Security
Data Protection & Security
Your career data is deeply personal. At WIM, we treat it that way. Here’s exactly how we protect your information — no vague promises, just specifics.
Our Core Principle
WIM Careers is built for the Architecture & Engineering industry — a profession founded on trust, precision, and accountability. We hold ourselves to the same standard with your data. We collect only what we need, we protect it with industry-leading practices, and we never sell it. Period.
How We Protect Your Data
Encryption in Transit & at Rest
All data transmitted between your browser and WIM is encrypted using TLS 1.2+ (HTTPS). Stored data — including profiles, credentials, resumes, and Career DNA responses — is encrypted at rest using AES-256 encryption on our database servers.
Secure Authentication
Passwords are never stored in plain text. We use bcrypt hashing with salt rounds, an industry-standard one-way hashing algorithm. Session tokens are cryptographically signed JWTs with automatic expiration, ensuring your login sessions cannot be forged or replayed.
Invisible Mode & Privacy Controls
Professionals can enable Invisible Mode at any time, instantly removing their profile from employer search results and candidate discovery. You control who sees your data — WIM never shares your profile without your explicit visibility settings.
Infrastructure Security
WIM is hosted on enterprise-grade cloud infrastructure with automatic security patching, network isolation, DDoS protection, and continuous monitoring. Our servers are located in SOC 2-compliant data centers with physical access controls and redundant systems.
Access Controls & Least Privilege
Internal access to user data is restricted on a need-to-know basis. Administrative access requires multi-factor authentication, and all data access is logged and auditable. No WIM employee can view your password — ever.
Resume & Document Handling
Uploaded resumes are processed using AI extraction within a secure pipeline. Resume files are stored in encrypted cloud storage with access controls. You can delete your resume at any time from your profile, and the file is permanently removed from our systems.
WIM Score & Career DNA Privacy
Your WIM Score is calculated from your profile data, credentials, projects, and engagement — and is visible only to you unless you explicitly choose to make it available to employers through your visibility settings.
Your Career DNA responses capture your work preferences, culture fit, and career aspirations. This information is used solely to improve alignment between professionals and firms. It is never shared in raw form with employers — only aggregated alignment insights are surfaced.
Important: WIM is an aggregator, not a verifier. We never claim to have “verified” your credentials or professional standing. Your WIM Score is a profile strength metric, not a measure of professional competence.
Your Data Rights
WIM complies with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). You have the following rights over your data:
Access: Request a copy of all personal data we hold about you.
Correction: Update or correct inaccurate information in your profile at any time.
Deletion: Delete your entire account and all associated data permanently.
Portability: Export your profile data in a standard format.
Opt-Out: WIM does not sell your personal information. Ever. No opt-out needed because the sale never happens.
Visibility Control: Toggle Invisible Mode on or off at any time to control your discoverability.
Our No-Sell Promise
WIM Careers will never sell, rent, or trade your personal information to third parties. We don’t monetize your data — we monetize the service we provide to you. Your career information exists solely to help you find better alignment in your professional life.
Third-Party Services
WIM integrates with a limited number of trusted third-party services to operate the platform. These include:
- Cloud hosting providers — for secure, scalable infrastructure with encryption at rest and in transit.
- Email service providers — for transactional emails (welcome emails, password resets). We send only essential communications.
- AI processing — for resume parsing and Career DNA summary generation. Data sent to AI services is not stored beyond the processing session and is not used to train models.
We do not use advertising trackers, sell data to ad networks, or embed third-party scripts that harvest your information.
Account Deletion
You can delete your WIM account at any time from your Settings page. Account deletion is permanent and irreversible. When you delete your account:
- Your profile, credentials, projects, and Career DNA are permanently erased.
- Your resume file is deleted from cloud storage.
- Your WIM Score history is removed.
- Your email is disassociated from any remaining records.
- Job applications you submitted will be anonymized.
This process is designed to be thorough. We don’t keep shadow copies or retain your data “just in case.”
Questions or Concerns?
If you have any questions about our security practices or how your data is handled, we’re here to help:
Email: [email protected]
For more details on data collection practices, see our Privacy Policy. For usage terms, see our Terms of Service.