Privacy Policy

Sirra ("we", "us", or "our") is an AI-powered job application assistant designed for the Australian market. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our mobile application and website (collectively, the "Service").

We are committed to complying with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

We collect the following categories of information:

• Account information — your name, email address, and profile photo, provided when you sign in with Google or Apple.
• Resume content — the text of any resumes you upload to the Service. This is used solely to generate tailored resumes and cover letters.
• Job listing data — URLs or text you paste for job listings you analyse. This may include publicly available job descriptions from third-party platforms (e.g. SEEK, LinkedIn, Indeed).
• Application tracking data — status, notes, and dates you record within the Job Tracker feature.
• Usage data — analytics events (e.g. features used, session frequency) collected via Firebase Analytics to help us improve the Service. No personally identifiable information is included in these events.
• Device information — device type and push notification token (Android only), used to deliver job-ready notifications.

We use your information to:

• Provide, operate, and improve the Service.
• Generate AI-tailored resumes, cover letters, and interview preparation materials.
• Send push notifications when your job analysis is complete.
• Manage your subscription and process payments (via Stripe).
• Respond to your support enquiries.
• Comply with legal obligations.

We do not sell your personal information to third parties. We do not use your resume content to train AI models beyond what is necessary to fulfil your request.

Sirra uses Google Gemini (via Google Cloud) to process your resume and job description content and generate AI outputs. Your data is sent to Google's servers for this purpose and is subject to Google's Privacy Policy. We use Google's API under terms that prohibit Google from using your data to train their models without your consent.

Your data is stored in Google Firebase (Firestore) in the australia-southeast1 (Sydney) region. We apply industry-standard security controls including:

• Authentication required to access all personal data.
• Firestore Security Rules restricting access to your own data only.
• All data in transit encrypted via HTTPS/TLS.
• Job records automatically expire after 7 days to limit data retention.

No security system is completely impenetrable. If you believe your account has been compromised, please contact us immediately at privacy@sirra.au.

We use the following third-party services that may process your data:

• Google Firebase — authentication, database, cloud functions, analytics, and push notifications.
• Google Gemini (AI) — resume and cover letter generation.
• Stripe — subscription payment processing. We do not store your payment card details; these are handled entirely by Stripe.
• ScraperAPI — retrieval of publicly available job listing content from URLs you provide.

Under the Australian Privacy Act, you have the right to access, correct, or request deletion of your personal information. You can:

• Delete your account — use the "Delete Account" option in Settings. This permanently removes all your data from our systems.
• Export your data — contact us at privacy@sirra.au to request a copy of your data.
• Opt out of analytics — analytics events contain no personally identifiable information, but you may contact us to opt out.