Milatamilata
Get Started
Back to home

Privacy Policy

Effective Date: January 1, 2025
Last Updated: November 25, 2025

1. Introduction

This Privacy Policy describes how Milata LLC ("we," "us," or "our") collects, uses, and shares your personal information when you use our website milata.com and related services (collectively, the "Service").

Company Information:

We are committed to protecting your privacy and ensuring transparency about our data practices. This policy applies to all users regardless of location and complies with applicable privacy laws including the California Consumer Privacy Act (CCPA), Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), and the European Union's General Data Protection Regulation (GDPR).

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide to us, including:

  • Account Information: Name, email address, profile photo, location
  • Professional Information: Work history, education history, LinkedIn URL
  • Application Materials: Resumes and cover letters you upload
  • Payment Information: Billing details processed through Stripe (we do not store full payment card details)
  • Communications: Messages you send to us and feedback you provide

2.2 Information from Third-Party Sources

We collect additional information about you from third-party sources:

  • LinkedIn: Through OAuth integration, we may collect profile information, work history, and education details with your consent. We do not post to LinkedIn on your behalf or access your LinkedIn connections.
  • PeopleDataLabs API: We use this service to enrich and verify your professional information, including work history, education background, and professional details
  • Google Location API: We collect city-level location information (not precise geolocation)

2.3 Information Collected Automatically

When you use our Service, we automatically collect:

  • Usage Data: How you interact with our platform, pages visited, features used
  • Technical Data: IP address, browser type, device information, operating system
  • Analytics Data: Collected through PostHog analytics to understand user behavior and improve our Service

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Primary Service Functions

  • Account Management: Creating and maintaining your user account
  • Referral Matching: Suggesting relevant referrers and job opportunities based on your professional background
  • Cohort Assignment: Assigning you to professional and educational cohorts
  • Transaction Processing: Processing token purchases and managing your account balance
  • Communication: Sending you referral updates, platform notifications, and responding to your inquiries

3.2 Service Improvement and Analytics

  • Platform Enhancement: Analyzing usage patterns to improve our features and user experience
  • Performance Monitoring: Ensuring our Service operates effectively and securely
  • Research and Development: Developing new features and improving existing functionality

3.3 Marketing and Communication

  • Email Communications: Sending you service-related emails, updates, and marketing communications (with opt-out options)
  • Customer Support: Providing assistance and responding to your questions

3.4 Legal and Security

  • Legal Compliance: Meeting our legal obligations and protecting our rights
  • Security: Detecting and preventing fraud, abuse, and security threats
  • Dispute Resolution: Resolving disputes and enforcing our terms of service

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, our legal basis for processing your personal information includes:

  • Consent: When you provide explicit consent (e.g., LinkedIn OAuth, marketing emails)
  • Contract Performance: When necessary to provide our services to you
  • Legitimate Interest: For improving our services, security, and business operations
  • Legal Obligation: When required by applicable law

5. Information Sharing and Disclosure

5.1 Service Providers

We share minimal required information with trusted third-party service providers:

  • Stripe: Payment processing (they receive billing information but not your full payment details)
  • Resend: Email delivery services
  • PostHog: Analytics and usage tracking
  • PeopleDataLabs: Professional data enrichment and verification

5.2 Within the Platform

  • Referrers: When you submit a referral request, we share your profile information, resume, and cover letter with relevant referrers in your cohorts
  • Employers: Referrers may share your information with potential employers as part of the referral process, but we do not share your information directly with employers

5.3 Legal Requirements

We may disclose your information when required by law, legal process, or to:

  • Comply with legal obligations
  • Protect our rights and property
  • Ensure user safety and platform security
  • Respond to government requests

5.4 Business Transfers

In the event of a merger, acquisition, or sale of our business, your information may be transferred as part of that transaction.

6. Data Retention

We retain your information for different periods depending on the type of data:

  • Account Data: Deleted 3 months after account deletion
  • Resumes and Cover Letters: Deleted 3 months after account deletion
  • Referral Request Data: Retained indefinitely to maintain platform integrity and referral history
  • Transaction Records: Retained indefinitely for financial and legal compliance
  • Marketing Communications: Until you unsubscribe or delete your account

7. Data Security

We implement appropriate technical and administrative measures to protect your information:

  • Encryption in Transit: All data transmitted to and from our Service is encrypted using HTTPS/TLS
  • Access Controls: Strict authentication and authorization controls limit access to your data
  • Row-Level Security: Database-level security ensures users can only access their own information
  • Regular Security Audits: We conduct regular security assessments and penetration testing
  • Incident Response: We have procedures in place to respond to potential data breaches
  • Limited Access: Currently, only one team member has access to user data, with plans to maintain strict access controls as we grow

While we strive to protect your information, no method of transmission or storage is completely secure. We cannot guarantee absolute security.

8. Your Rights and Choices

8.1 All Users

You have the following rights regarding your information:

  • Access: Review and update your profile information through your account settings
  • Marketing Opt-Out: Unsubscribe from marketing emails while keeping your account active
  • Account Deletion: Contact support@milata.com to delete your account
  • Data Control: Choose what information to include in referral requests

8.2 California Residents (CCPA Rights)

If you are a California resident, you have additional rights:

  • Right to Know: Request information about the personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information (subject to certain exceptions)
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

8.3 Canadian Residents (PIPEDA Rights)

Canadian users have rights including:

  • Access: Access your personal information we hold
  • Correction: Request correction of inaccurate information
  • Complaint: File complaints with the Privacy Commissioner of Canada

8.4 European Users (GDPR Rights)

If you are in the European Economic Area, you have additional rights:

  • Access: Obtain confirmation and access to your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data under certain circumstances
  • Portability: Request your data in a portable format (feature under development)
  • Restriction: Restrict processing under certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at support@milata.com. We will respond within the timeframes required by applicable law (typically 30 days for GDPR requests, 45 days for CCPA requests).

9. Children's Privacy

Our Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

  • Post the updated policy on our website
  • Update the "Last Updated" date
  • For material changes, provide additional notice through email or platform notifications
  • For EU users, obtain consent where required for material changes

11. Contact Information

General Privacy Questions

Email: support@milata.com

Complaints

  • US Users: You may contact us directly or file complaints with relevant state attorneys general
  • Canadian Users: Privacy Commissioner of Canada (priv.gc.ca)
  • EU Users: Your local data protection authority

12. Definitions

  • Personal Information/Data: Information that identifies, relates to, or can be linked to you
  • Service: Our website milata.com and related services
  • Referrer: Platform users who provide job referrals
  • Cohort: Groups of users with shared professional or educational backgrounds
  • Tokens: Digital credits used to make referral requests on our platform

If you have any questions about this Privacy Policy, please contact us at support@milata.com

Privacy Policy - Milata