Privacy Policy

Last updated: May 19, 2026

SearchSteward ("we", "us") operates a hosted job-search workspace. This policy explains what data we collect, why, where it goes, and the rights you have under the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA). The product is in private beta. If anything below is unclear, email [email protected].

1. Data we collect

  • Account identity: email, password hash, verification state, role.
  • Job-search profile: target companies, search preferences, salary expectations, location filters, resume text and generated resume variants.
  • Application records: applications you save, statuses, notes, contacts, interview events, offers.
  • Email signals (if you connect Gmail): sender, subject, snippets, classification labels, interview metadata. We process only messages that match job-related heuristics.
  • Calendar signals (if you connect Google Calendar): event metadata used to surface interview reminders.
  • Operational telemetry: request logs, scraper run logs, LLM usage and cost records, background-job payloads, audit events.
  • Product analytics: page views and a defined funnel-event allowlist via PostHog, after you accept the analytics banner. We do not capture form input, resume content, job descriptions, or message bodies.

2. Why we process it (GDPR Art. 6 legal bases)

  • Performance of a contract — running the workspace you signed up for (matching, application tracking, generated artifacts).
  • Legitimate interests — security, abuse prevention, debugging, and improving scoring quality, balanced against your rights.
  • Consent — analytics cookies, marketing email, optional Gmail/Calendar integrations. You can withdraw consent at any time without affecting prior processing.
  • Legal obligation — tax records on paid plans, lawful requests we are required to honor.

3. Third-party processors

We share data only with the providers needed to run the product:

  • Railway — application hosting and managed Postgres (US region).
  • Zoho Mail — transactional and account email.
  • PostHog — product analytics (US cloud). Only fires after consent.
  • OpenAI and Google (Gemini) — LLM inference for resume tailoring, job-fit analysis, and outreach drafting. Prompts may include your resume and job-description text; we do not send unrelated personal data.
  • Stripe — billing (only once you start a paid plan).
  • Google (Gmail / Calendar) — only if you connect them. OAuth tokens are stored per user.

Some processors are located in the United States. Where you are in the EU/EEA or UK, transfers rely on Standard Contractual Clauses or equivalent safeguards offered by each provider.

4. Cookies and analytics

We use a small number of first-party cookies and localStorage entries for authentication, CSRF protection, and feature state. These are necessary for the product to function and are not subject to opt-in consent.

PostHog product analytics is opt-in. The banner shown on first visit lets you accept or decline; declining keeps analytics off and stores no analytics identifiers. You can change this later at any time from the Privacy section under Settings, or by clearing site data in your browser.

5. Retention

  • Account profile, applications, and resumes: retained while your account is active.
  • Email signal raw excerpts: retained for up to 90 days after classification, then redacted to a structured summary.
  • Operational logs: 30–90 days depending on log type.
  • Backups: rolling 35-day window.
  • Billing records: 7 years (US tax requirement) on paid plans.

6. Your rights

Subject to verification, you can:

  • Access — download a copy of your data via Settings → Export, or request it from us.
  • Rectify — edit profile, preferences, applications, and notes from within the app.
  • Erase — delete your account from Settings → Privacy. We honor erasure requests in line with GDPR Art. 17 and CCPA § 1798.105.
  • Restrict / object — pause specific processing (e.g. disconnect Gmail) without deleting the account.
  • Portability — receive your data in a machine-readable JSON export.
  • Withdraw consent — disable analytics, disconnect integrations.
  • Non-discrimination (CCPA) — exercising any of these rights does not affect service quality or price.
  • Lodge a complaint — with your local supervisory authority (EU/EEA) or the California Privacy Protection Agency.

Exercise any of these by emailing [email protected] or using the controls under Settings → Privacy. We respond within 30 days.

7. Sale and sharing of personal information (CCPA)

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. The third parties above act as service providers under written contracts that prohibit using your data for their own purposes.

8. Security

We use TLS in transit, encrypted storage at rest at our hosting provider, field-level encryption for credentials such as Gmail app passwords and integration tokens, role-based access controls for support staff, and audit logging on administrative actions. No system is perfectly secure; we will notify affected users within 72 hours of confirming a breach involving personal data, in line with GDPR Art. 33.

9. Children

SearchSteward is not directed to children under 16 and we do not knowingly collect data from them.

10. Changes to this policy

We will post material changes here and, where required, notify you by email. The "Last updated" date reflects the most recent revision.

11. Contact

Data controller: SearchSteward Operations. For privacy questions, GDPR or CCPA requests, or to report a concern, email [email protected].