc and we will delete it.

17

Changes to this policy

We may update this policy as the Service and the law evolve. We will post the updated version here with a new effective date and, for material changes, take reasonable steps to notify you. Your continued use after changes take effect means you accept the updated policy.

18

How to contact us

For any privacy question or request, email legal@roles.cc. We are the controller responsible for your personal data.

Statlyne LLC
131 Continental Drive
Newark, Delaware 19713
United States

↑ Back to top