Privacy Policy

1. Data We Collect

• Account information (name, email address, profile details, login session metadata).
• Career information (resume data, work experience, education, skills, job preferences).
• Application information (jobs selected, generated outreach emails, application history, status).
• OAuth connection data (encrypted token data and token validity metadata).
• Technical and usage data (logs, timestamps, browser/device data, IP and diagnostic events).
• Payment and subscription information, where applicable (processed by payment providers).
• Support and communication data when you contact us.

2. How We Collect Data

• Directly from you when you register, edit profile details, and use app features.
• From connected providers when you grant OAuth consent.
• Automatically through cookies, logs, and analytics tools while using the Service.
• From communications and support interactions.

3. Google Data Access and OAuth Permissions

We use OAuth 2.0 to connect Gmail securely. We request permissions only to authenticate you and send emails on your behalf when you trigger job application workflows.

• Gmail sending scopes:https://www.googleapis.com/auth/gmail.send and
• Basic profile scopes:https://www.googleapis.com/auth/userinfo.email andhttps://www.googleapis.com/auth/userinfo.profile.

4. Google API Data Use (Limited Use)

Our use and transfer of Google user data is limited to providing and improving user-facing features of the Service. We do not sell Google user data and do not use it for advertising. Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

We do not use Gmail data to train generalized AI or machine learning models, and we do not analyze mailbox data for advertising or unrelated profiling.

5. How We Use Data

• Provide, maintain, and improve our automation service and core app features.
• Process automation requests and generate application content based on your configuration.
• Maintain OAuth connections to your connected providers.
• Send technical notices, updates, security alerts, and support messages.
• Respond to your comments, questions, and support requests.
• Monitor and analyze usage patterns, performance, and trends to improve the Service.
• Detect, prevent, and address technical issues, security threats, and fraudulent activity.
• Process payments and send billing information, where applicable.
• Comply with legal obligations under applicable laws in India.

6. Data Sharing and Disclosure

We do not sell your personal data. We may disclose data only in limited cases:

• Service providers assisting with hosting, payment processing, analytics, and operations, under contractual confidentiality and data-protection obligations.
• Third-party APIs that you authorize through OAuth (for example, Google and other providers you connect) for configured automations.
• Business transfer events (merger, sale, acquisition, or asset transfer), with continuity protections.
• Legal requirements, such as court orders, lawful requests, or rights and safety protection.
• Other disclosures with your explicit consent.

7. Storage, Retention, and Security

• All data in transit is encrypted using TLS/SSL.
• OAuth tokens are encrypted at rest and protected with strict access controls.
• Infrastructure is hosted on secure cloud platforms with regular updates and monitoring.
• OAuth tokens can be revoked by you at any time from account settings or provider controls.
• We conduct periodic security reviews and assessments.
• We retain Google OAuth tokens until you disconnect Google access or delete your account.
• Application email metadata and service logs are retained for security, auditing, and troubleshooting.
• We retain personal data only as long as needed for service delivery and legal requirements.

No method of internet transmission or storage is fully secure, but we apply commercially reasonable safeguards to minimize risk.

You are responsible for maintaining confidentiality of your account credentials and for activity conducted through your account.

8. Cookies and Tracking

We use cookies and similar technologies for sessions, security, and performance. You can control cookies in your browser settings.

9. Third-Party Services and Links

We may use trusted third-party providers to operate the Service. Third-party services have their own policies and terms, and we are not responsible for their practices beyond our direct Service operations.

10. Your Rights

Depending on your location, you may have rights to:

• Access your personal data and request a copy.
• Rectify inaccurate or incomplete personal data.
• Delete your personal data and account, subject to legal retention requirements.
• Object to or restrict processing in specific circumstances.
• Receive your data in a structured, commonly used, and machine-readable format.
• Withdraw consent where processing is consent-based, including OAuth disconnection.
• Opt out of certain processing activities, such as marketing communications.

To revoke Gmail permissions, you can disconnect Google from account settings or remove app access in your Google Account permissions page.

To exercise these rights, contact us using the details below. We respond within a reasonable timeframe and in accordance with applicable law.

11. Children's Privacy and Age Requirement

The Service is intended for users who are at least 18 years old or the age of majority in their jurisdiction. We do not knowingly collect personal data from children.

12. International Data Transfers

Your data may be processed in countries other than your own. Where required, we apply safeguards for cross-border data transfers and process data in line with applicable law.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material updates will be posted on this page with an updated effective date.

14. Contact Information

Email: arbaznivsekar@gmail.com

Address: Mumbai, Maharashtra, India