HireMelon Logo
HireMelonBeta

Privacy Policy

Last Updated: January 3, 2026

HireMelon ("HireMelon", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose and safeguard your information when you:

  • visit our website at hiremelon.com (the "Site"), and/or
  • use the HireMelon platform and related services (together, the "Service").

By using the Site or Service, you agree to the collection and use of information in accordance with this Policy. If you do not agree with this Policy, please do not use the Site or Service.

1. Information We Collect

We collect information in three main ways: information you provide directly, information collected automatically, and information from third parties.

1.1 Information You Provide to Us

When you use HireMelon, you may provide:

Account information

Your name, email address, password, and basic profile details (e.g., city and province, preferred job titles, salary expectations).

Important: We never collect or ask for your banking information, credit card numbers (except through our secure payment processor Stripe for subscriptions), Social Insurance Number (SIN), or government-issued ID numbers. If anyone claiming to be from HireMelon asks for this information directly, it is a scam—please report it to support@hiremelon.com immediately.

Profile, resume and job search information

Information you include in your HireMelon profile such as:

  • work history, education and certifications
  • skills, projects, achievements
  • resumes, cover letters and other application materials you upload or generate through the Service
  • job preferences (e.g., role type, industry, location, seniority, remote/hybrid preferences)

Usage and preference information

Your settings, responses to in-product questionnaires, feedback you provide, and other preferences related to job search, communication and product features.

Communication with us

Messages you send to us via email, contact forms, chat, surveys or social media, including support requests, feedback and testimonials.

Referral and rewards information

If you participate in our referral or rewards programmes, we may collect information about:

  • the people you refer (e.g., email address or link usage)
  • the credits or rewards you earn
  • your public posts or testimonials where you tag or mention HireMelon.

1.2 Information Collected Automatically

When you access or use the Site or Service, we may automatically collect certain information, such as:

Device and browser information

IP address, browser type, operating system, device identifiers, language and approximate location (based on IP).

Usage data

Pages viewed, features used, links clicked, search queries, timestamps and other activity within the Service.

Cookies and similar technologies

We use cookies and similar technologies to remember your preferences, keep you logged in, understand how you use the Site, and improve our services. For detailed information about the cookies we use and your choices, please see Section 9A (Cookie Policy) below.

1.3 Information from Third Parties

Where permitted by law and your settings with those services, we may receive information from:

Third-party platforms you connect

For example, if you choose to connect your LinkedIn profile, cloud storage or other integrations, we may access resume or profile data to help you build your HireMelon profile.

Service providers and analytics tools

For example, anonymised or aggregated usage analytics.

We treat any information we receive from third parties in accordance with this Privacy Policy, in addition to any restrictions imposed by the third party source.

2A. Your Consent

We collect, use, and disclose your personal information only with your knowledge and consent, except where permitted or required by law.

2A.1 Express Consent

We obtain your express (explicit) consent for:

  • Account creation: When you create an account, you expressly consent to our collection and use of your account information, profile data, and resume content as described in this Policy.
  • AI processing: When you use AI-powered features (resume generation, qualification analysis, job matching), you expressly consent to:
    • processing your profile data and job descriptions through AI systems
    • transferring this data to our AI service providers (including Google Gemini in the United States)
    • automated decision-making and profiling as described in Section 3
  • Cross-border transfers: By using the Service, you expressly consent to the transfer of your personal information to service providers in the United States and other jurisdictions as described in Section 5.
  • Marketing communications: When you opt in to receive marketing emails, newsletters, or promotional messages, you expressly consent to receive such communications.

2A.2 Implied Consent

We may rely on implied consent for:

  • Essential Service operations (maintaining your account, security, technical support)
  • Service improvement based on anonymised or aggregated usage analytics
  • Responses to your inquiries and support requests

2A.3 Withdrawing Consent

You can withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. To withdraw consent:

  • Marketing communications: Click the "unsubscribe" link in any marketing email, or update your communication preferences in your account settings.
  • AI processing: Contact our Privacy Officer (see Section 12) to opt out of specific AI features. Note that opting out may limit your access to certain Service features.
  • Account and all data processing: Delete your account through your account settings, or contact our Privacy Officer. We will delete or anonymize your personal information within 30 days, except where we are legally required to retain it.

Important: If you withdraw consent for essential processing (such as account management), we may no longer be able to provide the Service to you. We will explain the consequences of withdrawal when you make your request.

2. How We Use Your Information

We use the information we collect for the following purposes:

To provide and operate the Service

  • Creating and managing your account
  • Generating resumes, cover letters and other documents based on your input
  • Matching you with Canadian job opportunities that align with your profile and preferences
  • Maintaining and improving core functionality

To personalise your experience

  • Suggesting roles and content based on your profile, preferences and activity
  • Tailoring document generation to your target roles and industries
  • Remembering your settings and preferences

To improve and develop the Service

  • Understanding how users interact with features
  • Debugging, testing and improving performance
  • Developing new features and tools, including enhancements to our AI models

To communicate with you

  • Responding to your questions, support requests and feedback
  • Sending administrative messages (e.g., service updates, security notices, billing information)
  • Sending optional job search tips, product updates, surveys or promotional messages (you can opt-out of most non-essential communications at any time).

For safety, security and legal obligations

  • Protecting the security and integrity of the Site and Service
  • Detecting and preventing fraud, abuse or misuse (including abuse of referral or rewards programmes)
  • Complying with legal obligations, enforcing our Terms of Use, and protecting our rights and the rights of others.

3. How AI and Automation are Used

HireMelon uses AI and other automated systems to help:

  • analyze job descriptions and your profile
  • generate draft resumes, cover letters and other career documents
  • suggest skills, keywords and improvements
  • match you with job opportunities based on your profile and preferences
  • calculate qualification scores and provide recommendations

3.1 AI Service Providers

We use the following AI services:

  • Google Gemini: We send your profile data, job descriptions, and related content to Google's Gemini API (servers located in the United States) for AI analysis and content generation. Google processes this data according to their Privacy Policy and data processing terms. We do not store raw API responses containing your personal information longer than necessary to fulfill the immediate processing request.

3.2 Automated Decision-Making and Profiling

HireMelon uses automated processing to create profiles about you and make certain decisions that may affect your experience:

Job matching and ranking

We use algorithms to match and rank job opportunities based on your profile, preferences, and past interactions. These rankings help determine which opportunities appear first in your feed.

Qualification analysis

Our AI analyzes your profile against job requirements to calculate a "qualification score" and provide recommendations about your fit for specific roles.

Content generation

AI generates personalized resumes, cover letters, and application materials based on your profile data and the target job.

3.3 Your Rights Regarding AI and Automated Processing

You have the following rights regarding automated decision-making:

  • Explanation: You can request an explanation of how any automated decision or qualification score was calculated by contacting our Privacy Officer (see Section 12).
  • Human Review: If you believe an automated decision has materially affected you (for example, if you believe a qualification score is incorrect), you can request human review of the decision by contacting our Privacy Officer.
  • Correction: You can update your profile data at any time, which will affect future AI processing. You can also request correction of any inaccurate data used in automated decisions.
  • Opt-Out: While AI features are central to our Service, you can choose not to use certain AI-powered features (such as automated qualification analysis) by contacting us. Note that this may limit your access to some Service features.

3.4 Important Notes About AI

  • AI-generated content is based on the information you provide and patterns learned from training data. It may contain errors or biases.
  • You remain responsible for reviewing, editing and approving any documents or content before using them for applications.
  • We may use anonymised and aggregated data from your usage (for example, which features are used and how often) to train and improve our models and services, but we do not sell your personal data.
  • No AI decisions made by HireMelon determine whether you get a job—employers make all hiring decisions independently.

If you have questions about how AI is used in HireMelon, you can contact our Privacy Officer using the details in Section 12.

4. When We Share Your Information

We do not sell your personal information.

We may share your information with:

Service providers

Trusted third parties who help us operate and improve the Site and Service, such as hosting providers, analytics providers, email delivery services and customer support tools. These providers are only allowed to use your information to perform services for us, and must protect it appropriately.

Potential employers or partners (future features)

If we introduce features that allow employers or partners to view candidate profiles or invite candidates to apply, we will clearly explain how your information is shared and give you control over your visibility and settings.

With your consent

For example, if you ask us to share a testimonial with your name and role, or to connect your account to a third-party service.

For legal reasons

We may disclose information if we believe it is reasonably necessary to:

  • comply with applicable laws, regulations or legal processes
  • respond to lawful requests from public authorities
  • protect the safety, rights or property of HireMelon, our users or others
  • enforce our Terms of Use or other agreements.

We may also share aggregated or de-identified information that cannot reasonably be used to identify you, for example to show trends in how users interact with HireMelon.

5. International Transfers

HireMelon is based in Canada. To provide the Service, we transfer your personal information to service providers located outside Canada, primarily in the United States. These jurisdictions may have different data protection laws than Canada.

5.1 Service Providers and Locations

Your personal information may be transferred to and processed by the following service providers:

  • Supabase (United States): Authentication, database hosting, and user data storage
  • Google Gemini (United States): AI-powered content generation and analysis
  • Cloud hosting providers (United States and Canada): Application hosting and infrastructure

5.2 Safeguards for International Transfers

When we transfer your personal information outside Canada, we take the following steps to ensure appropriate protection:

  • Contractual protections: We require all service providers to enter into written agreements that require them to:
    • protect your personal information using security standards comparable to Canadian requirements
    • use your information only for the purposes we specify
    • comply with applicable privacy laws in their jurisdiction
    • notify us of any security breaches
  • Technical safeguards: We use encryption, access controls, and secure transmission protocols for all international data transfers.
  • Limited access: Service providers have access only to the personal information necessary to perform their specific functions.
  • Regular reviews: We regularly assess our service providers' privacy and security practices.

5.3 Foreign Legal Access

When your personal information is stored or processed in the United States or other foreign jurisdictions, it may be accessible to law enforcement and national security authorities in those jurisdictions under their laws. For example:

  • U.S. government agencies may access data stored in the United States under U.S. laws such as the CLOUD Act, USA PATRIOT Act, or Foreign Intelligence Surveillance Act (FISA).
  • Such access may occur without notice to you or to us.

Your consent: By using the Service, you consent to these international transfers and acknowledge that your information may be subject to access by foreign government authorities as described above. If you do not consent to international transfers, please do not use the Service.

For more information about where your data is stored or processed, or about safeguards in place, contact our Privacy Officer (see Section 12).

6. How We Protect Your Information

We use reasonable administrative, technical and physical safeguards to protect your information against unauthorised access, loss, misuse or alteration. These measures may include:

  • encryption in transit (TLS/HTTPS) and at rest (AES-256 where appropriate),
  • secure authentication using industry-standard protocols (Supabase Auth with JWT tokens),
  • access controls and role-based permissions,
  • regular security monitoring, logging, and audits,
  • security training for personnel with access to personal information, and
  • regular security assessments and penetration testing.

However, no system can be guaranteed to be 100% secure. You are responsible for keeping your account credentials confidential and for notifying us immediately if you believe your account has been compromised.

6.1 Data Breach Notification

In the event of a data breach involving your personal information, we will comply with applicable Canadian privacy laws, including PIPEDA's breach notification requirements:

What constitutes a reportable breach

A breach of security safeguards involving personal information where there is a real risk of significant harm to individuals (such as identity theft, fraud, financial loss, damage to reputation, or harm to employment).

Notification to affected individuals

If a breach creates a real risk of significant harm to you, we will notify you as soon as feasible after we become aware of the breach. The notification will include:

  • a description of the breach and the personal information involved
  • the date or time period of the breach
  • steps we are taking to reduce the risk of harm
  • steps you can take to reduce the risk of harm
  • contact information for questions (our Privacy Officer)

Notification method

We will notify you directly by email to the address associated with your account, or by other means if email is not feasible. If notification would create a risk of further harm or is prohibitively expensive, we may use indirect notice (such as a prominent notice on our website).

Reporting to authorities

We will report breaches to the Office of the Privacy Commissioner of Canada and, where applicable, to provincial privacy commissioners as required by law.

Record-keeping

We maintain records of all breaches of security safeguards (regardless of whether they pose a risk of significant harm) for 24 months, as required by PIPEDA.

If you believe there has been unauthorized access to your account or personal information, contact our Privacy Officer immediately at privacy@hiremelon.com.

7. How Long We Keep Your Information

We retain personal information for as long as necessary to:

  • provide the Service to you,
  • meet the purposes described in this Policy, and
  • comply with our legal and regulatory obligations.

When your account is closed, we may retain certain information for a reasonable period for backup, audit, legal or legitimate business purposes. Where possible, we will de-identify or aggregate data so that it no longer identifies you.

8. Your Choices and Rights

Under PIPEDA and BC PIPA, you have the following rights regarding your personal information:

8.1 Right to Access

You have the right to request access to the personal information we hold about you. We will provide you with:

  • a copy of your personal information in our possession or control
  • information about how your personal information has been and is being used
  • a list of any third parties to whom we have disclosed your personal information (where applicable)

How to request: Contact our Privacy Officer at privacy@hiremelon.com with the subject line "Access Request."

Timeline: We will respond within 30 days of receiving your request. If we need an extension (up to an additional 30 days), we will notify you in writing with the reason for the delay.

Fees: Access requests are generally provided at no charge. However, if your request is complex, repetitive, or requires extensive retrieval, we may charge a minimal fee to cover our administrative costs. We will notify you of any fees before processing your request, and you may withdraw your request at that time.

8.2 Right to Correction

You have the right to request correction of any inaccurate or incomplete personal information. If we agree that the information is inaccurate or incomplete, we will:

  • correct the information
  • notify any third parties to whom we disclosed the incorrect information (where appropriate)

If we do not agree with your correction request, we will note your request in our records and inform you of your right to challenge our decision by filing a complaint with the Privacy Commissioner.

How to request: You can update most of your profile information directly in your account settings, or contact our Privacy Officer at privacy@hiremelon.com.

8.3 Right to Deletion

You can request deletion of your personal information, subject to legal and contractual limitations. We may need to retain certain information for:

  • legal or regulatory compliance (e.g., tax records, transaction history)
  • defending or pursuing legal claims
  • fulfilling contractual obligations
  • fraud prevention and security purposes

Where we must retain information, we will de-identify or anonymize it where possible so it no longer identifies you.

How to request: Delete your account through your account settings, or contact our Privacy Officer at privacy@hiremelon.com. We will process deletion requests within 30 days.

8.4 Right to Withdraw Consent

You can withdraw your consent to our collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions. See Section 2A.3 for detailed withdrawal procedures.

Important: Withdrawing consent for essential processing (such as account management) means we may no longer be able to provide the Service to you. We will explain the consequences before processing your withdrawal.

8.5 Right to Opt-Out of Marketing

You can opt out of marketing communications at any time:

  • Click the "unsubscribe" link in any marketing email
  • Update your communication preferences in your account settings
  • Contact our Privacy Officer at privacy@hiremelon.com

Note: Even if you opt out of marketing, we will still send you essential Service communications (account security, billing, legal notices).

8.6 Right to Challenge Compliance

You have the right to challenge our compliance with this Privacy Policy and applicable privacy laws. If you believe we have not complied with PIPEDA, BC PIPA, or this Policy:

  • Contact our Privacy Officer (see Section 12)
  • If not resolved, file a complaint with the Office of the Privacy Commissioner of Canada or the BC Office of the Information and Privacy Commissioner (see Section 12.3)

8.7 Identity Verification

To protect your privacy and prevent unauthorized access, we may need to verify your identity before fulfilling access, correction, or deletion requests. We may request:

  • confirmation of your email address and account details
  • answers to security questions
  • government-issued identification (for high-risk requests only)

We will only collect identification information necessary to verify your identity and will not use it for any other purpose.

9. Children's Privacy

HireMelon is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us and we will take appropriate steps to delete it.

9A. Cookie Policy

HireMelon uses cookies and similar tracking technologies to provide, secure, and improve our Service. This section explains what cookies we use, why we use them, and how you can control them.

9A.1 What Are Cookies?

Cookies are small text files stored on your device (computer, tablet, or mobile phone) when you visit a website. They help websites remember information about your visit, such as your preferences, login status, and other settings.

We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device until they expire or you delete them).

9A.2 Types of Cookies We Use

1. Strictly Necessary Cookies (Essential)

Purpose: These cookies are essential for the Service to function properly. They enable core functionality such as security, authentication, and accessibility.

What they do:

  • Keep you logged in to your account
  • Remember your session and authentication status
  • Enable secure form submissions
  • Detect and prevent security threats
  • Enable basic navigation and page functionality

Your control: You cannot disable these cookies through our cookie settings because the Service will not function properly without them. However, you can block them through your browser settings (see Section 9A.4).

Examples: supabase-auth-token, session-id, csrf-token

2. Analytics & Performance Cookies (Optional)

Purpose: These cookies help us understand how users interact with the Service so we can improve functionality, fix issues, and develop new features.

What they collect:

  • Pages visited and features used
  • Time spent on pages
  • Navigation paths through the Service
  • Errors encountered
  • Device and browser information (anonymized)

How we use this data: We analyze aggregated and anonymized usage patterns to identify issues, understand which features are helpful, and improve the Service. We do not use analytics cookies to sell your data or show third-party advertisements.

Your control: You can disable analytics cookies through our cookie banner or cookie settings modal. Disabling them will not affect your ability to use the Service.

Retention: Analytics data is typically retained in aggregated form for up to 24 months.

3. Functional & Personalization Cookies (Optional)

Purpose: These cookies remember your preferences and choices to provide a more personalized experience.

What they remember:

  • Your preferred language and location settings
  • Saved filters and search preferences
  • Display preferences (e.g., list vs. grid view)
  • Previously viewed opportunities
  • UI customization choices

Your control: You can disable functional cookies through our cookie settings. Disabling them means you may need to re-enter preferences each time you visit, but core functionality will still work.

Examples: preferred-view, saved-filters, recently-viewed

4. Marketing Cookies (Optional - Limited Use)

Purpose: If we use marketing cookies in the future, they will help us understand which of our own campaigns are working and ensure we don't show you irrelevant messages.

Current status: At launch, we either do not use marketing cookies at all or keep them to a minimum. We do not sell your personal data to third parties or use marketing cookies for third-party advertising networks.

Future use: If we introduce marketing cookies, we will update this Policy and our cookie banner, and give you clear choices about whether to accept them.

Your control: Marketing cookies are disabled by default. You can manage them through our cookie settings.

9A.3 Your Cookie Choices

You have several options to control how we use cookies:

Option 1: Use our Cookie Banner

When you first visit HireMelon, you'll see a cookie banner asking for your preferences. You can:

  • Accept all cookies - enables all cookie categories
  • Essential only - enables only strictly necessary cookies
  • Cookie settings - customize your choices for each category

Option 2: Change Your Settings Anytime

You can change your cookie preferences at any time by clicking "Cookie settings" in the footer of our website, or by contacting our Privacy Officer at privacy@hiremelon.com.

Option 3: Browser Settings

Most browsers allow you to control cookies through their settings. You can:

  • View what cookies are stored and delete them individually
  • Block third-party cookies
  • Block all cookies from specific websites
  • Block all cookies completely
  • Delete all cookies when you close your browser

Important: Blocking strictly necessary cookies through your browser will prevent you from using essential features of the Service, such as logging in.

Learn more about managing cookies in popular browsers:

9A.4 Third-Party Cookies

Some cookies may be set by third-party services that we use:

  • Supabase: Our authentication and database provider may set cookies to manage your login session and secure communications. These are strictly necessary cookies.
  • Analytics providers: If you consent to analytics cookies, anonymized usage data may be processed by third-party analytics tools to help us understand Service usage.

Third-party cookies are subject to the respective third party's privacy policies. We only work with third parties who commit to protecting your data in accordance with applicable privacy laws.

9A.5 Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) feature that sends a signal to websites asking not to track your online activity. Currently, there is no industry standard for how websites should respond to DNT signals. HireMelon respects your cookie choices made through our cookie banner and settings, which provide more granular control than DNT signals.

9A.6 Updates to Cookie Practices

We may update our use of cookies from time to time. If we make significant changes to the types of cookies we use or how we use them, we will:

  • update this Cookie Policy section
  • update the "Last Updated" date at the top of this Privacy Policy
  • notify you through our cookie banner or in-app notification (for material changes)
  • request your renewed consent where required by law

9A.7 Questions About Cookies

If you have questions about how we use cookies, or if you'd like to exercise your rights regarding cookies and tracking, contact our Privacy Officer at privacy@hiremelon.com with the subject line "Cookie Inquiry."

10. Third-Party Websites and Services

The Site and Service may contain links to third-party websites, services or integrations (for example, LinkedIn, job boards or other platforms). We are not responsible for the privacy practices of those third parties.

We encourage you to review the privacy policies of any third-party sites or services you use.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, where appropriate, provide additional notice (for example, by email or in-app notification).

Your continued use of the Site or Service after an updated Policy is posted means you accept the revised Policy. If you do not agree with the changes, you should stop using the Site and Service.

12. Contact Us and Privacy Officer

HireMelon has designated a Privacy Officer who is accountable for our compliance with this Privacy Policy and applicable privacy laws, including PIPEDA and BC PIPA.

12.1 Privacy Officer Contact Information

If you have questions, concerns or requests about this Privacy Policy, how we handle your information, or wish to exercise your privacy rights, contact our Privacy Officer:

Privacy Officer

Email: privacy@hiremelon.com

Subject line: "Privacy Officer - [Your Request]"

12.2 Response Timeline

We will acknowledge receipt of your inquiry or request within 5 business days and provide a substantive response within 30 days. If we need more time to respond fully (for example, for complex requests), we will notify you of the extension and the reasons for it.

12.3 Complaints and Dispute Resolution

If you have a complaint about how we handle your personal information:

Step 1: Contact our Privacy Officer

First, contact our Privacy Officer using the details above. We will investigate your complaint and respond with our findings and any actions we will take.

Step 2: Escalate to a Privacy Commissioner (if not resolved)

If you are not satisfied with our response, or if we do not respond within 30 days (or any extended timeline we communicated), you have the right to file a complaint with:

Office of the Privacy Commissioner of Canada (PIPEDA)

Toll-free: 1-800-282-1376
Website: www.priv.gc.ca
Online complaint form: File a formal privacy complaint

Office of the Information and Privacy Commissioner for British Columbia (BC PIPA, if applicable)

Toll-free (BC): 1-800-663-7867
Website: www.oipc.bc.ca
Online complaint: Make a complaint

What to include in your complaint

When filing a complaint with a Privacy Commissioner, include:

  • your contact information
  • details of your concern or complaint
  • a copy of your complaint to HireMelon and our response (if any)
  • any relevant supporting documents

We are committed to resolving privacy concerns fairly and promptly, and we encourage you to contact us directly before escalating to a Privacy Commissioner.

13. Accountability and Compliance

HireMelon is committed to compliance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and, where applicable, British Columbia's Personal Information Protection Act (BC PIPA).

Our Privacy Officer is responsible for:

  • ensuring compliance with this Privacy Policy and applicable privacy laws
  • implementing privacy policies, procedures, and training
  • responding to privacy inquiries and complaints
  • maintaining records of privacy practices and consents
  • coordinating breach response and notification
  • conducting privacy impact assessments for new features and services

We collect, use, and disclose personal information only with your knowledge and consent (express or implied), and only for the purposes identified in this Privacy Policy, except where permitted or required by law.