Last updated: 2026-04-17

Privacy Policy

Short version: we collect the minimum needed to run the Service, we don't sell your data, and we don't train AI models on your content. The details below explain exactly what happens.

What we collect

• Account info: email address (required for magic-link auth via Clerk).
• Content you create: library entries, resumes, cover letters, notes — anything you type or upload into the tools.
• Uploaded files: resume PDFs or docs you drop into the AI import. Stored temporarily in Cloudflare R2, deleted after parsing completes.
• Pass and payment metadata: Stripe customer ID, purchase date, referral code used. We do NOT store full card numbers — Stripe handles that.
• Usage signals: page views, feature clicks, errors. Collected via Cloudflare Web Analytics (privacy-first, no cookies) and PostHog (funnel analysis). No cross-site tracking.

Why we collect it

To run the Service: serve the pages, save your library, bill accurately, pay referrers honestly, send lifecycle emails, and fix bugs. That's it.

Who we share with

Only the vendors we need to run the Service:

• Cloudflare — hosting, databases (D1), file storage (R2).
• Clerk — authentication.
• Stripe — payment processing.
• Anthropic — AI processing of uploaded content (resume parsing, text generation). Anthropic does not train models on this content.
• Loops — sending lifecycle and transactional emails.
• PostHog — product analytics.

We do not sell your personal data. We do not share it with advertisers. We do not run ad tracking on the Site.

AI and your content

When you use AI features (resume import, draft suggestions), the relevant content is sent to Anthropic's Claude API for processing. Anthropic's enterprise terms prohibit training on this input. Your uploaded files are deleted from our R2 storage once parsing is complete. We do not use your content to train any internal model.

Your data is yours

You can export everything you've put into the Service at any time, including after your pass expires. You can delete your account by emailing us — we'll remove your data within 30 days.

Cookies

We use a session cookie (strictly necessary) for login state and a preference cookie for UI settings. No advertising cookies. No cross-site trackers.

Data retention

Active account: we retain your content for as long as your account exists. Expired pass: your data is kept read-only for 90 days after grace window closes, then archived in a form only restorable if you return with a new pass. Delete request: fully removed within 30 days.

Your rights

Depending on your jurisdiction you may have rights under GDPR, CCPA, or similar laws — to access, correct, delete, or port your data. Email us and we'll honor the request within the statutory window.

Contact

Privacy questions: evanburgei@gmail.com.

Draft prepared by the Operator for initial launch. Will be reviewed by counsel before a business entity (LLC) is formed.