Privacy Policy

What we collect

ApplyCraft stores the information you enter into the product, including job application details (e.g., company, role title, job description) and any profile fields you choose to provide (e.g., headline, summary, skills, name).

When you generate outreach, we also store the generated drafts back into your application record (LinkedIn DM, email, and cover letter).

AI processing (Groq)

When you request generation, ApplyCraft sends the following information to our AI provider (Groq) to produce drafts:

• • Job description, company, and role title (from your saved application)
• • Your provided profile fields: headline, summary, skills, and optional name

Do not include passwords, API keys, private tokens, financial details, or other sensitive secrets in job descriptions or profile fields. If you paste sensitive data, it may be transmitted to the AI provider during generation.

Authentication

Authentication is handled using Supabase. ApplyCraft identifies you via your Supabase session token when you call protected endpoints.

How we use your data

• • Provide core features (tracking, saving, generating drafts)
• • Prevent abuse and maintain security
• • Improve reliability and debugging (development environments)

Data retention

Your content remains stored until you delete it inside the product or you request removal (if you later add a support channel).

Security note

No system is perfectly secure. The biggest practical risks are (1) accidentally pasting sensitive secrets into AI inputs, and (2) misconfigured database security policies. ApplyCraft relies on Supabase Row Level Security (RLS) to prevent cross-user access.