
Career evidence needs careful handling.
Rolemate treats candidate data as audit infrastructure: server-side authorization, account-owned artifacts, and candidate-controlled sharing.
Access control
Private artifacts are protected with account-based access and server-side authorization. No artifact is readable without an authenticated session scoped to its owner.
Sharing controls
Candidates control which evidence surfaces appear in shared views. Nothing is public without an explicit opt-in.
Reports
For security reports, email team@rolemateapp.com with the subject Rolemate Security.