We collect the following categories of personal data:

• Account data — name, email address, login credentials, authentication identifiers.
• Profile data — resume content, LinkedIn data, GitHub username and metrics, portfolio links, target role, location, work authorization, headline, and any other information you upload or enter.
• Application data — job descriptions you save, generated materials (resumes, cover letters, Q&A), application tracking entries, notes, and interview session recordings/transcripts.
• Communications — emails you forward to your JobYoda inbox, support messages.
• Usage and telemetry — pages visited, features used, error logs, device identifiers, IP address, browser/user-agent.
• Optional demographic data — only if you choose to provide it for application autofill (e.g. pronouns, veteran status, disability status).

We process personal data for the following purposes:

• Providing the service (contract performance) — account creation, profile ingestion, job matching, generating tailored materials, tracking applications, and learning loops.
• Security and fraud prevention (legitimate interests) — protecting accounts, detecting abuse, rate-limiting.
• Service improvement (legitimate interests) — analyzing aggregate usage to improve features and AI quality.
• Customer support (contract performance / legitimate interests) — responding to your requests.
• Legal compliance (legal obligation) — tax records, responding to lawful requests.
• Marketing (consent) — only where you have opted in.

We share personal data with the following categories of recipients:

• Service providers / subprocessors — cloud hosting and database (Lovable Cloud / Supabase), AI model providers (used through the Lovable AI Gateway) for generating materials and analyses, and email/transcription providers strictly to deliver the service.
• Merchant of Record — Paddle.com Market Limited acts as our reseller and Merchant of Record for all paid subscriptions. Paddle handles payments, billing, tax, invoicing, and subscription management on our behalf and is the recipient of your payment data. See Paddle's privacy policy at paddle.com/legal/privacy.
• Professional advisers — legal, accounting, and compliance advisers under confidentiality.
• Authorities — where required by law or to protect rights, property, or safety.

We do not sell your personal data.

Personal data may be processed in countries outside your own, including the United States. Where required, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or equivalent mechanisms for transfers from the UK/EEA.

We keep personal data only as long as needed for the purposes above. Account and profile data are kept while your account is active and deleted (or anonymised) on account deletion. Billing records are retained as required by tax and accounting law (typically 6–10 years). Backups are purged on a rolling basis.

Depending on your jurisdiction, you may have the right to access, correct, delete, restrict, port, or object to processing of your personal data, and to withdraw consent at any time. You can exercise these rights from your account settings or by contacting us via the support page. UK/EEA users have the right to complain to their local supervisory authority. We aim to respond within one month.

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit (TLS), encryption at rest, access controls, row-level security on the database, and least-privilege service credentials. No system is perfectly secure — please use a strong, unique password and keep your credentials confidential.

We use strictly necessary cookies for authentication and session management. We may use limited first-party analytics cookies to understand aggregate usage. We do not use third-party advertising cookies. You can manage cookies through your browser settings.

The service is not directed to children under 16 and we do not knowingly collect personal data from them.

We may update this Privacy Notice. Material changes will be communicated by email or in-app notice. The "Last updated" date above reflects the latest revision.

Hypertime LLC — questions about this notice or your data? Reach us via our support page.