Your data, explained in plain English.

This policy covers what we collect, why we collect it, how we use AI on your data, who we share it with, how long we keep it, and the rights you have. We've written it to actually be readable — if anything is unclear, email us.

Last updated: April 18, 2026 Applies globally to all JobSphere users

TL;DR

We collect only what you explicitly give us plus minimal telemetry to run the service.
Your résumé is sent to Anthropic / OpenAI only for parsing, embedding, and drafting — not for training.
We use MongoDB Atlas (your data sits in the region you chose at signup).
You can export, correct, or delete your data from your profile at any time.
We flag prompt-injection attempts in postings before any LLM sees the text.
We never sell personal data.

1.Who we are

JobSphere ("JobSphere", "we", "us") is an AI-native job-seeking platform operated by the JobSphere project. Contact details are at the bottom of this page and on our About page. For the purposes of the EU GDPR and the UK GDPR, JobSphere is the data controller for personal data you provide when using the service.

2.Data we collect

We collect personal data in three ways:

a. Information you give us directly

Account: email, password (hashed with bcrypt), name, role (job seeker / employer / admin).
Profile: headline, bio, pronouns, location, timezone, phone, avatar URL, social links (LinkedIn, GitHub, portfolio, Twitter, blog).
Work preferences: desired roles, job types, remote preference, expected salary range, earliest start date, notice period, work authorization and sponsorship answers.
Experience & credentials: skills, work history, education, certifications, projects, languages — either typed in directly or pulled from your résumé via our AI parser.
Résumés: PDF/text files you upload. We store the original file, the extracted text, a structured parse, and a 1536-dimension embedding vector.
Applications: everything you submit on the apply wizard — contact info, eligibility answers, cover letters, screening responses, expected salary, earliest start, referral source.
Employer data: company name, description, industry, website, logo, posted jobs.
Messages: content of direct messages sent via the platform.

b. Information from third-party sign-in

If you sign in with Google, GitHub, or LinkedIn we receive your email, name, profile picture, and the provider ID. We do not receive your provider password.

c. Information collected automatically

Authentication cookies — required to keep you signed in (Auth.js session).
Telemetry — anonymized request paths and render timing through Vercel Analytics + an OpenTelemetry hook. No click tracking, heatmaps, or session replay.
Server logs — IP address, user-agent, and route for each request; kept 30 days for abuse/security analysis.

3.Why we collect it (legal basis)

Under GDPR, our processing rests on the following legal bases:

Contract

Providing you the service you signed up for — running your profile, storing your résumé, delivering applications to employers, computing fit scores.

Legitimate interest

Operating the service securely (fraud detection, rate limiting, server logs) and improving it (aggregate anonymous analytics).

Consent

For optional AI features like drafting cover letters from your résumé. You can opt out by not using the feature.

Legal obligation

Responding to lawful requests from authorities, tax/record-keeping, and safety obligations.

4.How AI uses your data

This section is the part most privacy policies gloss over. We don't. Whenever we send your data to a third-party model, we do it for a specific task, with the minimum input needed, and never for training.

LLM providers we use

Anthropic (Claude) — résumé parsing, job-posting parsing, cover letter drafting, and fit-score rationale text. Operated under the Anthropic API; inputs are not used to train their models.
OpenAI (text-embedding-3-small) — embedding vectors for your résumé and for job postings, used for semantic search and fit score. Operated under the OpenAI API; inputs are not used to train their models.

What gets sent, when

You upload a résumé

Extracted plain-text of your résumé is sent to Claude (parse) + OpenAI (embedding).

An employer posts a job

Pasted URL content or raw text is sent to Claude (parse) + OpenAI (embedding) after our prompt-injection scanner sanitizes it.

You click "Draft cover letter"

Your name, headline, skills, the job title, company, and the job description are sent to Claude. Streamed back to you. Not saved until you hit submit.

You submit an application

Your résumé embedding + the job embedding are compared locally. A short rationale is generated by Claude. No raw résumé text is re-sent.

You view recommendations

Only your stored profile embedding is used to query MongoDB Atlas Vector Search. No prompt is sent.

What does NOT get sent to LLMs

Your password hash (ever, under any circumstance).
Your direct messages with employers.
Other candidates' data or applications.
Your IP address, session cookies, or device fingerprints.
Your complete application history as a context blob for generic reasoning.

Prompt-injection protection. Every job posting is scanned before any LLM sees it. If we detect patterns like "ignore previous instructions", role hijacks, or fit-score manipulation attempts, the posting is flagged and the detected patterns are stripped before forwarding the remainder to the model. This protects your AI-generated artifacts (cover letters, fit scores) from being influenced by a malicious poster.

5.Who we share data with

We share personal data only in the following cases:

Sub-processors (service providers)

Provider	Purpose	Data shared
MongoDB Atlas	Primary database + Vector Search	All profile, résumé, job, and application data
Vercel	Hosting, edge functions, cron, analytics	Request metadata, rendered HTML, aggregated usage
Anthropic	Claude LLM (chat, parsing, drafting)	Résumé text, job text, profile snippets — per task
OpenAI	Embeddings for vector search	Résumé text, job text — per task
Google / GitHub / LinkedIn	OAuth sign-in	Your email, name, profile picture (only if you use that provider)

Employers

When you apply to a job, the employer who posted that job sees your application data — name, contact info, résumé, cover letter, eligibility answers, screening responses, and your fit score breakdown. They don't see applications you've sent to other employers. They don't see your profile until you apply (unless you've set your profile visibility to Public).

Legal requests

We may disclose data if required by law, court order, or to protect rights and safety. We will notify you unless legally prohibited.

We do not

Sell personal data to anyone, ever.
Share data with ad networks.
Feed your data into third-party training datasets.

6.Data retention

Active account data — retained as long as your account exists.
Jobs — auto-expire from the public feed 30 days after posting; soft-deleted at your request.
Applications — auto-resolved as rejected 14 days after submission if the employer does not respond. Records are retained so you retain a history.
Server logs + telemetry — 30 days.
Deleted accounts — all personal data (profile, résumés, applications, messages) is removed within 30 days of account deletion. Anonymized aggregate statistics may be retained.

7.Your rights

Under GDPR / UK GDPR / CCPA / Quebec Law 25, you have the rights below. Most are exercised directly from your profile; for anything we can't do with a button, email us.

Access + portability

Request a machine-readable export of your data.

Correction

Edit any field on your profile yourself, or ask us to correct it.

Erasure

Delete your account and all associated data from your Profile → Account → Danger zone.

Restriction / objection

Ask us to pause specific processing (e.g., LLM drafts) while we review concerns.

Withdraw consent

Turn off AI features any time; prior AI-generated artifacts remain in your history unless you delete them.

Complaint to authority

Lodge a complaint with your local data-protection authority (ICO, CNIL, OPC, OAIC, etc.).

8.Cookies & local storage

We use the bare minimum:

Session cookie (HttpOnly, Secure) — keeps you signed in. Required; without it you can't use the service.
CSRF token — prevents cross-site request forgery. Required.
Theme preference (localStorage) — remembers light/dark mode. Optional.

We do not use third-party advertising cookies, tracking pixels, or cross-site fingerprinting.

9.International transfers

When your data moves outside your home country — for example, to Anthropic's or OpenAI's US-based APIs — we rely on Standard Contractual Clauses (SCCs) and the providers' own adequacy commitments to protect the transfer. MongoDB Atlas lets us pin your primary region at the cluster level.

10.Security practices

All traffic is TLS-encrypted in transit.
Passwords are hashed with bcrypt (cost factor 12). We cannot see your plaintext password.
Session JWTs are signed with a rotating secret; expiry is short.
Database connections are IP-whitelisted + SCRAM-authenticated.
Secrets live in environment variables, not code. We never commit keys.
All LLM inputs from outside sources (job postings) are scanned for prompt-injection patterns.
Dependency security is monitored via GitHub Dependabot.
Suspected breaches are reported to affected users within 72 hours per GDPR Article 33.

11.Children

JobSphere is not intended for users under 16. We don't knowingly collect data from children. If you believe a minor has created an account, email us and we'll remove it promptly.

12.Changes to this policy

We'll post any material changes here and update the "last updated" date at the top. For significant changes that affect how we use your data, we'll notify signed-in users in the app at least 30 days before they take effect.

Questions? Data request? Security concern?

Email us directly. We read everything and reply within 30 days (usually faster).

vishalpopat8@gmail.com

This policy was last updated on April 18, 2026.