Your resume, our responsibility

• Encrypted at rest. All persistent data — Firestore records and files in Google Cloud Storage — is encrypted with AES-256 using Google-managed keys. Backups and replicas inherit the same encryption.
• Encrypted in transit. Every connection between your device, our API, and our subprocessors is protected with TLS 1.2+ (TLS 1.3 where supported). We do not accept unencrypted traffic.
• Scoped to you. Records are partitioned per user and gated by Firebase Authentication. API requests are authenticated with short-lived tokens and authorized before any read or write; there are no shared, cross-user reads.
• Data minimization. We collect what the product needs to find jobs and apply on your behalf, and no more. When we submit an application, the employer receives only the information that posting requires.
• Hosted in the United States. Production data is processed and stored in Google Cloud regions in the U.S. (primarily us-central1). Cross-border transfers, where they occur via a subprocessor, rely on Standard Contractual Clauses or an equivalent transfer mechanism.
• Secrets, not source. Credentials and API keys live in Google Secret Manager — never in source control, client apps, or logs.
• PII-aware logging. Application logs and error reports run through redaction rules that strip emails, tokens, résumé text, and other identifiers before they reach our monitoring tools.

Reading postings, scoring fit, and tailoring applications is done with large language models. We are deliberate about which models touch your data and on what terms:

• Primary model — Google Cloud Vertex AI (Gemini). Runs inside our Google Cloud environment under Google's enterprise data-use terms, which prohibit using your content to train Google's foundation models.
• Fallback model — Anthropic (Claude). Used only when the primary path is unavailable, under a zero-retention, no-training commercial agreement.
• No model training on your data. Your résumé and job-matching prompts are sent for inference only. No subprocessor is permitted to retain that content beyond the request or use it to train, fine-tune, or improve their models.
• Sensitive answers are walled off. Equal-employment (EEO) and demographic responses you may provide are stored separately and are not included in the prompts sent to any language model.
• Human-reviewable, not human-replaced. Matching and tailoring are tools to help you apply faster. You set your limits, you can review what was submitted, and a final human decision always rests with the employer — see Fair chance and our automated-decision disclosures in the Privacy Policy.

• Sell, rent, or license your résumé, contact details, or job-search activity to data brokers, recruiters, or advertisers.
• Engage in "sharing" for cross-context behavioral advertising as defined under California law.
• Let any third party use your data to train, fine-tune, or evaluate their AI models.
• Apply to a job outside the roles, locations, pay, and limits you set — including jobs you've told us to avoid.
• Use your EEO or demographic answers to filter, rank, or restrict the jobs we show or apply to on your behalf.
• Email you marketing you didn't ask for, or make it hard to turn notifications off.

We rely on a small, vetted set of service providers to operate Jobeezy. Each is bound by a data-processing agreement and contractually limited to processing data only on our instructions.

• Infrastructure & AI: Google Cloud Platform / Firebase (compute, database, storage, authentication, Vertex AI).
• Fallback AI: Anthropic.
• Email: Resend (transactional and product email).
• Job data & assisted apply: Apify (job-posting ingestion) and Browserbase (managed, isolated cloud browser sessions used to complete applications on your behalf).
• Billing: RevenueCat, with Apple App Store and Google Play as payment processors.
• Analytics & reliability: PostHog, Sentry, Google Analytics 4, and Microsoft Clarity (marketing site only).

The complete, current list — with legal entities, regions, and the data each one handles — lives on the subprocessor page. Enterprise customers can subscribe to advance notice of changes under our DPA.

Wherever you live, you can exercise these rights — and we don't charge you or degrade the service for doing so:

• Access & portability. Request a machine-readable export of your data from the app or by emailing us; we deliver it as a downloadable archive.
• Correction. Update your profile and résumé details at any time in the app.
• Deletion. Delete your account in one tap. See Delete account for exactly what is removed and when.
• Opt-outs. Turn off notifications, and opt out of "sale"/"sharing" and targeted advertising (we don't do either, but the control is honored) — including Global Privacy Control signals.
• Non-discrimination. We will never deny service, charge more, or provide a lesser experience because you exercised a privacy right.

EU/UK residents: see the Privacy Policy. California residents: see CCPA / CPRA.

• GDPR & UK GDPR. We honor access, portability, rectification, erasure, restriction, and objection rights.
• CCPA / CPRA. California residents can exercise their rights through our request portal.
• SOC 2 Type I. Readiness program in progress. We will publish the report and refresh this section when the audit completes; this page reflects the controls we operate today, whether or not they are yet attested.
• Infrastructure attestations. Our cloud provider, Google Cloud, maintains SOC 1/2/3, ISO 27001/27017/27018, and equivalent certifications for the underlying infrastructure.
• Fair-chance & EEO. We follow Ban-the-Box principles and keep sensitive answers out of automated matching — see Fair chance.
• Data processing addendum. Available for business customers at /legal/dpa/.

We welcome reports from security researchers and operate a good-faith safe harbor:

• If you discover a vulnerability, email security@jobeezy.com (see also security.txt). Give us reasonable time to investigate and remediate before any public disclosure.
• Safe harbor. Research conducted in good faith, in line with this policy, and without harming users or data, will not be pursued or reported by us as a violation of applicable anti-hacking laws or our Terms.
• Out of scope. Do not access, modify, or exfiltrate data that isn't yours; don't run denial-of-service tests, social-engineering, or spam; and don't degrade the service for others.
• We acknowledge legitimate reports within 72 hours and will keep you updated through remediation.

We maintain a written incident-response process covering detection, triage, containment, eradication, recovery, and post-incident review.

• Notification. If a security incident affects your personal data, we will notify affected users and any required regulators without undue delay, and within the timelines required by applicable law (for example, the GDPR's 72-hour authority-notification standard).
• Transparency. Material incidents and their resolution are disclosed on this page and, where appropriate, on our status page.
• History. To date, no security incident affecting user data has been disclosed.

• Jobeezy runs on Google Cloud's managed, regionally redundant services, with automated failover handled by the platform.
• Data is continuously replicated and backed up by managed cloud services; backups are encrypted and retention is bounded.
• Live uptime, incident notices, and component health are published on our status page.

Email security@jobeezy.com or see /.well-known/security.txt. We acknowledge legitimate reports within 72 hours. For privacy requests, contact privacy@jobeezy.com.