Privacy Policy
Last Updated: December 18, 2025
1. Introduction
Welcome to Chiaro ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience when using our startup opportunity matching platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, university affiliation
- Profile Information: Major, year of study, research interests, skills
- Resume/CV: Educational background, work experience, research experience
- Preferences: Research area interests, preferred work arrangements
2.2 Information from Google Sign-In
When you sign in with Google, we collect:
- Your Google account email address
- Your name and profile picture
- A unique Google identifier
2.3 Gmail API Access
We request access to your Gmail account for the following specific purposes:
- Send Email (gmail.send): To send you personalized notifications when you match with startup opportunities
- Read Email (gmail.readonly): To track delivery status and engagement with match notifications we send
Important: We only send emails on your behalf for startup opportunity matches. We do not read, access, or process any of your personal emails. We only access emails that our system sends to you.
2.4 Usage Information
- Startup opportunities you view and interact with
- Swipe actions (interested/not interested)
- App usage patterns and preferences
- Device information (device type, operating system)
3. How We Use Your Information
We use your information to:
- Create and manage your account
- Match you with relevant startup opportunities
- Send you notifications about matches via email
- Improve our matching algorithm
- Communicate with you about your account
- Provide customer support
- Analyze and improve our services
- Comply with legal obligations
4. Gmail API Specific Usage
Our use of information received from Google APIs adheres to Google API Services User Data Policy, including the Limited Use requirements.
We use Gmail API data exclusively to:
- Send personalized startup opportunity match notifications to your email
- Verify delivery of notifications we send
- Track engagement with match notifications
We do NOT:
- Read, access, or process your personal emails
- Share Gmail data with third parties
- Use Gmail data for advertising purposes
- Allow humans to read your email data
- Transfer Gmail data to others for serving ads
5. Data Sharing and Disclosure
5.1 With Startup Opportunity Providers
When you express interest in a startup opportunity (by swiping right), we share your profile information and resume with the research lab or startup posting that opportunity.
5.2 Service Providers
We may share information with trusted service providers who assist us in operating our platform:
- Supabase (database hosting)
- OpenAI (AI-powered matching and email generation)
- Cloud infrastructure providers
5.3 Legal Requirements
We may disclose your information if required by law or to protect our rights, safety, or property.
5.4 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred.
6. Data Security
We implement appropriate technical and organizational security measures to protect your information:
- Encryption of data in transit (HTTPS/TLS)
- Encryption of data at rest
- Regular security assessments
- Access controls and authentication
- Secure credential storage
However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
7. Data Retention
We retain your information for as long as your account is active or as needed to provide services. You may request deletion of your account at any time.
- Account data: Retained until you delete your account
- Gmail access tokens: Can be revoked at any time through your Google Account settings
- Usage data: Retained for up to 2 years for analytics purposes
8. Your Rights and Choices
8.1 Access and Update
You can access and update your profile information within the app at any time.
8.2 Delete Your Account
You can request deletion of your account and all associated data by contacting us at chiaroai2025@gmail.com.
8.3 Revoke Gmail Access
You can revoke our access to your Gmail account at any time by:
8.4 Opt-Out of Emails
You can disable email notifications in your app settings or by clicking unsubscribe in any email we send.
9. Children's Privacy
Chiaro is intended for university students aged 18 and older. We do not knowingly collect information from individuals under 18.
10. International Users
Your information may be transferred to and processed in the United States or other countries where our service providers operate. By using Chiaro, you consent to such transfers.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the new Privacy Policy in the app
- Updating the "Last Updated" date
- Sending you an email notification (for significant changes)
12. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
- Email: chiaroai2025@gmail.com
- App Name: Chiaro
13. California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information we collect
- Right to delete your personal information
- Right to opt-out of sale of personal information (we do not sell your information)
- Right to non-discrimination for exercising your rights
14. European Users (GDPR)
If you are in the European Economic Area, you have rights under GDPR including:
- Right to access your personal data
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object to processing
Our legal basis for processing your data includes your consent, contract performance, and legitimate interests.