Privacy Policy
TLDR
Your interview prep is private. We collect what we need to deliver the service, we don't sell or share it inappropriately, and we never do anything that could expose your job search. That's the commitment we will never break.
What We Collect
Account information
Your email, name, and password when you sign up. Payment information is processed by Stripe—we don't store your card details.
Information you provide
Interview details you enter: company names, job descriptions, your stories and notes. LinkedIn URLs you submit for interviewer analysis.
Usage data
How you use the app: features accessed, session duration, actions taken. This helps us improve the product.
Technical data
Device type, browser, IP address, and similar technical information needed to keep the service running and secure.
What We Do With It
Deliver the service
Generate interviewer briefings, run simulations, provide feedback. This is the core reason we collect data.
Improve the product
Understand which features work, what's confusing, where people get stuck. We use aggregated, anonymized usage patterns—not individual session content.
Communicate with you
Send account-related emails (confirmations, expiry reminders). We won't spam you with marketing unless you opt in.
Maintain security
Detect abuse, prevent fraud, protect the platform.
What We Never Do
We want to be explicit about this:
| We Never... | Why This Matters |
|---|---|
| Contact anyone you're researching | Your interviewer will never know you used Moatup |
| Notify employers or recruiters | Your job search stays private |
| Sell or share data with data brokers | Your information isn't a product |
| Access your LinkedIn account | We only analyze public URLs you provide |
| Post anything to social media | No activity traces anywhere |
| Have humans review your sessions | AI processes your practice; humans only see data if you contact support |
| Use your content to train AI models | Your stories and practice sessions aren't training data |
About Interviewer Data
When you submit a LinkedIn URL, we analyze publicly available information to generate a briefing. We:
- Only access public profile data (the same information anyone can see)
- Never contact the person or notify them in any way
- Never scrape private or connection-gated content
- Store the analysis to provide your briefing, not to build profiles on individuals
You're not doing anything wrong by researching public information about someone you're interviewing with.
Who We Share Data With
Service providers
We use third-party services to operate Moatup:
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database & authentication | Account data, app data |
| Stripe | Payment processing | Payment information |
| Resend | Email delivery | Email address |
| Gemini / Anthropic | AI processing | Session content (processed, not stored by them per our agreements) |
| Vercel | Hosting | Technical/usage data |
These providers are contractually required to protect your data and use it only for the services they provide to us.
Legal requirements
We may disclose data if required by law (subpoena, court order). We'll notify you if legally permitted.
Business transfer
If Moatup is acquired, your data would transfer to the new owner under the same privacy commitments.
We do not share data with advertisers, data brokers, recruiters, employers, or any other third parties for their own purposes.
Data Retention
Active accounts
We keep your data while your account is active so you can access your briefings, stories, and history.
After you leave
If you delete your account, we delete your personal data within 30 days. Some anonymized, aggregated data (like "X users completed simulations this month") may be retained for analytics.
Legal holds
We may retain data longer if required for legal compliance, disputes, or fraud prevention.
Your Rights
Access and export
You can view your data in the app. Contact us if you need a full export.
Deletion
You can delete your account and data at any time from settings, or by contacting us.
Correction
You can update your account information in settings.
Objection
You can opt out of non-essential communications.
If you're in the EU, UK, or California, you have additional rights under GDPR/CCPA. We honor these regardless of where you're located.
Security
We use encryption in transit (TLS) and at rest. We follow security best practices for authentication and access control. We limit employee access to data on a need-to-know basis.
No system is perfectly secure. If we experience a breach affecting your data, we'll notify you as required by law.
Cookies
We use essential cookies to keep you logged in and remember your preferences. We use analytics cookies to understand how the product is used. We don't use advertising or tracking cookies.
Changes to This Policy
If we make significant changes, we'll notify you by email or in-app notification before they take effect. Minor clarifications won't trigger notification.
Contact
Questions, concerns, or requests about your data:
Email: wecare@moatup.com
We aim to respond within 5 business days.