Privacy
Policy

SkillSpill Inc. ("SkillSpill", "we", "us", "our") operates the SkillSpill platform — a skill-first career marketplace for software engineering talent and technical recruiters.

This Privacy Policy applies to all users of the platform, including visitors, registered Talent, and Recruiters. It covers data collected through our website, mobile interfaces, APIs, and any connected services.

For privacy-related questions, contact us at privacy@skillspill.com.

To create and manage your account and authenticate your identity.

To power AI-driven skill matching between Talent and Recruiters based on verified abilities.

To display your public profile to recruiters and other users who have access to the platform.

To send transactional emails — account verification, password resets, match notifications, and bounty updates.

To analyze platform usage and improve features, performance, and user experience.

To enforce our Terms of Service, detect fraud, and maintain platform security.

To comply with legal obligations and respond to lawful requests from authorities.

We do not sell your personal data to third parties. We do not use your data for advertising targeting on external platforms.

When you connect your GitHub account, we request read-only access to your public profile and public repositories. We do not request access to private repositories, write permissions, or the ability to act on your behalf.

GitHub data we process includes: username, avatar, public bio, follower/following counts, public repository names and descriptions, primary programming languages, contribution frequency, and star counts.

This data is used exclusively to generate and update your skill score and to improve match quality. It is not shared with recruiters in raw form — only the derived skill score and language summary are visible.

You can revoke SkillSpill's GitHub access at any time from your GitHub account settings under "Authorized OAuth Apps." Revoking access will pause GitHub-based score updates but will not delete previously derived scores.

To delete GitHub-derived data from our systems entirely, submit a data deletion request to privacy@skillspill.com.

SkillSpill uses AI models to analyze your portfolio, GitHub activity, skill declarations, and assessment results to produce a skill score and a match compatibility rating with job listings and recruiters.

AI-generated scores are probabilistic estimates, not definitive evaluations. They are one input among many that recruiters use, and are not intended to be the sole basis for hiring decisions.

Your data may be used to train or fine-tune our AI models in an anonymized or aggregated form. We do not use personally identifiable information directly in model training without explicit consent.

You have the right to request a human review of any AI-generated decision that significantly affects your access to opportunities on the platform. Submit such requests to privacy@skillspill.com.

With Recruiters: Your public profile, skill scores, portfolio links, and match rating are visible to verified Recruiter accounts. You control which profile fields are public via your privacy settings.

With Service Providers: We share data with trusted third-party vendors who help us operate the platform — cloud infrastructure (Azure), real-time messaging (Pusher), email delivery (SMTP providers), and AI services (Groq). These vendors are contractually prohibited from using your data for their own purposes.

For Legal Compliance: We may disclose data if required by law, court order, or to protect the rights, property, or safety of SkillSpill, our users, or the public.

Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

We never sell, rent, or trade your personal data to third parties for their own marketing or commercial purposes.

SkillSpill uses cookies and similar technologies (localStorage, sessionStorage) to maintain your session, remember your theme preference, and improve platform performance.

Essential cookies are required for authentication and core platform functionality. They cannot be disabled without breaking the platform.

Analytics data (usage patterns, feature interactions) is collected to help us understand how the platform is used. This data is processed in aggregate and is not linked to your identity.

We do not use third-party advertising cookies or cross-site tracking technologies.

You can clear cookies and local storage at any time via your browser settings. Doing so will log you out of your session.

Right of Access — Request a copy of all personal data we hold about you.

Right to Rectification — Request correction of inaccurate or incomplete data.

Right to Erasure — Request deletion of your account and associated personal data. Some data may be retained where required by law.

Right to Portability — Request your profile and activity data in a machine-readable format (JSON or CSV).

Right to Object — Object to processing of your data for AI scoring or analytics purposes.

Right to Restrict Processing — Request that we pause processing your data while a dispute is resolved.

Right to Human Review — Request human review of any significant AI-generated decision affecting your platform experience.

Passwords are hashed using industry-standard algorithms. We never store plain-text passwords.

All data in transit is encrypted via TLS 1.2 or higher. Data at rest is encrypted using AES-256 on our cloud infrastructure.

Access to production data is restricted to authorized personnel on a need-to-know basis, with audit logging enabled.

In the event of a data breach that affects your personal data, we will notify you within 72 hours of becoming aware of the breach, as required by applicable law.

No method of electronic storage or transmission is 100% secure. While we implement strong safeguards, we cannot guarantee absolute security against all threats.

SkillSpill is not intended for users under the age of 16. We do not knowingly collect personal data from anyone under 16.

If you believe a minor has created an account, please contact us immediately at privacy@skillspill.com and we will delete the account and associated data promptly.

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via email and display a notice on the platform at least 14 days before the changes take effect.

Your continued use of SkillSpill after the effective date of an updated policy constitutes acceptance of the changes. If you do not agree, you may close your account before the effective date.

The date at the top of this page always reflects when the policy was last updated. Prior versions are available on request.