Privacy Policy

Last updated: February 2026

1. Introduction

Welcome to GoalStory ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

2. Information We Collect

We collect information you provide directly to us, including:

  • Account Information: Email address, username, and password when you register
  • Profile Information: Name, location (country and city), career goal, and other optional details you provide
  • Story Submissions: Career stories and experiences you share
  • Questions: Questions you ask our AI assistant
  • Payment Information: When you purchase credits, payment is processed securely through Stripe. We do not store your credit card details.

2a. Information from Third-Party Sign-In (Google)

If you choose to sign up or log in using Google, we receive the following information from your Google account:

  • Email address — used to create and identify your account
  • Name — used to personalize your profile
  • Profile picture URL — not stored or displayed

We only request basic profile and email scopes. We do not access your Google contacts, calendar, files, or any other Google services. Your Google password is never shared with us — authentication is handled securely by Google's OAuth 2.0 protocol.

You can revoke GoalStory's access to your Google account at any time by visiting your Google Account Permissions page.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send you technical notices and support messages
  • Respond to your comments, questions, and requests
  • Train and improve our AI models (using anonymized data)
  • Detect, prevent, and address fraud and abuse

4. Information Sharing

We do not sell your personal information. We may share your information only in the following circumstances:

  • With your consent or at your direction
  • With service providers who perform services on our behalf (e.g., Stripe for payments)
  • To comply with legal obligations
  • To protect our rights, privacy, safety, or property

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. All data is transmitted over HTTPS. However, no method of transmission over the Internet is 100% secure.

5a. Data Retention and Deletion

We retain your personal data for as long as your account is active or as needed to provide you the Service. If you request deletion of your account, we will delete or anonymize your personal information within 30 days, except where we are required by law to retain it.

To request account deletion, please contact us through our support page.

6. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Delete your account and associated data
  • Export your data
  • Opt out of marketing communications

7. Cookies

We use cookies and similar tracking technologies to track activity on our service and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

8. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us through our support page.