Privacy Policy

1. Data We Collect

When you create an account and use Vegaply, we collect the following information:

• Email address — used to create your account, send job alerts, and communicate with you.
• Resume content — the text extracted from any PDF or document you upload. This is used exclusively to power AI matching and tailoring features.
• Job search preferences — your job role, location, employment type filters, and saved/tracked jobs.
• Usage data — basic interaction data (features used, session timestamps) to improve the product. No keystroke tracking.
• Authentication data — if you sign in with Google, we receive your name and email from Google via OAuth. We do not receive your Google password.

2. How We Use Your Data

Your data is used solely to provide and improve the Vegaply service. Specifically:

• AI matching — your resume text is sent to our AI provider (Anthropic) to generate match scores, tailored bullet points, cover letters, and interview prep. Anthropic does not retain your data for training.
• Job alerts — your email and preferences are used to send you early-bird job notifications you explicitly opt into.
• Product improvement — aggregated, anonymized usage data helps us understand which features are valuable and where to invest.

3. Data Security

We take security seriously and use industry-standard practices to protect your data:

• All data is stored in Supabase, which encrypts data at rest (AES-256) and in transit (TLS 1.3).
• Passwords are hashed using bcrypt and never stored in plaintext.
• Resume text and preferences are stored in your user-scoped database row — other users cannot access your data.
• API keys and secrets are stored in environment variables, never in client-side code.

While we implement strong security measures, no system is 100% impenetrable. In the event of a breach affecting your data, we will notify you by email within 72 hours.

4. Data Retention & Deletion

Your data is retained for as long as your account is active. You can delete your account at any time from account settings, which permanently removes your email, resume, saved jobs, and all preferences from our systems within 30 days.

Anonymized, aggregated usage statistics (no personal identifiers) may be retained indefinitely for product analytics.

5. Cookies & Local Storage

Vegaply uses browser local storage (not third-party cookies) to remember your search preferences, dark mode setting, and session state. We use essential cookies and similar storage needed to operate the service. We may also use analytics tools and session replay tools to understand product usage and improve the experience. We do not use advertising pixels to build third-party ad profiles.

6. Third-Party Services

We use the following third-party services to operate Vegaply. Each has their own privacy policy:

• Supabase — authentication and database hosting
• Anthropic (Claude) — AI analysis of resumes and job descriptions
• JSearch (RapidAPI) — live job listing data
• Google OAuth — optional sign-in (governed by Google's privacy policy)
• Stripe — payment processing for Pro subscriptions. Stripe handles all payment card data directly; Vegaply never stores or has access to your full card number, CVV, or full billing details. We do store a Stripe customer identifier and your subscription status in our own database so we can manage your plan and access level.

7. Contact

For privacy questions, data deletion requests, or concerns, contact us at:

support@vegaply.com

We aim to respond within 2 business days.