Licensely LLC — licensely.io — Effective Date: June 5, 2026 | Last Updated: June 19, 2026
This Privacy Policy describes how Licensely LLC, a Wisconsin limited liability company (“Licensely,” “we,” “us,” or “our”), collects, uses, shares, and protects information about you when you visit licensely.io, create an account, purchase a Product, or otherwise interact with our website, applications, or services (collectively, the “Services”). This Privacy Policy is incorporated into and governed by our Terms of Use.
By accessing or using the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree, you must not use the Services.
1.1 Information You Provide to Us.
• Account information: name, email address, password (stored hashed and never in plaintext), and any optional profile information you submit (e.g., LinkedIn URL, city, state).
• Purchase information: billing address, last four digits of payment card, and transaction details. Full payment card numbers are collected and processed by Stripe, our payment processor, and are never received or stored by Licensely.
• Application tracker data: the states you choose to track, application progress, costs you log, notes, contacts you add, and other information you input into the Navigator.
• Resume builder data: any professional information you enter into the Resume Builder, including work history, licenses, certifications, education, skills, and additional details.
• Reviews and feedback: ratings, written reviews, and feedback you submit, including your role/specialty if voluntarily disclosed.
• Communications: the content of any email, support request, or other communication you send to us.
1.2 Information We Collect Automatically.
• Usage data: pages visited, time spent on pages, clicks, form interactions, and feature usage within the Services.
• Device and connection information: IP address, browser type and version, operating system, device identifiers, screen size, language preference, and referrer URL.
• Session recordings: we use PostHog to record anonymized playbacks of how users interact with the Services for the purpose of product improvement and customer support. Sensitive form fields (passwords, payment information, fields marked as private) are automatically masked and never recorded.
• Acquisition analytics: we use Google Analytics 4 to measure visitor counts, traffic sources (which search engines, links, or campaigns referred you), pages viewed, and conversion events (form submissions, file downloads). Google may use cookies and similar technologies; IP addresses are processed by Google’s servers in the United States. You can opt out at any time using Google’s Analytics opt-out browser add-on.
• Error data: we use Sentry to capture technical errors, including stack traces, browser context, and (after you log in) your user identifier, so we can diagnose and fix issues.
• Cookies and similar technologies: see Section 4 below.
1.3 Information from Third Parties.
We may receive limited information from third-party service providers in connection with your purchase or account (e.g., transaction confirmation from Stripe, email engagement signals from MailerLite). We do not purchase personal information from data brokers.
We use the information we collect to:
• Provide, operate, and maintain the Services, including creating and managing your account, granting access to purchased Products, and enabling features like tracking and resume building;
• Process payments and prevent fraudulent transactions;
• Send transactional emails (e.g., account confirmation, password reset, purchase receipts, important service notices);
• Send marketing emails about new features, products, and updates (you may opt out at any time via the unsubscribe link in any marketing email);
• Provide customer support and respond to inquiries;
• Analyze usage patterns to understand how the Services are used and improve them;
• Detect, investigate, and prevent fraud, abuse, security incidents, and violations of our Terms of Use;
• Comply with legal obligations, court orders, or government requests;
• Enforce our Terms of Use and protect our rights, property, and the safety of our users.
We do not use your information to make automated decisions that produce legal or similarly significant effects about you.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data on the following legal bases:
• Contract: processing necessary to provide the Services you purchased.
• Legitimate interests: improving our Services, preventing fraud, securing our platform, and conducting analytics, balanced against your rights.
• Consent: sending marketing emails, recording session replays, and any other processing for which you have given consent. You may withdraw consent at any time.
• Legal obligation: complying with applicable law, including tax and accounting requirements.
We and our service providers use cookies, local storage, web beacons, and similar technologies to operate the Services, analyze usage, and measure advertising performance. Cookies fall into the following categories:
• Essential cookies (always active): required for authentication, security, and basic functionality (e.g., keeping you logged in).
• Analytics cookies (consent-based): set by PostHog (product behavior) and Google Analytics 4 (acquisition + Google Search attribution) to measure feature usage, page views, conversion funnels, and traffic sources.
• Advertising cookies (consent-based): set by Google Ads to measure conversions from advertising campaigns and to build audiences for remarketing (showing relevant ads to people who previously visited our site). These cookies enable cross-context behavioral advertising as defined under U.S. state privacy laws.
• Error monitoring: set by Sentry to associate captured errors with your session.
• Email marketing: tracking pixels set by MailerLite in marketing emails to measure opens and clicks.
When you first visit the Site you will see a cookie consent banner letting you accept all cookies, reject non-essential cookies, or customize your choices. You can revisit your choices at any time by clicking “Cookie preferences” here or in the site footer. We honor Global Privacy Control (GPC) browser signals as a valid opt-out of sale and sharing for California residents. Most browsers also allow you to control cookies through browser settings; disabling essential cookies may impair the functionality of the Services.
We share information with the following service providers solely to operate and improve the Services. Each provider is contractually obligated to protect your information and use it only as necessary to provide their service to us.
| Provider | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing | Name, email, billing address, payment card data (Stripe collects directly — we never see full card numbers) |
| Supabase | Authentication + database hosting (US region) | Account information, tracker data, resume data, reviews |
| Resend | Transactional email delivery (account confirmation, password reset) via mail.licensely.io | Email address, message content |
| MailerLite | Marketing email delivery (free guide, product updates) | Email address, first name, engagement signals |
| Netlify | Website hosting and content delivery | IP address, request metadata, hosting logs |
| PostHog | Product analytics + session replay | Email (after login), usage events, anonymized session recordings with masked sensitive fields |
| Google Analytics 4 | Acquisition analytics + Google Search Console attribution | IP address, device + browser metadata, pages viewed, referrer URL, conversion events. No personally identifiable account information is sent. |
| Google Ads | Conversion measurement (purchase attribution to ad clicks) + remarketing (showing relevant ads to past visitors across Google’s ad network, including YouTube and partner sites) | IP address, browser + device metadata, pages viewed, referring URL, ad click identifier (GCLID), and on the purchase confirmation page only: order amount, currency, and Stripe Checkout Session ID. No name, email, or account credentials are sent to Google Ads. |
| Sentry | Error monitoring | Email (after login), browser context, stack traces, error metadata |
We may also disclose your information when required by law, in response to lawful requests by public authorities, to protect our rights or the safety of others, or in connection with a business transfer (merger, acquisition, or sale of assets). We do not sell your personal information to advertisers or data brokers in exchange for monetary consideration. As described in Section 4, when you grant advertising-cookie consent, we share certain online identifiers with Google for cross-context behavioral advertising; under the CCPA, this constitutes “sharing” and you have the right to opt out at any time via the cookie preferences link or by emailing us (see Section 8).
We retain your information for as long as your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, prevent fraud, and enforce our agreements:
• Account information: retained while your account is active. If you request account deletion, we will delete identifying account data within 30 days, except where retention is required by law.
• Purchase records: retained for at least seven (7) years for tax, accounting, and audit purposes, as required under U.S. federal and state law.
• Tracker and resume data: retained while your account is active. Deleted within 30 days of account deletion request.
• Analytics data: retained per PostHog’s retention policy (currently up to 7 years for aggregate data, up to 30 days for session recordings) and Google Analytics 4’s default retention policy (currently 14 months for user-level data).
• Error logs: retained per Sentry’s retention policy (currently 90 days).
• Email logs: retained per Resend and MailerLite’s retention policies for compliance and deliverability purposes.
7.1 Access and Correction. You may access and update most of your account information directly within the Services. For information you cannot edit yourself, email us at hello@licensely.io.
7.2 Deletion. You may request deletion of your account and associated data by emailing hello@licensely.io. We will respond within thirty (30) days. We may retain certain information as required by law (e.g., transaction records for tax compliance).
7.3 Data Portability. You may export your tracker data and resume data at any time from within the Navigator using the “Save Backup” feature.
7.4 Marketing Opt-Out. You may unsubscribe from marketing emails at any time using the unsubscribe link in any marketing email. Transactional emails (account confirmation, password reset, important service notices) cannot be opted out of while your account is active.
7.5 Session Recording Opt-Out. If you wish to opt out of session recording for analytics, email hello@licensely.io and we will exclude your account.
7.6 Do Not Track. Some browsers offer a “Do Not Track” signal. Because there is no widely accepted standard for honoring DNT signals, we currently do not respond to them. We encourage you to use the opt-out mechanisms described in this Policy.
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
• Right to know what personal information we collect, use, disclose, and (if applicable) sell or share.
• Right to delete personal information we have collected (subject to certain exceptions).
• Right to correct inaccurate personal information.
• Right to opt out of the sale or sharing of personal information. Licensely does not sell personal information for monetary consideration. We do, however, “share” certain online identifiers with Google for cross-context behavioral advertising when you grant advertising-cookie consent. You may opt out at any time by clicking “Cookie preferences” and disabling the Advertising category, by emailing us at hello@licensely.io with the subject “Do Not Sell or Share,” or by enabling Global Privacy Control (GPC) in your browser, which we treat as a valid opt-out signal.
• Right to limit use of sensitive personal information. We do not collect or use sensitive personal information for purposes that would trigger the right to limit under CCPA.
• Right to non-discrimination for exercising any of these rights. We will not deny, charge different prices for, or provide a different level of quality of the Services because you exercised your rights.
To exercise any of these rights, email hello@licensely.io with the subject line “CCPA Request.” We will verify your identity (typically by confirming the email address associated with your account) and respond within forty-five (45) days as required by California law. You may also designate an authorized agent to make a request on your behalf.
Categories of personal information we have collected in the past twelve months: identifiers (name, email, IP address), commercial information (purchase records), internet activity (usage data), and inferences drawn from the foregoing (e.g., feature engagement). Sources, purposes, and disclosure recipients are described in Sections 1, 2, and 5 of this Policy.
If you are a resident of Virginia, Colorado, Connecticut, Utah, Texas, Montana, Oregon, Iowa, or another state with comprehensive consumer privacy legislation, you may have rights similar to those described above. To exercise such rights, email hello@licensely.io with the subject line “Privacy Rights Request” and we will respond consistent with applicable law.
The Services are intended for individuals who are at least eighteen (18) years of age. We do not knowingly collect personal information from children under thirteen (13). If you believe a child under thirteen has provided personal information to us, please email hello@licensely.io and we will promptly delete it.
We implement reasonable administrative, technical, and physical safeguards to protect your information, including:
• TLS/HTTPS encryption for data in transit;
• Encryption at rest for database storage via Supabase;
• Hashed password storage (we never store plaintext passwords);
• Stripe handles all payment card data in a PCI DSS-compliant environment;
• Row-level security (RLS) policies in our database to ensure users can only access their own data;
• Regular security review of third-party providers.
No method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security. If we become aware of a data breach that affects your personal information, we will notify you as required by applicable law.
Licensely is based in the United States and our service providers store data primarily in the United States. If you access the Services from outside the United States, your information will be transferred to, stored, and processed in the United States. By using the Services, you consent to such transfer.
For residents of the European Economic Area, the United Kingdom, or Switzerland: we rely on appropriate safeguards (such as Standard Contractual Clauses, where applicable) when transferring personal data internationally.
The Services may contain links to third-party websites (e.g., state Board of Nursing portals, CE providers, malpractice insurers). We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing them with any personal information.
We may update this Privacy Policy from time to time. If we make material changes, we will provide notice via the email address associated with your account or by posting a prominent notice on the Site. The “Last Updated” date at the top of this Policy reflects the most recent revision. Your continued use of the Services after the effective date of any revised Policy constitutes your acceptance of the changes.
If you have questions, concerns, or requests related to this Privacy Policy or our handling of your personal information, please contact us:
Licensely LLC
Email: hello@licensely.io
Website: licensely.io
© 2026 Licensely LLC. All rights reserved.