Privacy Policy

Last updated: June 2026

1. Introduction

AI Job Apply ("we", "our", "app") is an AI-assisted job application tool that helps users draft and send tailored application emails via their Gmail account. This privacy policy explains what data we collect, how we use it, and your rights.

2. Data We Collect

  • Google Account Information: Your name, email address, and profile picture — obtained through Google OAuth for authentication.
  • OAuth Tokens: Access and refresh tokens needed to send emails on your behalf via the Gmail API. These are stored securely in our database.
  • Resume Content: Plain-text resume you voluntarily provide to personalize generated emails.
  • Application Records: Metadata about emails sent through the app (recipient, subject, send timestamp, Gmail message ID).
  • LLM API Keys:Stored only in your browser's localStorage. We never transmit these to our server database.

3. How We Use Your Data

  • To authenticate you via Google Sign-In.
  • To generate tailored job application emails using your resume and job details.
  • To send application emails through your Gmail account using the Gmail API.
  • To store your resume for future email generations.
  • To maintain a record of sent applications for your reference.

4. Data Storage & Security

User data is stored in MongoDB. OAuth tokens are stored server-side and are never exposed to the client. Session cookies are HTTP-only and secure in production. LLM API keys are stored exclusively in your browser's localStorage and are never persisted on our servers.

5. Data Retention

  • Sessions expire after 7 days and are automatically deleted.
  • User accounts and associated data are retained until you request deletion.
  • Application records are retained until account deletion.

6. Third-Party Services

  • Google OAuth & Gmail API: Used for authentication and sending emails. Subject to Google's Privacy Policy.
  • MongoDB: Database hosting for user data and sessions.
  • LLM Providers (user-configured): OpenAI, Anthropic, Google, or Vercel — used to generate email content. Your API key is sent directly from your browser; we do not proxy or store it.

7. Your Rights

  • You may request deletion of your account and all associated data at any time.
  • You may revoke Google access at any time via your Google Account settings.
  • You may request a copy of the data we hold about you.

8. Contact

For privacy-related questions or deletion requests, contact us at pranavdileep10@gmail.com.

← Back to App