Corveno Privacy Policy
Last Updated: February 6, 2026
Effective Date: February 6, 2026
Corveno ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website, applications, and services (collectively, the "Service").
Please read this Privacy Policy carefully. By accessing or using Corveno, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.
Table of Contents
- Information We Collect
- How We Use Your Information
- How We Share Your Information
- Data Retention
- Data Security
- Your Privacy Rights
- Children's Privacy
- International Data Transfers
- Third-Party Services
- Cookies and Tracking Technologies
- Do Not Track Signals
- California Privacy Rights
- Other State Privacy Rights
- Changes to This Privacy Policy
- Contact Us
1. Information We Collect
We collect information in several ways when you use Corveno:
1.1 Information You Provide Directly
Account Information:
- Full name
- Email address
- Password (stored in encrypted form)
- Date of birth (for age verification)
- Profile picture (optional)
Educational Information:
- School name and type (high school, college, university)
- Graduation year
- GPA (optional)
- Intended major or field of study
- Standardized test scores (optional)
- Extracurricular activities and descriptions
- Awards and honors
Career Information:
- Resume content (work history, skills, education)
- Job titles and employment history
- Professional skills and certifications
- Career goals and preferences
- Salary information (current and desired)
- Industry preferences
Application Content:
- College and scholarship essays
- Cover letters
- Professional emails
- Personal statements
- Activity descriptions
- Any other content you create or upload
Payment Information:
- Payment method details (processed and stored by Stripe, not by us)
- Billing address
- Transaction history
Communications:
- Customer support inquiries
- Feedback and survey responses
- Communications with our team
1.2 Information Collected Automatically
Device and Usage Information:
- IP address
- Browser type and version
- Operating system
- Device type and identifiers
- Pages visited and features used
- Time spent on pages
- Referring website or source
- Click patterns and navigation paths
Log Data:
- Access times and dates
- Error logs
- Feature usage statistics
1.3 Information from Third Parties
Authentication Providers:
If you sign in using Google, Apple, or other third-party authentication, we receive:
- Email address
- Name
- Profile picture (if available)
- Unique identifier from the authentication provider
Analytics Providers:
We may receive aggregated analytics data from service providers.
2. How We Use Your Information
We use your information for the following purposes:
2.1 Providing and Improving the Service
- Creating and managing your account
- Processing your requests and generating content
- Personalizing your experience based on your profile
- Analyzing usage patterns to improve the Service
- Developing new features and functionality
- Troubleshooting technical issues
2.2 Communication
- Sending service-related notifications (password resets, security alerts, etc.)
- Responding to your inquiries and support requests
- Sending promotional communications (with your consent, where required)
- Providing updates about changes to our Service or policies
2.3 Payment Processing
- Processing subscription payments
- Managing billing and invoicing
- Preventing fraud and unauthorized transactions
2.4 Legal and Safety
- Complying with legal obligations
- Enforcing our Terms of Service
- Protecting the rights, safety, and property of Corveno and our users
- Detecting and preventing fraud, abuse, or security incidents
2.5 Analytics and Research
- Understanding how users interact with our Service
- Conducting research to improve our AI models and features
- Generating aggregated, anonymized statistics
Important Note About AI Training:
We do NOT use your personal content (resumes, essays, cover letters, etc.) to train our AI models. Your content is used solely to provide the Service to you. We may use aggregated, anonymized usage data to improve our systems, but this data cannot be linked back to you personally.
3. How We Share Your Information
We do not sell your personal information. We may share your information in the following limited circumstances:
3.1 Service Providers
We share information with third-party service providers who perform services on our behalf, including:
| Service Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database hosting and authentication | Account data, application content |
| Stripe | Payment processing | Payment information, billing details |
| Anthropic | AI content generation | Content inputs (processed, not stored by them for training) |
| Vercel | Website hosting | Usage logs, IP addresses |
| Email service provider | Transactional emails | Email address, name |
Our service providers are contractually obligated to protect your information and use it only for the purposes we specify.
3.2 Legal Requirements
We may disclose your information if required by law or in response to:
- Valid legal process (subpoenas, court orders, etc.)
- Government requests
- To protect the rights, property, or safety of Corveno, our users, or the public
- To investigate or prevent fraud, security issues, or technical problems
3.3 Business Transfers
If Corveno is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity. We will provide notice before your information becomes subject to a different privacy policy.
3.4 With Your Consent
We may share your information for other purposes with your explicit consent.
3.5 Aggregated or Anonymized Data
We may share aggregated or anonymized data that cannot reasonably be used to identify you. For example, we might share statistics about feature usage or general user demographics.
4. Data Retention
4.1 Retention Periods
We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy:
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion + 30 days |
| Generated content (essays, letters, etc.) | Until account deletion or user-initiated deletion |
| Resume data | Until account deletion or user-initiated deletion |
| Payment records | 7 years (for tax and legal compliance) |
| Usage logs | 12 months |
| Support communications | 3 years |
4.2 Account Deletion
When you delete your account:
- We will delete or anonymize your personal information within 30 days
- Some information may be retained longer if required by law or for legitimate business purposes (such as fraud prevention)
- Backup copies may persist for a limited time before being overwritten
4.3 Content Deletion
You may delete individual pieces of content (essays, cover letters, resumes) at any time through your account settings. Deleted content is removed from our active systems within 24 hours, though backup copies may persist for up to 30 days.
5. Data Security
5.1 Security Measures
We implement appropriate technical and organizational measures to protect your information, including:
- Encryption of data in transit (TLS/SSL)
- Encryption of sensitive data at rest
- Secure password hashing
- Regular security assessments and updates
- Access controls limiting employee access to personal data
- Secure development practices
5.2 Your Responsibilities
You are responsible for:
- Maintaining the confidentiality of your account credentials
- Using a strong, unique password
- Logging out of your account on shared devices
- Notifying us immediately of any unauthorized access to your account
5.3 Security Incidents
In the event of a data breach that affects your personal information, we will notify you and applicable authorities as required by law. Notifications will be sent via email and/or posted on our website.
5.4 Limitations
While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
6. Your Privacy Rights
6.1 Access and Portability
You have the right to:
- Access the personal information we hold about you
- Request a copy of your data in a portable format
- Review and update your information through your account settings
6.2 Correction
You can correct inaccurate or incomplete information through your account settings or by contacting us.
6.3 Deletion
You can request deletion of your personal information by:
- Deleting your account through account settings
- Contacting us at hello@corveno.io
We will process deletion requests within 30 days, subject to any legal retention requirements.
6.4 Restriction and Objection
You may request that we restrict processing of your information or object to certain processing activities. Please contact us to make such requests.
6.5 Withdrawal of Consent
Where we process your information based on consent, you may withdraw that consent at any time. This will not affect the lawfulness of processing before the withdrawal.
6.6 Marketing Communications
You can opt out of marketing communications by:
- Clicking the "unsubscribe" link in any marketing email
- Adjusting your communication preferences in account settings
- Contacting us at hello@corveno.io
Note: You cannot opt out of service-related communications (security alerts, billing notifications, Terms updates, etc.).
6.7 How to Exercise Your Rights
To exercise any of these rights, please contact us at hello@corveno.io. We may need to verify your identity before processing your request.
7. Children's Privacy
7.1 Age Requirement
Corveno is not intended for users under 15 years of age. We do not knowingly collect personal information from children under 15.
7.2 Verification
We require users to confirm they are at least 15 years old during account registration. If we learn that we have collected personal information from a child under 15, we will delete that information as quickly as possible.
7.3 Parental Rights
If you are a parent or guardian and believe your child under 15 has provided us with personal information, please contact us immediately at hello@corveno.io. We will take steps to delete the information.
7.4 Users Ages 15-17
For users between 15 and 18 years old, we encourage parental involvement in their use of the Service. Parents or guardians may contact us with questions or concerns about their minor's use of Corveno.
8. International Data Transfers
8.1 Data Location
Corveno is based in the United States. Your information may be transferred to and processed in the United States and other countries where our service providers operate.
8.2 Transfer Safeguards
When we transfer data internationally, we use appropriate safeguards such as:
- Standard contractual clauses approved by relevant authorities
- Data processing agreements with service providers
- Compliance with applicable data transfer frameworks
8.3 Your Consent
By using Corveno, you consent to the transfer of your information to the United States and other jurisdictions as described in this Privacy Policy.
9. Third-Party Services
9.1 Third-Party Links
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.
9.2 Third-Party Integrations
We integrate with the following third-party services:
Supabase - Database and authentication
Privacy Policy: https://supabase.com/privacy
Stripe - Payment processing
Privacy Policy: https://stripe.com/privacy
Anthropic - AI services
Privacy Policy: https://www.anthropic.com/privacy
Vercel - Hosting
Privacy Policy: https://vercel.com/legal/privacy-policy
9.3 Social Sign-In
If you choose to sign in using Google, Apple, or other providers, please review their privacy policies to understand how they handle your information.
10. Cookies and Tracking Technologies
10.1 What Are Cookies?
Cookies are small text files stored on your device that help us provide and improve the Service.
10.2 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Required for basic site functionality (authentication, security) | Session or persistent |
| Functional | Remember your preferences and settings | Persistent (up to 1 year) |
| Analytics | Understand how you use the Service | Persistent (up to 2 years) |
10.3 Your Cookie Choices
You can control cookies through:
- Your browser settings (blocking or deleting cookies)
- Our cookie preference center (if available)
Note: Blocking essential cookies may prevent you from using certain features of the Service.
10.4 Other Tracking Technologies
We may also use:
- Local storage (similar to cookies, stored in your browser)
- Pixel tags/web beacons (small images that track page views and email opens)
11. Do Not Track Signals
Some browsers offer a "Do Not Track" (DNT) setting. Because there is no industry standard for DNT, we do not currently respond to DNT signals. We will update this policy if a standard is established.
12. California Privacy Rights
12.1 California Consumer Privacy Act (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:
Right to Know: You can request information about the categories and specific pieces of personal information we have collected, the sources of collection, our purposes for collection, and the categories of third parties with whom we share information.
Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
Right to Correct: You can request correction of inaccurate personal information.
Right to Opt-Out of Sale/Sharing: We do not sell your personal information or share it for cross-context behavioral advertising.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
12.2 Categories of Information Collected
In the past 12 months, we have collected the following categories of personal information:
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email, IP address | Yes |
| Personal information (Cal. Civ. Code 1798.80) | Name, address, payment info | Yes |
| Protected classification characteristics | Age | Yes (date of birth for age verification) |
| Commercial information | Transaction history, subscription status | Yes |
| Internet or network activity | Browsing history, usage data | Yes |
| Geolocation data | General location from IP | Yes |
| Professional or employment information | Resume content, job history | Yes |
| Education information | School, GPA, activities | Yes |
| Inferences | Preferences, characteristics | Yes |
12.3 How to Exercise California Rights
California residents may submit requests by:
- Emailing hello@corveno.io
- Using the request form in account settings
We will verify your identity and respond within 45 days (or 90 days with notice of extension).
12.4 Authorized Agents
You may designate an authorized agent to submit requests on your behalf. We require written authorization and verification of both your and the agent's identity.
12.5 Shine the Light
California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information for third-party direct marketing.
13. Other State Privacy Rights
13.1 Virginia, Colorado, Connecticut, Utah, and Texas
If you are a resident of Virginia, Colorado, Connecticut, Utah, or Texas, you may have similar rights to those described for California residents, including:
- Right to access your personal data
- Right to correct inaccuracies
- Right to delete your personal data
- Right to data portability
- Right to opt out of certain processing
To exercise these rights, contact us at hello@corveno.io.
13.2 Nevada
Nevada residents may opt out of the sale of certain personal information. Although we do not currently sell personal information as defined under Nevada law, you may submit an opt-out request to hello@corveno.io.
14. Changes to This Privacy Policy
14.1 Updates
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated Privacy Policy on our website
- Updating the "Last Updated" date at the top
- Sending an email notification for significant changes
- Displaying a notice within the Service
14.2 Review
We encourage you to review this Privacy Policy periodically to stay informed about our practices.
14.3 Continued Use
Your continued use of the Service after changes to this Privacy Policy constitutes your acceptance of the revised policy.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Corveno
Email: hello@corveno.io
Website: https://corveno.io
Response Time: We aim to respond to all privacy inquiries within 30 days.
Summary of Key Points
| Topic | Summary |
|---|---|
| Minimum Age | You must be 15 or older to use Corveno |
| Data Collection | We collect account info, educational/career data, content you create, and usage data |
| Data Use | We use your data to provide the Service, communicate with you, process payments, and improve our platform |
| Data Sharing | We don't sell your data. We share with service providers and as required by law |
| AI Training | We do NOT use your personal content to train AI models |
| Your Rights | You can access, correct, delete, and export your data |
| Security | We use encryption and other security measures to protect your data |
| Cookies | We use essential and analytics cookies |
| Contact | hello@corveno.io |
BY USING CORVENO, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THIS PRIVACY POLICY.