Privacy Policy

ShowIntro is an async video hiring platform. Candidates record video answers to hiring questions, recruiters screen and shortlist candidates, and clients (hiring managers) approve finalists — all without a single first call. "ShowIntro", "we", "us", or "our" refers to the ShowIntro platform and its operators.

Questions about this policy: victor@showintro.com

We collect only what is necessary to run the platform:

• Account data — email address and hashed password, or Google OAuth token if you sign in with Google.
• Profile data — full name, job title, specialty, seniority, years of experience, location, salary expectations, GitHub / LinkedIn / CV links, avatar image.
• Video recordings — video files you record in the browser as answers to assigned questions. Videos are stored in a private bucket and are only reachable via your explicit share link.
• Company data (recruiters) — company name, logo, website, industry, employee count range, plan tier.
• Usage data — IP address, browser type, and request timestamps collected automatically by our infrastructure for security and abuse prevention.
• Cookies — session cookies (mandatory for auth) and preference cookies (theme, language). See our .

We do not sell, rent, or broker your data to any third party.

• To provide, operate, and improve the ShowIntro platform.
• To display your profile and videos to recruiters and clients you explicitly share your link with.
• To deliver transactional emails: invite links, password resets, account notifications. We do not send marketing emails without your explicit consent.
• To enforce the 30-day re-registration restriction after account deletion (using a non-reversible email hash only — no plain email is stored after deletion).
• To detect and prevent fraud, abuse, and security threats.

All data is stored on Supabase, which runs on AWS infrastructure. Every database table is protected by Row-Level Security (RLS) — users can only read or write their own rows unless another party has been explicitly granted access. Video files sit in a private Supabase Storage bucket and require a signed URL to access; that URL is only available to users you share your profile link with.

Passwords are never stored in plain text. We use bcrypt hashing via Supabase Auth.

• Recruiters — only when you send them your profile link. You can revoke access at any time by toggling your profile to private.
• Clients / hiring managers — only when a recruiter explicitly adds them to a vacancy shortlist that includes your profile.
• Supabase — our database, authentication, and storage provider. Data is processed under their privacy policy.
• Google — if you use Google Sign-In, Google processes your OAuth token under their privacy policy.
• Law enforcement — we may disclose data if required by a valid legal order or to protect the rights and safety of our users.

No other third parties receive your data.

Your data is kept for as long as your account exists. When you delete your account:

• Your profile, videos, and all associated records are deleted immediately.
• A non-reversible MD5 hash of your email is retained for 30 days solely to enforce the re-registration restriction. After 30 days this record is permanently purged.