Privacy Policy

Last updated: April 28, 2026

1. Information We Collect

We collect the following categories of personal information:

• Account data: Email address, hashed password
• Resume content: Text content of resumes you upload or paste
• Application profile: Legal name, phone, education, work history, demographics (provided voluntarily)
• Job preferences: Target roles, locations, salary range, work arrangement
• Application history: Jobs applied to, application status, timestamps
• ATS credentials: Workday username and password if you choose to save them (encrypted with AES-256-GCM, used only to support Workday sign-in and autofill flows)
• Usage data: Feature usage events, API calls, session activity (first-party only, never shared)

2. How We Use Your Data

• Matching you with relevant job listings based on your profile and preferences
• Tailoring your resume and cover letter for specific job applications using AI
• Auto-filling supported ATS forms (Workday, Greenhouse, Lever, Ashby) after you review and approve each application
• Providing application status history and fill diagnostics
• Processing billing and subscription management

3. Chrome Extension Data Practices

The Open Applier Chrome extension is subject to the Chrome Web Store Developer Program Policies. This section describes extension-specific data handling.

3.1 Single Purpose

The Open Applier extension has a single purpose: to auto-fill job application forms on supported Applicant Tracking Systems (Workday, Greenhouse, Lever, Ashby) using your saved profile data, after you explicitly initiate each fill.

3.2 Permissions and Justification

• activeTab: Required to interact with the current ATS tab when you explicitly click "Open Apply." Only activates on user action.
• Host permissions (*.myworkdayjobs.com, boards.greenhouse.io, *.lever.co, *.ashbyhq.com): Required to detect supported ATS pages, inject the fill button, and interact with application form elements.
• storage: Stores your extension authentication token, cached profile snapshot, pending fill state used to resume after navigation, and extension preferences locally in Chrome. This extension state is not synced through Chrome Sync.
• downloads: Allows downloading tailored resumes and user-initiated debug bundles.
• scripting: Injects platform-specific autofill logic only on supported application pages.
• identity: Enables Google sign-in from the extension popup and optional Gmail connection for verification-code retrieval.
• cookies: Used to read and write Open Applier API auth cookies so the extension and web app stay aligned on the same browser profile.
• alarms: Schedules periodic session validation and deferred delivery of fill reports.

3.3 Data Collected by the Extension

• Page URL: The URL of the job listing page, sent to our API to create the application record.
• Job description text: The visible text content of the job listing, used for resume tailoring and question answering.
• Form field labels, options, and values: Read during the fill process to match profile fields. Filled values are logged for your application history.
• Resume state cache: A cached profile snapshot and pending-fill record are stored locally so the extension can recover gracefully after navigation or refresh.

The extension does not collect browsing history, keystrokes, or screenshots during normal autofill operation, and it does not collect data from non-ATS pages. It only activates on supported job application URLs.

3.4 Remote Code

The extension does not load or execute remote code. All extension logic is bundled at build time and distributed through the Chrome Web Store. The extension communicates with the Open Applier API (api.openapplier.com) for authentication, profile retrieval, and fill logging only.

3.5 Data Transmission

All communication between the extension and our API is encrypted via HTTPS/TLS. The extension fetches profile data from our API on demand and keeps a limited local cache in Chrome storage for resume-after-navigation behavior, offline fallback, and UI continuity on the same device. This cache is not synced through Chrome Sync.

4. Subprocessors

We use the following subprocessors to deliver Open Applier. Each has been vetted for its security and privacy posture, and we transfer only the minimum data required for the stated function. Each subprocessor has its own privacy policy governing the data we share with them.

No account credentials or personal identifiers are sent to LLM providers — only your resume and target job description. We will update this list and notify affected users before engaging any new subprocessor that processes personal data.

Open Applier's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4.1 LLM Provider Data Retention

Content sent to Google (Gemini), OpenAI, and Anthropic for resume tailoring is retained by those providers per their published API policies — typically up to 30 days for abuse-monitoring purposes, then deleted. None of these providers train on data sent through their paid API tiers as of the "Last updated" date above. Demographic and EEO fields are never transmitted to LLM providers in any prompt.

5. Data Storage and Security

• All data is stored in PostgreSQL databases with row-level tenant isolation
• Passwords are hashed using Argon2id
• ATS credentials (Workday password) are encrypted with AES-256-GCM
• All API communication uses HTTPS/TLS
• Authentication uses short-lived JWTs with HttpOnly secure cookies
• CSRF protection via Origin validation and SameSite cookies

6. Data Retention

We retain your data for as long as your account is active. When you delete your account (via Settings), all your personal data, resumes, applications, credentials, and preferences are permanently deleted from production within 24 hours and from encrypted backups within 30 days. We maintain rolling 7-day encrypted backups of the production database to support disaster recovery; a deletion request triggers immediate purge from production and on-cycle purge from backups within the rolling window.

6.1 EEO and Demographic Data

The application profile includes optional self-identification fields (gender, race/ethnicity, veteran status, disability status) that some employers request as part of their EEO reporting. These fields:

• Default to "Prefer not to say" on every form
• Are never transmitted to LLM providers in any tailoring prompt
• Are sent to an employer's ATS only when their form explicitly requests them, after you have reviewed and approved the submission
• Can be cleared at any time via Settings > Application Profile

7. Your Rights

• Access: View all your data through the web application (Jobs, Application Profile, Settings)
• Export: Download all your data via Settings > Export Data
• Deletion: Permanently delete your account and all data via Settings > Delete Account
• Correction: Update your profile, resume, and credential information at any time
• Withdraw consent: Uninstall the extension at any time to stop all form-filling activity

8. Cookies

We use HttpOnly authentication cookies to maintain your login session. We do not use third-party tracking cookies or advertising cookies. First-party usage events are collected for product improvement and stored on our own servers.

9. Children's Privacy

Open Applier is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Cross-Border Data Transfers

Open Applier is operated from the United States, and all primary data storage occurs on US infrastructure (Railway, AWS us-east-1, Stripe US). If you are accessing the service from the European Economic Area, the United Kingdom, or another jurisdiction with restrictions on cross-border personal data transfers, you acknowledge and consent to the transfer of your information to the United States.

For users subject to GDPR or UK GDPR, transfers to our US-based subprocessors are made under the European Commission's Standard Contractual Clauses (2021 modules) or the equivalent UK International Data Transfer Addendum. Where additional safeguards are required, we rely on a combination of encryption-in-transit, encryption-at-rest, and contractual data-processing agreements with each subprocessor named in Section 4.

12. Contact

For privacy inquiries, contact us at support@openapplier.com.