Privacy Policy

This Privacy Policy describes how TryApplyNow (“TryApplyNow,” “we,” “us,” or “our”), operated by [LEGAL ENTITY NAME] with its principal place of business in Jersey City, New Jersey, USA, collects, uses, discloses, and otherwise processes information in connection with:

• our website at tryapplynow.com and its sub-domains;
• our Chrome browser extension;
• our APIs, emails, and related services (collectively, the “Service”).

For data processing subject to the EU / UK General Data Protection Regulation (“GDPR”), TryApplyNow acts as the data controller. For data processing subject to the California Consumer Privacy Act / California Privacy Rights Act (“CCPA/CPRA”), TryApplyNow is a “business.” For data processing subject to the Indian Digital Personal Data Protection Act, 2023 (“DPDP Act”), TryApplyNow is a “Data Fiduciary.”

This Policy does not apply to third-party websites, services, or employers to which you may submit a job application. Those are governed by their own privacy notices.

2.1 Information you provide directly

• Account & identity data: name, email address, password hash, authentication tokens, profile photo (if uploaded).
• Career data: resume, CV, work history, education, skills, certifications, desired titles, target salary, location preferences, visa / work-authorization status (only when you provide it).
• Job application data: jobs saved, jobs applied to, notes, tailored-resume outputs, application status.
• Communications: support tickets, feedback, survey responses, and correspondence with us.
• Payment data: billing name and email, subscription tier, trial status and trial end date, and tokenized card identifiers. Full card numbers are collected and stored by Stripe, Inc.; we never see or store raw card numbers.

2.2 Information collected automatically

• Device & log data: IP address (truncated where feasible), user-agent, referrer, device type, OS version, timestamps, pages viewed, features used, crash reports.
• Cookies & similar technologies: session cookies, preference cookies, analytics identifiers — see Section 12.
• Derived data: AI-generated match scores, skill vectors, and resume embeddings derived from the data you provide.

2.3 Information from third parties

• Job data sources: public job-board APIs (JSearch / RapidAPI) and ATS feeds we aggregate to power search. This data is about employers and roles, not about you.
• Email-finder providers: when you use the email-finder tool, we query providers (People Data Labs, Prospeo, Hunter, Snov) and return the result to you. The queried name/company is logged for anti-abuse.
• OAuth sign-in: if you sign in with Google or another identity provider, we receive your email, name, and a provider-issued user ID per your authorization.

2.4 Sensitive categories

We do not intentionally collect sensitive personal information (e.g., racial or ethnic origin, health data, religious beliefs, sexual orientation, biometric data, precise geolocation, or government identifiers). Your resume may contain such information if you choose to include it — we treat all resume content as confidential and process it only to deliver the Service.

• Provide the Service: authenticate you, match you to jobs, compute match scores, generate tailored resumes, find recruiter contacts, send follow-up reminders.
• Billing & fraud prevention: process payments via Stripe, detect abuse, enforce usage limits.
• Communicate with you: service announcements, transactional emails, support responses, and — with your consent or where permitted — occasional product updates. You may opt out of marketing email at any time via the unsubscribe link.
• Improve and secure the Service: analyze aggregated usage, fix bugs, monitor for security incidents, train internal (non-customer-facing) quality metrics. We do not use your resume or personal content to train third-party foundation models.
• Legal & compliance: comply with applicable laws, respond to lawful requests, enforce our Terms, protect our rights and those of our users.

Where GDPR applies, we rely on the following legal bases:

• Contract (Art. 6(1)(b)): to provide the Service you requested (account, matching, tailoring, payments).
• Legitimate interests (Art. 6(1)(f)): to secure the Service, prevent fraud, analyze aggregated usage, and improve product quality. We balance these interests against your rights and freedoms.
• Consent (Art. 6(1)(a)): for non-essential cookies, optional marketing communications, and any future processing that requires it. You may withdraw consent at any time.
• Legal obligation (Art. 6(1)(c)): retention of tax / billing records; response to lawful requests.

We do not process sensitive categories of data under Art. 9 unless you voluntarily include such information in your resume, in which case processing is limited to delivering the Service and rests on your explicit consent to the processing of the resume you upload.

We use machine-learning and large-language-model systems to produce match scores, rerank search results, and generate tailored resumes. These outputs are advisory — they inform your decisions; they do not make legally significant decisions about you, do not determine access to employment, and are not shared with employers without your action.

You have the right to understand and contest automated outputs that affect you. If you believe an output is wrong or harmful, email privacy@tryapplynow.com for human review.

AI requests are sent to our model providers under contractual terms that prohibit use of your inputs for training their foundation models. See Section 7.

We do not sell your personal information. We do not “share” personal information for cross-context behavioral advertising as defined by the CPRA. We disclose information only as follows:

• Service providers / sub-processors acting on our instructions under written agreements (see Section 7).
• Corporate events: in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets — subject to this Policy or equivalent protection.
• Legal process: to comply with a subpoena, court order, or other lawful request, or to protect the safety, rights, or property of our users, ourselves, or the public.
• With your direction or consent: e.g., when you choose to apply to a job via a third-party site.

As of the Last Updated date, we use the following sub-processors. We update this list as it changes.

Each sub-processor is bound by confidentiality and data-protection terms that materially conform to applicable law.

TryApplyNow is based in the United States. If you access the Service from outside the USA, your data will be transferred to, stored, and processed in the United States and other jurisdictions where our sub-processors operate.

Where we transfer personal data out of the EEA, UK, or Switzerland, we rely on the European Commission's Standard Contractual Clauses (2021 modules), the UK International Data Transfer Addendum, or another lawful mechanism, together with supplementary measures where appropriate.

Where we transfer personal data out of India, we rely on the mechanisms permitted under the DPDP Act 2023 and rules notified thereunder.

• Account data: retained while your account is active.
• After account deletion: personal data is deleted or irreversibly anonymized within 30 days, subject to the exceptions below.
• Billing & tax records: retained for up to 7 years to comply with US tax and financial recordkeeping obligations.
• Security & abuse logs: retained for up to 12 months.
• Anonymized / aggregated analytics: retained indefinitely; cannot be linked back to you.
• Legal holds: we may retain specific data longer if required by law or to exercise or defend legal claims.

We apply technical and organizational measures designed to protect personal data, including: TLS 1.2+ in transit; encryption at rest on our database and object storage; scoped service-role credentials; row-level security policies; least-privilege access controls; logging and monitoring; background checks on personnel with production access; and a documented incident response plan.

No system is perfectly secure. We cannot guarantee absolute security and urge you to use a strong, unique password and to enable multi-factor authentication where available.

If we become aware of a personal-data breach that poses a risk to you, we will notify affected users and the relevant supervisory authorities as required by applicable law, including within 72 hours where the GDPR applies and in the manner and timeframes required by the DPDP Act 2023 and applicable US state laws (including the New Jersey Data Breach Notification Act).

We use the following categories of cookies and similar technologies:

We do not use cookies or pixels for cross-context behavioral advertising.

Our Chrome extension is subject to the Chrome Web Store User Data Policy, including the limited-use requirements. We certify that:

• We use the permissions requested only to provide user-facing, single-purpose functionality described in the extension's Web Store listing.
• We do not sell user data.
• We do not use or transfer user data for purposes unrelated to the extension's single purpose.
• We do not use or transfer user data to determine creditworthiness or for lending purposes.
• We do not use user data to serve advertising.

Permissions used

• Storage — persist session and settings locally.
• Active Tab — read the current job page only when you invoke the extension.
• Downloads — save tailored-resume files you generate.
• Host permissions (linkedin.com, indeed.com, glassdoor.com) — detect job pages and display the sidebar only on those sites.

The extension does not access your email, messages, financial accounts, or any site outside the listed hosts.

Regardless of your location, you may:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your account and associated personal data.
• Export a portable copy of your data (JSON).
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.
• Opt out of marketing via any unsubscribe link or by emailing us.

Most rights can be exercised from Account › Settings › Privacy, or by emailing privacy@tryapplynow.com. We respond within 30 days (extendable once by an additional 60 days for complex requests, with notice to you). We may need to verify your identity before fulfilling a request.

We do not discriminate against you for exercising any of these rights.

California residents have the following rights in addition to Section 14:

• Right to know the categories and specific pieces of personal information we collect, use, disclose, and sell/share.
• Right to delete personal information we collected from you.
• Right to correct inaccurate personal information.
• Right to opt out of sale/sharing. We do not sell or share personal information as those terms are defined by the CPRA.
• Right to limit use of sensitive personal information. We do not use sensitive personal information for purposes requiring a limit-use right.
• Right to non-discrimination for exercising any of these rights.

Categories collected (past 12 months)

• Identifiers (name, email, IP, account ID)
• Commercial information (subscription tier, billing history)
• Internet / network activity (log and usage data)
• Professional / employment information (resume content, preferences)
• Inferences (match scores, skill vectors)

We do not have actual knowledge of selling or sharing the personal information of consumers under 16.

To submit a verifiable request, email privacy@tryapplynow.com with the subject line “California Privacy Request.” You may designate an authorized agent in writing.

If you are in the European Economic Area, the United Kingdom, or Switzerland, in addition to the rights in Sections 14, you have the right to lodge a complaint with your supervisory authority. A list of EEA supervisory authorities is available at edpb.europa.eu. UK residents may complain to the Information Commissioner's Office.

We do not currently have an EU/UK-established representative. If required in the future, we will appoint one and update this Policy.

If you are a Data Principal in India, you have the following rights under the DPDP Act 2023:

• Right to access summary of personal data processed and processing activities.
• Right to correction and erasure of personal data.
• Right of grievance redressal (see contact below).
• Right to nominate another individual to exercise rights in the event of death or incapacity.

Children and persons with disabilities under guardianship: we do not knowingly process personal data of children (under 18 in India) without verifiable parental / guardian consent. If you believe a child has provided us data, contact the grievance officer below and we will delete it.

Grievance Officer (India): [GRIEVANCE OFFICER NAME], reachable at grievance@tryapplynow.com. We acknowledge grievances within 72 hours and resolve them within 30 days as required by the Act.

New Jersey residents benefit from the New Jersey Data Privacy Act (effective January 2025). You have rights to access, delete, correct, and port your personal data, and to opt out of targeted advertising, sale of personal data, and certain profiling. TryApplyNow does not engage in targeted advertising, sale of personal data, or significant-effect profiling. To exercise your rights or appeal a denied request, contact privacy@tryapplynow.com.

The Service is not directed to children under 18. We do not knowingly collect personal information from anyone under 18 without verifiable parental or guardian consent. If you believe we hold data about a child, contact privacy@tryapplynow.com and we will delete it.

We do not engage in cross-site tracking and do not serve targeted advertising, so “Do Not Track” browser signals do not materially change our processing. Where required by law (e.g., California, Colorado, Connecticut), we recognize the Global Privacy Control (GPC) signal as an opt-out of sale/sharing and targeted advertising.

We may update this Policy to reflect changes to our practices or legal requirements. When we make material changes, we will provide notice (e.g., by email or prominent in-product notice) and update the Last Updated date. Your continued use of the Service after a change takes effect means you accept the updated Policy.

For privacy questions or to exercise your rights: