Privacy notice.

We collect the following categories of information directly from you or generated as a result of your use of the Service.

• Account information. Your email address, and (where you authenticate through a third-party identity provider) your name and profile image.
• Profile information. Information you enter or import into the profile editor, including employment history, projects, skills, education, and contact details.
• Job postings and generated content. Job descriptions you submit (whether pasted or transmitted from the browser extension), and the resumes, cover letters, outreach drafts, fit assessments, study plans, phone-screen briefs, and interview-prep materials we generate in response. All such content is associated with your account.
• Usage records. One record per billable action (e.g. a completed generation), retained solely to enforce plan limits and to provide you with usage visibility.
• Audit log. A server-side log of account actions, used to investigate account-specific support requests and detect abuse.

We process the information described above to:

• provide, operate, and maintain the Service;
• generate, render, and deliver the documents and materials you request;
• authenticate you and secure your account against unauthorized access;
• communicate with you about the Service, including transactional notifications you have not disabled;
• enforce plan limits, process payments, and prevent abuse;
• comply with applicable law and respond to lawful requests from public authorities.

We do not use your information for behavioural advertising. We do not sell your information. We do not use your content to train third-party machine-learning models. Where the Service relies on third-party model providers for inference, those providers act as processors under terms that prohibit their use of submitted content for model training.

The optional OnPapr browser extension is activated only on a defined set of job-posting domains and only at your express direction (by clicking the extension icon or invoking the context-menu action). It does not run background processes, maintain a browsing history, or transmit page contents to the Service in the absence of an affirmative user action.

When you direct it to act, the extension transmits to your account the role title, employer name, job description text, and source URL. Authentication is established per device through a short-lived authorization flow during which you grant access; the resulting session expires automatically after ninety (90) days and may be revoked at any time by uninstalling the extension or revoking the session from Settings.

A minimal diagnostic event containing the source domain (and no personal information) may be transmitted when our parser fails to recognise a posting, to enable us to diagnose and repair the issue.

We share personal information with third-party service providers (“Sub-processors”) only as necessary to operate the Service and only under written agreements that require them to process personal information for our specified purposes and to maintain appropriate security safeguards.

The categories of Sub-processors we engage and the corresponding purposes are:

• Cloud hosting and edge networking

  Hosts the web application and serves API routes.

  Categories of data: Information transmitted in the course of your use of the Service.

• Managed database storage

  Persists account data, profile information, and generation records.

  Categories of data: The information described in section 1, encrypted at rest.

• Document rendering infrastructure

  Renders generated content into PDF documents.

  Categories of data: The structured content of generated documents (no separate identifiers).

• Object storage

  Stores rendered PDFs under access controls that require account ownership for retrieval.

  Categories of data: Rendered resume and cover-letter files.

• AI / machine-learning model inference

  Generates the textual output of the Service (resume, cover letter, calibration, study plan, phone-screen brief, interview-prep materials).

  Categories of data: The relevant portion of your profile and the job description provided. The provider is contractually prohibited from training on this input.

• Background-job orchestration

  Coordinates the multi-step generation workflow.

  Categories of data: The same content provided to model and rendering providers.

• Email delivery

  Delivers sign-in links and transactional notifications.

  Categories of data: Your email address and the contents of the message.

• Payment processing

  Processes subscription and one-time payments.

  Categories of data: Your email address and billing details you provide at checkout. We do not receive, process, or store full payment-card numbers; those are handled directly by the payment processor.

A current list of the specific Sub-processors we use within each category is available on request from privacy@onpapr.ai. Where we add a new Sub-processor that materially expands the categories of personal information shared, we will notify account-holders by email before the change takes effect.

We do not transfer personal information to any party outside of these Sub-processor relationships except where required by law or in connection with a sale or reorganisation of our business (subject in the latter case to equivalent commitments by the acquiring party).

Our Sub-processors operate infrastructure in jurisdictions that may differ from the one in which you are located. Where personal information is transferred from the European Economic Area, the United Kingdom, or Switzerland to a jurisdiction not the subject of an adequacy decision, we rely on Standard Contractual Clauses or an equivalent lawful transfer mechanism in our agreements with the relevant Sub-processor.

Depending on your jurisdiction, you may have the right to access, correct, export, restrict the processing of, or delete the personal information we hold about you, and to object to certain processing or withdraw your consent where processing is consent-based. Most of these rights you can exercise yourself from Settings:

• Access and portability. Export a complete copy of the information we hold about you in a structured, machine-readable format.
• Correction. Edit any field in the profile editor.
• Deletion. Delete your account; data is removed from active systems immediately and from backups in the ordinary backup-rotation cycle (see section 7).
• Communication preferences. Disable optional notifications.

To exercise any right not directly self-served, or to submit a complaint about our processing, contact privacy@onpapr.ai. You also have the right to lodge a complaint with the data protection authority of your jurisdiction. We will respond to verified requests within the timeframe required by applicable law, and in any event no later than thirty (30) days.

We retain personal information for as long as your account is active, plus a grace period of thirty (30) days after deletion to permit recovery from accidental deletion. After this grace period the information is purged from active storage. Personal information may persist in routine backups for up to ninety (90) days, after which it is overwritten in the ordinary backup-rotation cycle. Information we are required to retain for legal, accounting, tax, or regulatory purposes (for example, payment records) is retained for the period prescribed by the applicable law.

You may request immediate hard deletion (bypassing the grace period and prompting an out-of-cycle backup purge) by writing to privacy@onpapr.ai.

We use cookies only for purposes that are strictly necessary to provide the Service: maintaining your authenticated session, protecting against cross-site request forgery, and recording your dismissal of the cookie notice. We do not use cookies for analytics, advertising, or behavioural tracking, and we do not embed third-party tracking pixels.

All transport between your device and the Service is encrypted in transit using industry-standard TLS. Authentication is managed through short-lived, signed credentials. Stored personal information is encrypted at rest by the underlying managed-database provider. Generated documents are stored under access controls that require account ownership for retrieval; the storage URL alone is not sufficient to read a document.

No system can be guaranteed entirely free from risk of breach. In the event of a personal-information breach affecting you, we will notify you and any relevant supervisory authority as required by applicable law.

The Service is not directed to children under the age of sixteen (16), and we do not knowingly collect personal information from such children. If you believe a child has provided personal information to us, contact privacy@onpapr.ai and we will delete the information.

We may update this notice from time to time. The date at the top of the page reflects the most recent revision. Where a change materially affects how we process your personal information, we will notify you in advance by email or through the Service. Continued use of the Service after the effective date of a revision constitutes acknowledgement of the revised notice.

For privacy-related inquiries, data-subject requests, or complaints, contact privacy@onpapr.ai.