PositionedSee plans
Trust & Privacy

Trust & Privacy Center

We build products that use context, AI, and user feedback to make decisions easier. This center explains how we handle data, AI-assisted outputs, user contributions, beta features, privacy choices, and product-specific safeguards.

Policy update in progress · Legal review needed before any jurisdiction-specific compliance claims.

Overview

We aim to collect the minimum useful data needed to make the product work, improve the experience, and respect user choices. Where our products build a profile, you should be able to correct, suppress, delete, or limit what the product uses.

Privacy choices

Privacy choices

Consent & preferences

Core product functionality still works where feasible if analytics or personalization are off. Preferences are stored on this device.

  • Essential product functionality
    Required for the product to work (sign in, save your work, load pages). Always on.
  • Analytics
    Helps us understand which features are useful. We send coarse events only — never raw private content.
  • Product personalization
    Lets Positioned tune results to your inputs inside this product.
  • Cross-product personalization
    Allows context to inform other Lumenfolk products you have opted into.
  • Approved partner / API use
    Use approved third parties only for features you turn on (e.g., future job sources).
  • Marketing / contact
    Occasional product updates and launch notes. You can opt out anytime.
  • Sensitive data use
    Permit limited use of sensitive context (e.g., health, legal, financial) for features that need it.
  • Do not use my data for personalization
    Overrides personalization toggles. Core product still works where feasible.

Privacy laws vary by location. This page is designed to help users understand and manage privacy choices. It is not a substitute for legal review.

Data we may collect

Account data

Email, name, and auth metadata so you can sign in.

Usage data

Coarse events about which features you used, used for product improvement.

OptionalPersonalization
Consent preferences

Your privacy choices so we can honor them across the product.

Cross-product (consent)
Product inputs

Text you paste, answers you submit, and uploads you provide to generate readouts.

OptionalMay be sensitivePersonalization
Profile signals

Career/positioning signals derived from your inputs.

OptionalMay be sensitivePersonalizationCross-product (consent)
Feedback and corrections

Your corrections to AI-assisted outputs, used to improve results for you.

OptionalPersonalization
Uploaded or pasted content

Resumes, job descriptions, notes. Treated as sensitive by default.

OptionalMay be sensitivePersonalization
Payment or inquiry intent

When you start checkout or contact us. Payment is processed by our payment provider, not stored here.

Optional
Recommendation interactions
Planned

Which suggestions you accept, skip, or correct. Planned for richer personalization.

OptionalPersonalization

How we use data

  • Run the product (sign in, save your work, generate readouts).
  • Improve the product through coarse, consented analytics.
  • Personalize results inside this product when you allow it.
  • Respond to support and privacy requests you send us.

Analytics and personalization

We avoid sending raw private content or sensitive profile details to analytics. Analytics events use coarse categories, reason codes, counts, and consent-safe properties. Third-party analytics tools (Amplitude, GA4) do not receive events until you grant analytics consent in Privacy choices.

Sensitive data

Sensitive context is optional unless required for the product to function. We aim to use the minimum information needed and avoid exposing sensitive details unnecessarily. We treat the following as sensitive by default: health, legal, financial, child/family, precise location, identity/community, sexuality, gender identity, race, ethnicity, religion, biometric or identity verification data, raw uploaded documents, free-text private notes, mental health context, employment/income vulnerability, and immigration or citizenship context.

User rights and requests

You can ask us to:

  • Access your data
  • Correct your data
  • Delete your data
  • Export your data
  • Suppress or do not use a signal
  • Restrict cross-product use
  • Opt out of sale/share/targeted advertising where applicable
  • Limit sensitive data use where applicable
  • Ask a privacy question
Manage privacy request

Privacy laws vary by location. This page helps you understand and manage privacy choices. It is not a substitute for legal review.

AI and automated assistance

Some product experiences use AI or automated systems to summarize, rank, classify, parse, recommend, or generate drafts. AI-assisted outputs may be incomplete or wrong. Important outputs should be reviewed before relying on them.

  • Not medical advice, diagnosis, or treatment.
  • Not legal advice.
  • Not financial advice.
  • Not identity verification.
  • Not a guarantee of outcomes.

Product-specific profiles and CanonIQ

Product-specific profiles (such as a Career profile inside Positioned) help a single product work better. They are not the same as the full CanonIQ.

Full CanonIQ is a deeper personal context profile. No user receives the full CanonIQ output unless they purchase or are granted access to the full CanonIQ product. CanonIQ is not biometric authentication, legal identity verification, or a mental health diagnosis. It is a personal context and surface-personalization layer.

Learn more about CanonIQ →

Contributions and user-submitted content

Help us improve this

This part of the experience is still being built. If you have feedback, context, examples, sources, stories, corrections, or requests that would make this more useful, tell us.

Share feedback

Regional privacy readiness

We design our data systems around privacy-by-default principles, data minimization, consent controls, user correction, deletion/export request paths, sensitivity labeling, and regional privacy-readiness — including expectations from California, the European Union / EEA, South Korea, and Brazil.

Formal legal review is required before making jurisdiction-specific compliance claims. Data processing and storage locations may vary by vendor and product. We are reviewing our systems as products move from prototype to public beta.

Vendors and processors

VendorPurposeDataStatus
Lovable Cloud (managed backend)App database, auth, storageaccount, usage, product inputs, uploadsActive
Lovable AI GatewayLLM inference for AI-assisted outputsproduct inputs, promptsActive
FilloutInquiry & privacy request intake formcontact, requestActive
Google FontsWeb typographyrequest metadataActive
Analytics (Amplitude / GA4)Coarse product analyticsevent metadataActive
Email providerTransactional emailemailNeeds review

Policy links

We are updating our public policy center as products move from prototype to public beta.

Contact

For privacy requests, questions, or feedback, use our inquiry form. Please describe the request type so we can route it appropriately.

Open inquiry form
← Back home