Your data, your control.

We take the security of your job search seriously. Here's exactly what we do with your data—and what we never do.

What we collect

Your job search targets

Company names you add to your radar. We use this to find matching job listings daily.

Your resume

Used only to analyze job fit (scoring, tailoring suggestions, and gap analysis). We never send it to job boards or sell it. We store it encrypted and can be deleted at any time.

Gmail & Calendar access (optional)

Read-only access to match interview invites to your calendar and extract job details from recruiter emails. We never send emails on your behalf and never store credentials.

Application activity

Dates you applied, stage changes, and interview notes—all stored in your SearchSteward account for pipeline tracking.

Access control

Gmail & Calendar

  • ✓ Read your emails and calendar
  • ✗ Never sends email on your behalf
  • ✗ Never stores your Gmail credentials
  • ✗ One-click disconnect in Settings → Integrations

Resume storage

  • ✓ Stored encrypted at rest
  • ✓ Used only for scoring and tailoring
  • ✗ Never shared with job boards
  • ✗ Never sold or used for marketing
  • ✓ Deletable on demand in Settings

Job board integration

  • ✓ We scrape public job boards
  • ✗ We never auto-apply to jobs
  • ✗ We never submit your resume without consent
  • ✗ We never share your data with boards

What we never do

  • ✗ Sell your data to recruiters or third parties
  • ✗ Use your resume in marketing or training
  • ✗ Share your search targets publicly
  • ✗ Use dark patterns to trap subscriptions
  • ✗ Spam your email (only digest + account emails)

Encryption & security

In transit

All communication uses HTTPS (TLS 1.3). Your data is encrypted end-to-end between your browser and our servers.

At rest

Sensitive data (resume content, encrypted credentials, personal identifiers) is encrypted at rest using AES-256. Database access is restricted and audited.

Password security

Passwords are hashed using bcrypt with a strong salt. We never store or transmit passwords in plain text.

Compliance

We comply with GDPR, CCPA, and other privacy regulations. Your data lives in secure servers with automatic backups and disaster recovery.

Your rights

Access: You can download all your data at any time from Settings.

Delete: You can delete your account and all associated data immediately. We don't retain backups of deleted personal data.

Disconnect: You can disconnect Gmail, Calendar, or other integrations with one click in Settings → Integrations. We immediately revoke access and delete cached data.

Opt-out: You can disable all emails except critical account notifications in Settings → Notifications.

Portability: You can export your applications, saved jobs, and analytics as CSV in Settings → Export.

Our commitment

Transparency

This page is the truth. We document every permission and data practice. If we change something, you'll hear it first.

Minimalism

We ask for the minimum data needed. No "optional" fields that exist just to harvest data.

No selling

Your data is never for sale. We're funded by subscriptions, not by monetizing you.

Easy exit

Delete or disconnect anytime. No retention schemes. No lock-in. Data portability by default.

Questions about security?

We're transparent about how we handle data. Reach out to [email protected] with any concerns.