Privacy Policy

Effective: March 7, 2026

1. Introduction

Mize ("we," "us," or "our") operates the mize.pro website and provides CloudPulse, Hatch, and RoleRadar (collectively, the "Services"). This Privacy Policy describes how we collect, use, store, and protect your information when you use our Services.

We are committed to protecting your privacy. We collect only the data necessary to provide our Services, we never sell your data, and we never use it for advertising.

2. Information We Collect

2.1 Account Information

When you create an account or make a purchase, we collect your email address and, for purchases, your name. For OAuth sign-in (Google or GitHub), we receive your email address and basic profile information from the provider.

2.2 Payment Information

Payments are processed by Stripe and PayPal. Mize never receives, stores, or has access to your credit card numbers or bank account details. We receive only transaction confirmations (amount, date, status) from these processors.

2.3 Product-Specific Data

Product	Data Collected
Hatch	Purchase email, GitHub username (for repository access delivery)
CloudPulse	Kubernetes cluster configuration (encrypted at rest), workload metrics, scaling policies
RoleRadar	Resume content (encrypted at rest), tracked company URLs, discovered job listings, workflow/pipeline data

2.4 Automatically Collected Information

When you visit mize.pro, we may collect your IP address, browser type, and pages visited through Cloudflare Web Analytics. This analytics service is privacy-focused and does not use cookies or track users across sites. Analytics data is only collected with your consent (see Section 7).

3. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our Services
Process payments and deliver purchased products
Send transactional communications (account verification, password resets, payment confirmations)
Generate aggregate, anonymized analytics to improve the user experience

We do not:

Sell your data to third parties
Use your data for advertising or marketing profiles
Share your data with data brokers

4. Third-Party Services

We use the following third-party services to operate:

Service	Purpose	Data Shared
Stripe	Payment processing	Email, payment amount
PayPal	Payment processing (Hatch)	Email, payment amount
Cloudflare	CDN, analytics, DDoS protection	IP address, page views
GitHub	Product delivery (Hatch)	Email address

Each service has its own privacy policy. We encourage you to review them. No user data beyond what is listed above is shared with any third party.

5. Data Storage and Security

We implement industry-standard security measures to protect your data:

Encryption at rest: Sensitive data (resumes in RoleRadar, cluster configs in CloudPulse) is encrypted using AES symmetric encryption
Password hashing: Passwords are hashed with bcrypt (cost factor 12) or argon2 and are never stored in plaintext
Transport security: All connections use HTTPS/TLS encryption
Session security: Authentication tokens are stored in httpOnly, Secure, SameSite cookies
Access controls: Database access is restricted to the application layer

6. Data Retention

Data Type	Retention Period
User accounts	Until you request deletion
RoleRadar job listings	120 days
RoleRadar discovery cache	45 days
Post-cancellation account data	30 days, then permanently deleted

You may request complete deletion of your data at any time by contacting us at contact@mize.pro.

7. Cookies and Tracking

Type	Purpose	Consent Required
JWT session cookies	Authentication (keeps you logged in)	No (strictly necessary)
Cloudflare Web Analytics	Page view analytics	Yes (loaded only with your consent)

We do not use any third-party advertising, marketing, or tracking cookies. Cloudflare Web Analytics is privacy-focused: it does not use cookies, does not track users across sites, and does not store personally identifiable information in its analytics dashboard.

On your first visit, we display a consent banner. If you accept, analytics data is collected. If you decline, no analytics beacon is loaded and no data is collected. You can change your preference at any time by clearing your browser's local storage for mize.pro.

8. Your Privacy Rights

8.1 All Users

Regardless of your location, you have the right to:

Access the personal data we hold about you
Correct inaccurate personal data
Request deletion of your personal data
Export your data in a portable format

8.2 European Economic Area (GDPR)

If you are located in the EU or EEA, you have additional rights under the General Data Protection Regulation:

Right of access (Article 15) — obtain a copy of your personal data
Right to rectification (Article 16) — correct inaccurate data
Right to erasure (Article 17) — request deletion of your data
Right to restrict processing (Article 18) — limit how we use your data
Right to data portability (Article 20) — receive your data in a structured format
Right to object (Article 21) — object to processing based on legitimate interest

8.3 California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

Right to know — what personal information we collect, use, and disclose
Right to delete — request deletion of your personal information
Right to opt-out of sale — we do not sell personal information
Right to non-discrimination — equal service regardless of privacy choices

To exercise any of these rights, contact us at contact@mize.pro. We will respond within 30 days.

9. International Data Transfers

Your data is stored and processed in the United States. If you are located outside the US, your data will be transferred to the US for processing. For transfers from the EU/EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to provide appropriate safeguards for your data.

10. Children's Privacy

Our Services are not directed at children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If we discover that we have inadvertently collected data from a child, we will promptly delete it. If you believe a child has provided us with personal information, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will provide at least 30 days' notice by posting the updated policy on our website and updating the effective date at the top of this page. Your continued use of our Services after the effective date constitutes acceptance of the updated policy.

12. Contact

If you have questions about this Privacy Policy or how we handle your data, please contact us at contact@mize.pro.