Aistint

Privacy Policy

Effective date: 17 May 2026  ·  Last updated: 17 May 2026  ·  Version: 2026-05-17

The short version. Aistint is an AI-powered resume reviewer. To analyse your resume we send its contents to Anthropic's Claude API. We store your account, analyses and usage in Supabase. We never sell your data, never train AI models on it, and you can export or delete everything at any time from Account → Privacy & data.
  1. Who we are
  2. What we collect
  3. How we use it
  4. AI processing & resume content
  5. Who we share with
  6. International transfers
  7. Retention
  8. Your rights
  9. Children
  10. Security
  11. Cookies & local storage
  12. Changes
  13. Contact & Grievance Officer

1. Who we are

This Privacy Policy describes how [Legal Entity Name] ("Aistint", "we", "us") collects and uses personal data when you use the Aistint app and website at aistint.app. We are the Data Fiduciary under India's Digital Personal Data Protection Act, 2023 ("DPDP Act") and the Data Controller under the EU GDPR where it applies.

2. What we collect

2.1 Account & profile data

2.2 Resume & analysis data

2.3 Usage & technical data

2.4 Payment data

3. How we use your data

PurposeDataLegal basis
Create & secure your accountAccount, OTPContract
Analyse your resume and generate feedbackResume, analysis, accountContract / consent
Customer supportAccount, communicationContract
Send transactional emails (login, billing, results)Email, nameContract / legal
Send marketing emails (you can opt out)Email, nameConsent
Improve the product & analyticsUsage, deviceConsent / legitimate interest
Detect abuse and fraudAccount, usage, IPLegitimate interest
Comply with tax, accounting and legal requirementsPayments, accountLegal obligation

4. AI processing & resume content — important

To analyse your resume, the text content is sent to Anthropic, PBC (anthropic.com) — the maker of Claude. Anthropic acts as our data processor under a Data Processing Agreement.

If you do not consent to AI processing of your resume, please do not use Aistint — the core feature cannot work without it.

5. Who we share data with

We do not sell your personal data. We share only with the following processors, each bound by a Data Processing Agreement:

ProcessorPurposeLocation
Anthropic, PBCAI resume analysis (Claude API)USA
Supabase, Inc.Database & authenticationUSA / Singapore
Cloudflare, Inc.Web hosting, CDN, edge functionsGlobal edge network
ResendTransactional email deliveryUSA
Google LLCOAuth sign-in (if you choose Google login)USA
[Razorpay / Stripe]Payment processingIndia / USA

We may also disclose data to authorities when required by law, court order or to protect rights, safety and property; and to a successor entity in case of a merger, acquisition or sale of assets (with notice to you).

6. International data transfers

Our processors are located outside India. We transfer your data to them in accordance with the DPDP Act and applicable Government of India notifications. For EEA/UK users, we rely on Standard Contractual Clauses approved by the European Commission with each processor.

7. Retention

CategoryRetention period
Account dataWhile account is active + 90 days after deletion
Resume content & analysesWhile account is active, or until you delete them; whichever first
OTP codesUp to 15 minutes, then deleted
Sessions30 days after last activity
Payment records8 years (Income Tax Act, India)
Marketing consent log3 years after withdrawal (audit trail)
Backups30 days rolling

8. Your rights

Under the DPDP Act, GDPR and similar laws you have the right to:

You can exercise most of these directly inside the app: Account → Privacy & data. Or email privacy@aistint.app. We respond within 30 days.

9. Children's privacy

Aistint is not directed at children under 18. We do not knowingly collect personal data of children. We do not engage in tracking, behavioural monitoring or targeted advertising directed at children. If you believe a child has provided data to us, please contact us and we will delete it.

10. Security

We protect your data with:

No system is 100% secure. In case of a personal data breach we will notify the Data Protection Board of India and affected users as required by law.

11. Cookies & local storage

Aistint uses only the minimum storage needed to keep you signed in and remember your preferences:

We do not use third-party advertising cookies. If we add analytics that uses cookies, we will ask for your consent first via a banner.

12. Changes to this Policy

We may update this Policy. When we make material changes we will notify you in the app and by email, and where required we will re-ask for your consent. The "Last updated" date and "Version" above always reflect the current version.

13. Contact & Grievance Officer

For any privacy question or to exercise your rights:

In accordance with the DPDP Act and the Information Technology Rules, our Grievance Officer is: