Privacy Policy

Who this applies to

This policy applies to anyone who creates a Jobcakes account or uses Jobcakes features, including through the Jobcakes browser extension listed on the Chrome Web Store. Capitalized terms in our Terms of Service have the same meaning here unless we say otherwise.

Information we collect

Depending on how you use Jobcakes, we may collect:

• Account and authentication data: email address or other login identifiers you provide; session and security tokens tied to your account.
• Profiles and resumes: profile fields you enter or import (for example name, contact details, work history, education, skills), uploaded resumes and documents (PDF/DOCX and extracted text where we parse them), preferences for resume layout, and imported or stored “original” or generated resume content.
• Jobs, applications, and outcomes: job postings and metadata from integrations or imports (including job titles, employers, URLs, postings, descriptions, compensation when available); application status and history you record in Jobcakes; timestamps and edits related to jobs and applications; generated or stored application documents such as resumes and cover letters saved on an application record.
• Interview and screening tooling: interview pipeline steps you create; Interview GPT sessions, prompts, attachments (for example pasted images), assistant replies, transcripts, recordings, recording metadata, and related uploads when you use those features through the Jobcakes web application.
• Email and messaging (when enabled): with your connection and configuration, synced mail and related metadata used for interview/job association features described in-product.
• Calling and SMS (when enabled): phone numbers you provision or use through Jobcakes; call metadata (direction, duration, status, parties); SMS and MMS message content, sender and recipient numbers, timestamps, delivery and read receipts where available; carrier or provider error codes; opt-in and consent records; and related account linkage. See SMS and text messaging privacy below and our SMS Communication Policy.
• Technical and diagnostics: IP address, approximate location from IP, browser and device type, log and error data, timestamps, identifiers needed to operate APIs and realtime features, and (where configured) operational telemetry via our subprocessors for reliability and security.

Chrome extension — local data on your device. The extension uses Chrome's storagepermission to keep a small configuration on your device, such as your Jobcakes API token, selected profile (person) ID, API base URL, and short-lived context from your Jobcakes web app session (for example which job you opened “Apply” for and the apply URL). This local data is not sent to Google; it stays on your device until you clear it or remove the extension.

Chrome extension — data sent to Jobcakes.When you are signed in, the extension contacts the Jobcakes servers you configure (your API base URL) over HTTPS with your bearer token. Examples include: matching the current tab's URL to a saved job; fetching metadata about which resume is available; downloading resume, cover letter, or generated files you request; and sending requests to generate resumes, cover letters, or screening answers when you use those actions. Resume and document bytes are retrieved from Jobcakes and are only attached to application pages when you take an action (for example clicking to attach). The extension does not collect your full browsing history; it may send the current page URL to Jobcakes for job matching and related features when those requests run.

Why we collect and use data

We use the information above to:

• Provide, operate, and secure Jobcakes (web app, APIs, and extension).
• Store and display your job search data, applications, profiles, and documents.
• Power AI-assisted features you choose to use (see below).
• Operate phone, SMS, mail sync, and other optional integrations you enable.
• Provide support, enforce our terms, prevent abuse, and comply with law and carrier or platform requirements.

Backend storage and transmission

Jobcakes is a cloud-hosted service. Information you submit in the web app, and data retrieved by the extension via authenticated API calls, is transmitted over TLS to servers we operate or host (and to subprocessors acting on our instructions, such as databases and object storage). We persist application data needed to deliver the product until you delete it or close your account as described below, subject to lawful retention periods.

AI providers and inference

Certain features rely on models and infrastructure from third-party AI or speech-processing providers invoked by Jobcakes servers on your behalf, for example to generate resumes, cover letters, interview answers, classify or summarize content, extract text from files, vision-aware flows, or (where enabled) realtime speech for Interview GPT recordings. Implementations may include providers such as OpenAI, DeepSeek (where configured instead of OpenAI), and Deepgram (speech tokens), depending on deployment settings and availability.

When you use those features, the relevant portions of your request (including, as applicable, résumé text, job descriptions or posting text, prompts, pasted images allowed by the feature, and conversation transcripts) may be transmitted from Jobcakes servers to those providers to produce a response. Those providers handle data under their respective terms and policies. Outputs are typically stored in Jobcakes so you can access them again in the same application (unless a feature is expressly ephemeral).

Features you do not use do not invoke these providers with your content for that functionality. Operational error logging may include limited excerpts for debugging; we minimize what we attach to logs where feasible.

Limited use; sensitive employment data

Categories such as resumes, interviews, recruiter communication, transcripts, recordings, SMS content, detailed job description text, compensation fields, calendar or mail-derived signals, can be sensitive employment or personal context. Jobcakes restricts use of personal information obtained through the service to purposes needed to deliver, maintain, analyze, personalize, secure, comply with applicable law regarding, and fix the Jobcakes user-facing functionality you request. We do not sell personal information as those terms are commonly understood under U.S. state laws. We do not disclose Jobcakes user-provided resumes, job postings, transcripts, Interview GPT chats, or SMS/call bodies to unrelated third parties for their independent advertising, marketing aggregation, profiling, or “data broker” resale. Disclosure to subprocessors occurs only where necessary to operate the service under contract and appropriate safeguards (for example AI inference, telecom, hosting, storage, security tooling). If we are required by law to disclose information, we will do so narrowly and notify you where we are permitted.

Developers of features that reuse Google-sensitive APIs or user data scopes should continue to observe Google API Services User Data Policy and analogous platform rules alongside this policy where applicable.

Sharing with service providers

We do not sell personal information or SMS opt-in data for third-party marketing. We share information with vendors solely as needed to operate Jobcakes, including cloud hosting, databases, object storage, communications (for example Twilio), AI or speech inference as described above, logging, observability, and customer support tooling. SMS consent and messaging data are not shared with unrelated third parties for their promotional use. Third parties may only process data under our agreements and documented instructions compatible with this policy, unless law requires otherwise.

SMS and text messaging privacy

Jobcakes phone features let you send and receive one-to-one employment-related SMS (and MMS where supported) using a number assigned to your account. This section summarizes how we treat SMS-related personal information. Our SMS Communication Policy describes permitted use, consent, and recipient keywords (STOP, HELP, START) in more detail.

What we collect for SMS. When you send or receive a message through Jobcakes, we process and may store the message body, from and to phone numbers, timestamps, and technical metadata needed to deliver and display the thread (for example message IDs, delivery status, and error information from our communications provider). We may also store records of how you opted in to use Jobcakes messaging features where required for compliance.

Why we use SMS data. We use this information only to operate the messaging product you asked for: deliver and show your conversations in Jobcakes, troubleshoot delivery problems, enforce our acceptable-use rules, meet carrier and telecommunications-provider requirements, and comply with applicable law. We do not sell SMS content or phone numbers, and we do not share message bodies with unrelated third parties for their marketing or advertising.

Subprocessors and transmission. SMS and voice traffic are routed through a regulated communications provider (for example Twilio) acting as our subprocessor. That provider processes message content and phone numbers as necessary to transmit calls and texts over carrier networks. Their handling is governed by their terms and privacy notices in addition to this policy.

AI and SMS. Jobcakes does not send your SMS message content to third-party AI model providers for advertising, unrelated profiling, or public model training. AI features in Jobcakes (such as resume or interview tooling) are separate; they run only when you use those features and only with the inputs those features require.

Retention. We retain SMS threads and related metadata for as long as your account remains active and you keep the conversation history, and as needed afterward for legal, security, fraud-prevention, and carrier compliance obligations. You may request deletion of your account data (including messaging history where applicable) by contacting support@jobcakes.com, subject to lawful retention exceptions.

Recipient rights. People who receive SMS from a Jobcakes number may reply STOP to opt out of further messages from that number where supported, HELP for help, and in many cases START to resubscribe. Message and data rates may apply; carriers are not liable for delayed or undelivered messages.

Voice calls. For calling, we process similar metadata (parties, direction, timing, and call status) to show call history and operate the service. Call recordings, if any, would only occur where a recording feature is offered and you choose to use it; such recordings would be covered by in-product notices and settings when available.

Retention and security

We retain information for as long as needed to provide the service, comply with legal obligations, resolve disputes, prevent fraud and abuse, and maintain business records. We use commercially reasonable administrative, technical, and organizational safeguards designed to protect information. Extension-only copies on your Chrome profile are yours to remove by uninstalling or clearing extension storage from Chrome settings.

Your choices and how to delete data

• In-app edits: update or remove profile fields, uploads, documents, interviews, chats, recordings, and pipeline data where delete actions are surfaced in Jobcakes.
• Closing your relationship with Jobcakes: email support@jobcakes.com from your account email to request deletion of your account and associated personal data subject to lawful exceptions (billing, abuse investigation, telecom records, backups, aggregated non-identifying metrics).
• Extension: sign out by clearing extension settings or revoke access by resetting your API token in Jobcakes and reinstalling/removing the extension; local extension storage stops being used once removed.
• SMS recipients: reply STOP to opt out from a Jobcakes number where supported; START to resubscribe; HELP for carrier help text.

International transfers

If you access Jobcakes from outside the infrastructure region where we host primary data centers, processing may involve cross-border transfer to jurisdictions where subprocessors operate. Where required by law, appropriate safeguards apply.

Changes

We may update this policy periodically. The “Effective date” above indicates the latest revision. Material changes may be supplemented by notices in-app where appropriate.

Contact

Questions about this policy, data subject requests where applicable, and privacy concerns: support@jobcakes.com.