This Privacy Policy explains how JobApplication Studio ("we", "us", or "the Service") collects, uses, and protects personal data when you use the application. This policy applies to users located in the European Union, the United States, and other jurisdictions, in accordance with applicable data protection laws.

1. Personal data we process

Depending on how you use the Service, we may process the following categories of personal data:

• CV or résumé content uploaded by you
• Job descriptions or job posting URLs you provide
• Generated outputs such as tailored CV text, cover letters, or emails
• Account identifiers such as email address (where authentication is enabled)
• Limited technical data related to usage and security (for example timestamps, error logs, and audit records)

2. Purpose and legal basis of processing

We process personal data to provide and operate the Service you request, including analyzing your CV in relation to job descriptions and generating application-related materials.

Under the EU General Data Protection Regulation (GDPR), the primary legal bases for processing include:

• Performance of a contract or service requested by you
• Your consent, where explicitly requested
• Our legitimate interests in securing the Service, preventing abuse, and ensuring operational reliability

3. Storage and data retention

Personal data may be stored to enable core functionality such as saving CVs, reusing generated content, and managing your account.

You can delete your CVs, generated content, or your entire account at any time using the controls provided in the application.

Some data may be automatically deleted after a period of inactivity. Retention periods may vary depending on the type of data and operational requirements. We do not retain personal data longer than necessary for the purposes described in this policy, unless retention is required for security, legal, or compliance obligations.

4. Third-party processors

The Service relies on trusted third-party providers to operate, including:

• Cloud hosting and infrastructure providers
• Authentication and database services
• AI processing APIs used to generate text outputs

These providers act as data processors and process personal data only on our instructions and in accordance with applicable data protection agreements.

Data submitted to AI processing APIs is used solely to provide the requested functionality and is not used by us to train public or shared machine learning models.

If you access the Service from outside the European Union, your data may be processed in jurisdictions with different data protection standards. Where required, appropriate safeguards are applied.

5. Security, rate limiting, and audit logs

To protect users and maintain the integrity of the Service, we implement technical and organizational security measures, including rate limiting and limited audit logging for sensitive account actions.

Audit logs may record information such as your user identifier, the type of action performed (for example data export or account deletion), and a timestamp. These logs do not contain the content of your CVs, job analyses, or generated documents.

This processing is based on our legitimate interests in preventing abuse, ensuring security, and demonstrating compliance with user requests.

6. Your rights

Depending on your location and applicable law, you may have the right to:

• Access your personal data
• Correct or update your personal data
• Delete your personal data or your account
• Request information about how your data is processed

Most of these rights can be exercised directly through the application interface. If you require assistance, you may contact us using the details below.

7. Data controller and contact

BD Labs
Contact email: info@jobapplicationstudio.com

We may update this Privacy Policy from time to time. Any changes will be published on this page together with an updated revision date.