Privacy Policy

Last updated: May 10, 2026 • Effective immediately

Your privacy is important to us. We collect only what we need and never sell your data to third parties.

1. Who We Are

ReferKaro ("we", "our", "us") operates the job referral marketplace at referkaro.in and referkaro-production.up.railway.app. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform.

2. Information We Collect

Information you provide directly:

  • Full name, email address, phone number
  • Password (stored in encrypted form — we never see your actual password)
  • Company name, designation, years of experience (Referrers only)
  • LinkedIn profile URL (optional)
  • Resume / CV (uploaded as PDF)
  • Messages sent through the platform's chat feature

Information collected automatically:

  • IP address and browser information
  • Pages visited and time spent on the platform
  • Device type (mobile/desktop)
  • Referral request history and status

3. How We Use Your Information

  • To create and manage your account
  • To connect job seekers with referrers at their target companies
  • To send email notifications about referral requests and status updates
  • To display your profile to relevant users (Referrers see Seeker requests; Seekers see Referrer profiles)
  • To improve the platform and fix bugs
  • To prevent fraud, abuse, and policy violations
  • To send important service-related communications

4. How We Share Your Information

We do not sell your personal data. We share information only in these limited cases:

  • Between Users: When a Seeker sends a referral request, their name, email, and resume are shared with the Referrer. Referrer profiles (name, company, designation) are visible to logged-in Seekers.
  • Service Providers: We use MongoDB Atlas (database), Cloudinary (file storage), Railway (hosting), and Nodemailer (email delivery). These providers process data only to operate our service.
  • Legal Requirements: We may disclose information if required by law, court order, or government authority in India.

5. Data Security

We take security seriously:

  • 🔒Passwords are hashed using bcrypt — never stored in plain text
  • 🔒Authentication uses JWT tokens with 7-day expiry
  • 🔒All data is stored on MongoDB Atlas with encryption at rest
  • 🔒All connections use HTTPS/TLS encryption
  • 🔒Admin panel is protected by a separate secret key

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal information within 30 days, except where retention is required by law. Resume files stored on Cloudinary will also be deleted upon account deletion request.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete information
  • Request deletion of your account and associated data
  • Withdraw consent for marketing communications at any time
  • Request a copy of your data in a portable format

To exercise any of these rights, email us at support@referkaro.in

8. Cookies

We use a single authentication cookie ("token") to keep you logged in. This is an httpOnly cookie that expires after 7 days. We do not use tracking cookies, advertising cookies, or third-party analytics. You can clear this cookie anytime by logging out.

9. Children's Privacy

ReferKaro is not intended for users under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided personal information, we will delete it immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via email or a prominent notice on the platform. Your continued use of ReferKaro after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

ReferKaro Privacy Team

Email: support@referkaro.in

We respond to all privacy-related queries within 72 hours.

© 2026 ReferKaro. All rights reserved.

Terms of Service →