Privacy Policy
Alynd operates the career portfolio and CV platform at alynd.net. This policy explains what personal data we collect, why we use it, who we share it with, how long we keep it, and the rights you have. Alynd is the data controller for personal data processed through the Service. For a shorter summary of controls in the product, see our Data Controls page.
Last updated: May 18, 2026
Who we are and how to contact us
Alynd provides a web-based platform that helps individuals build and manage career records (Nexus), create tailored CVs (Studio), use the Lyra AI assistant, and use Interview Coach for live interview assistance. The Service is operated by Alynd and is accessible at alynd.net.
Product, privacy, and data rights: info@alynd.net
Business enquiries: enquiries@alynd.net
Related pages: Terms of Use, Data Controls, AI data use, Security.
Definitions
These terms are used consistently in this policy and in our Terms of Use.
Service means the Alynd web application and related features at alynd.net.
Account means your registered user account.
Content means career data, uploaded files, CV documents, job descriptions, transcripts, prompts, and other material you submit or create in the Service.
Personal data means information relating to an identified or identifiable individual.
Processor means a third party that processes personal data on our behalf under a data processing agreement.
Personal data we collect
We collect the categories below when you register, use the Service, or contact us.
Account and identity
- Name and email address at registration.
- Password, stored as a one-way cryptographic hash — we cannot read or recover it.
- Subscription tier, billing status, and AI credit usage associated with your plan.
Career and professional Content
- Profile details (title, summary, contact fields, links, location, currency).
- Work history, education, skills, labels, projects, responsibilities, and compensation fields you choose to enter.
- Professional records (certifications, publications, awards, grants, memberships, licences, training, presentations).
- Files you attach to records (for example CVs, certificates, or work samples).
- Studio CV documents, template choices, selections, formatting, and CV-specific edits.
AI interaction data
- Messages and instructions sent to Lyra, including context from Nexus or Studio where relevant to your request.
- Job descriptions, role URLs, and notes you provide for tailoring or Interview Coach.
- Interview Coach session data: typed questions, live transcripts, chat history, optional screenshots, and attached CV content used to generate answers.
- Text extracted from CV files you upload for import, and proposed records before you confirm them.
- Education programme URLs you submit for optional module import.
Audio and meeting capture (when you enable it)
- If you share a meeting tab with audio in Interview Coach, audio is sent to our speech-to-text provider for real-time transcription. We do not retain raw audio after transcription completes.
Technical and usage data
- IP address and approximate location (country or city level).
- Browser, operating system, and device type.
- Pages and features used, session timestamps, and error or diagnostic logs.
Payment data
Subscription payments are handled by a third-party payment processor. We do not store full card numbers. We receive subscription and payment status updates (for example whether a subscription is active, past due, or cancelled).
Support and issue reports
If you email us or submit an in-app issue report (including page URL, description, and severity), we retain that information to investigate and respond.
Data about other people
If you store references, colleague details, or other individuals in your Content, you are responsible for having a lawful basis to do so. Alynd processes that information only to provide the Service to you.
How we collect personal data
From you directly — registration, Nexus and Studio editing, file uploads, AI feature use, exports, account settings, and communications with us.
Automatically — technical logs and session data when you use the Service.
From processors — our payment processor sends subscription and billing status updates. We do not buy personal data from data brokers or advertising networks.
Why we use personal data and lawful bases
Under UK GDPR and EU GDPR we process personal data only where we have a lawful basis.
Performance of a contract — to create and operate your Account; store and display your Content; run Studio exports; provide Lyra, Interview Coach, and CV import when you invoke them; meter AI credits on your plan; and process subscriptions. Without this processing we cannot provide the Service you signed up for.
Legitimate interests — to keep the Service secure and reliable; detect abuse; debug errors; understand aggregated product performance; and communicate important service or policy changes. We balance these interests against your rights and expectations.
Legal obligation — to retain certain billing and financial records as required by law.
Consent — where required for optional processing (for example non-essential cookies if we introduce them in future). You may withdraw consent without affecting the lawfulness of earlier processing.
We do not use your personal data for behavioural advertising. We do not sell your personal data.
We do not use your Content to train proprietary machine-learning models. See our AI data use page for how third-party AI providers handle API submissions.
Cookies and similar technologies
We use strictly necessary cookies and similar storage to keep you signed in and to operate the Service. These are required for core functionality and do not need consent under UK/ePrivacy rules for essential cookies.
We do not use advertising cookies, cross-site tracking cookies, or third-party analytics cookies at this time. If we introduce cookies that require consent, we will update this policy and ask for your consent before they are set.
Who we share personal data with
We share personal data only with Processors that help us run the Service, under contracts that limit their use of your data. We do not share your data with advertisers or data brokers. We use categories of provider such as:
- Hosting and database providers — to run the application and store Account and career data.
- Cloud file storage — to store uploaded files privately in the UK, with encrypted storage and time-limited download links.
- AI service providers — to power Lyra, Interview Coach, and CV import when you use those features. Only the text and career context needed for each request is sent. Under standard API terms, this data is not used to train their public models by default.
- Speech-to-text providers — only when you enable meeting or tab audio capture in Interview Coach. Audio is processed in real time; we do not store raw audio after transcription.
- Payment processors — to bill subscriptions. Card details are held by the processor under PCI-DSS controls; we receive billing events and identifiers, not full card numbers.
- Email delivery providers — to send transactional messages (registration, password reset, billing notices).
We may also disclose data if required by law, court order, or to protect the rights, safety, and integrity of users and the Service.
A current list of subprocessors is available on request at info@alynd.net.
International transfers
Primary hosting and file storage is in the United Kingdom and European Economic Area where applicable. Some AI and speech-to-text providers may process data in the United States or other countries.
When personal data is transferred outside the UK or EEA, we use appropriate safeguards such as UK International Data Transfer Agreement / Addendum and EU Standard Contractual Clauses (or equivalent mechanisms) so your data receives a level of protection consistent with UK and EU law.
How long we keep personal data
- Account and career Content — while your Account is active; deleted within 30 days of confirmed account deletion, subject to backup cycles described below.
- Uploaded files — until you delete them or delete your Account.
- Payment and billing records — up to 7 years after the relevant transaction for legal and accounting obligations.
- Server and diagnostic logs — up to 90 days.
- Support and issue reports — up to 2 years after resolution unless a longer period is needed for a dispute.
- Live transcription audio — not retained after transcription; session text may remain until you clear the session or delete your Account.
Backups may retain deleted data for a limited period before overwrite. During that time, data is not used to provide the active Service to you.
Security
We use technical and organisational measures including TLS encryption in transit, encrypted storage for files, hashed passwords, private database access, role-based internal access, and review-before-save for most AI-proposed account changes.
More detail is on our Security page. No online service can guarantee absolute security; please use a strong unique password and report concerns to info@alynd.net.
If a personal data breach is likely to pose a risk to your rights, we will notify you and the UK Information Commissioner's Office within 72 hours where UK GDPR requires it.
Your rights
Depending on where you live, you may have the following rights. Contact info@alynd.net to exercise them. We respond within one month unless an extension is permitted (we will tell you if we need longer).
- Access — request a copy of personal data we hold about you.
- Correction — request correction of inaccurate or incomplete data (most career data can be edited directly in Nexus and Studio).
- Deletion — request deletion; you can delete your Account under Settings → Security → Delete account.
- Restriction — request that we limit processing in certain circumstances.
- Portability — receive data in a structured, machine-readable format via Settings → Security → Export data.
- Objection — object to processing based on legitimate interests where applicable.
- Withdraw consent — where processing is based on consent.
- Complaint — lodge a complaint with the UK ICO at ico.org.uk or your local EU supervisory authority.
We will not discriminate against you for exercising privacy rights. Identity verification may be required before we act on a request.
California and other US privacy rights
If you are a California resident, you may have additional rights under the CCPA/CPRA, including rights to know, delete, and correct personal information, and to opt out of sale or sharing. We do not sell or share personal information for cross-context behavioural advertising. To submit a request, email info@alynd.net. We do not discriminate against you for exercising these rights.
Children
The Service is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us personal data, contact info@alynd.net and we will delete it.
Automated processing
AI Features generate suggestions based on your Content. They do not make legal or similarly significant decisions about you. Outputs are drafts for your review; you choose what to save or use. Interview Coach answers are assistance only — you are responsible for what you say in an interview.
Changes to this policy
We may update this policy from time to time. For material changes we will email the address on your Account at least 14 days before the effective date and update the Last updated date above. Continued use after that date means you accept the revised policy. If you disagree, stop using the Service and delete your Account before the change takes effect.
Contact
Product, privacy, and data rights: info@alynd.net
Business enquiries: enquiries@alynd.net
Website: alynd.net