You tell Careersy AI things you don't tell your manager. The salary you actually want. The interview you walked out of last week. The role you took because you were running out of runway. The redundancy you haven't told your network about yet.
That is the substance of what passes through this product. Not "data." Not "engagement signal." The stuff people don't say out loud because saying it out loud has consequences.
So privacy isn't something we wrote a policy about and moved on. It's the constraint the architecture was built around.
Most AI tools are free because you're the product. Careersy AI isn't free, on purpose.
There is a single design choice that runs underneath everything in Careersy AI. We call it fail closed.
When the system can't confirm whether a chat is private, it treats it as private. When it can't tell whether you've turned memory off, it leaves memory alone. When something goes wrong in a privacy check, the safe default kicks in. Uncertainty resolves toward the private answer.
That sounds obvious. It is the opposite of how most software gets written. Most code makes the cheerful assumption that everything is fine and uses your data unless something specifically stops it. We invert that. The data stays untouched unless every gate confirms it is allowed to move.
The practical effect: there is no path where a missed flag, an edge case, or a bug ends up leaking your profile into the model. The worst case under failure is a less personalised response. Not a more public one.
Four things you can do today, no support ticket needed.
Temporary Chat. One click starts a conversation where the AI sees none of your saved history and learns nothing from what you tell it. Nothing from that chat is added to your profile. It's locked at the moment you open it (enforced at the database level), so it can't be flipped back to a normal chat later and quietly absorb the content.
Memory off, one switch. A single toggle on your profile turns the entire memory layer off. When it's off, your stored facts are frozen. The system won't read them, won't write new ones, and won't run its weekly tidy-up over them. The off-state is honoured everywhere your data could be used: chat, job suggestions, live job feeds, the background maintenance job.
Export everything. One click downloads your full data envelope as a file: profile, identity, memories, chats, project notes, subscription. The whole picture, yours.
Delete everything, immediately. Account deletion is immediate and permanent. It cascades through every table that holds anything of yours and cancels billing on the spot. No "we'll get to it in 30 days." No shadow copy waiting to be re-enabled.
Two things happen on a schedule, whether you ask or not.
Anything you soft-delete is permanently purged after a fixed window by a scheduled job. Deletion is real. It is not the common pattern of is_deleted = true sitting in a database forever.
A weekly job consolidates the facts your profile remembers, merging duplicates so the same thing isn't stored five times. That job explicitly skips anyone who has turned memory off. The opt-out is honoured by every process, not just the front-end ones a user can see.
The primary database is in Sydney, the ap-southeast-2 region. Your core data is stored in Australia.
That sentence is doing a lot of work, and the honest version of it is below.
Those aren't marketing lines. They're commitments stated in the live Privacy Policy, and the AI provider's API terms back them up on the model side.
This is the section that probably matters most to you, because you've read enough of these to spot the omissions.
The AI processing happens overseas. Storage is in Australia, but to actually generate a response, the relevant content moves through vetted third-party services, mostly hosted in the US. We hold each of them to Australian Privacy Principle standards and remain accountable for how they handle your data. The current list of sub-processors lives in our Privacy Policy, where it can stay current as providers change. The honest version of the residency claim is: stored in Australia, processed by accountable providers. Not "never leaves Australia."
Temporary Chats are still logged internally for quality review. Incognito means the AI forgets and your profile stays clean. It does not mean the message vanishes from every system. Conversation content is retained in internal admin logs, and deleted when you delete your account. The Privacy Policy says this directly. We don't say "leaves no trace," because it does leave one.
The marketing website uses Google Analytics. Ad-personalisation and cross-site features are off, so it's standard aggregate analytics, not ad-tracking. But there's analytics on the marketing pages. We won't claim "we don't track anything."
The AI sees your data in plaintext to do its job. Everything is encrypted in transit and at rest. It is not end-to-end encrypted, and we are not a zero-knowledge system. The model has to read your words to write a useful response. Any company that claims otherwise about an AI product is either lying or describing a tool that can't help you.
Your conversations are stored. That's how the AI keeps continuity across sessions, and how the team can review quality. We don't claim "we don't keep your chats."
Because the audience for this product is senior tech professionals, and senior tech professionals can smell a privacy page that's been polished to hide something within about thirty seconds. The credibility move isn't to claim more. It's to claim exactly. The features above are the part we got right. The honest paragraphs above are the part most AI tools won't show you.
If the result of reading both is that you trust the controls more, not less, that's the point.
Your career story is yours. The product just has to earn the right to read it, every time you open a chat.
Yes, with the same boundaries any AI tool has. Your data is stored in Australia (Sydney), encrypted in transit and at rest, never sold, never used to train the AI on your conversations, and never shared with employers or recruiters. You can delete everything immediately, no waiting period and no shadow copy.
No. Your conversations are not used to train the underlying model. They are stored to give you continuity across sessions and for internal quality review. When you delete your account, they are deleted with everything else.
The primary database is in Sydney (ap-southeast-2), so your core data is stored in Australia. The AI processing itself happens with vetted overseas providers to generate responses; the current list of sub-processors lives in our Privacy Policy. Careersy AI remains accountable for how they handle it, to Australian Privacy Principle standards.
A one-click incognito mode. The AI starts fresh, sees none of your saved history, and learns nothing from the conversation. The chat is locked as Temporary the moment you open it, enforced at the database level, so it can't be flipped back to a regular chat later. The conversation content is still retained in internal admin logs for quality review and deleted when you delete your account.
One action in your account deletes everything immediately and permanently. Profile, memories, chats, identity, project notes, subscription. The deletion cascades through every table holding your data and cancels billing on the spot. No 30-day grace period, no shadow copy.
A 13+ year ANZ tech recruiter on the 482 / Skills in Demand visa in 2026: who actually sponsors, what the new streams and CSOL mean, and how to frame your application so it lands.
Can't get a tech job in Australia right now? The market's harder than the headlines say. Where hiring is actually happening, and what to fix when you're stuck.
