AIApply – Privacy Policy

Last updated: 2 May 2025

1. Data Collection and AI Processing in Web Application and Extension

AIApply's web application and Chrome extension may collect:

Contact data (e.g., email address)
Job-search materials you supply, such as résumés/CVs, cover letters, and job descriptions
Usage data (e.g., feature interactions, preferences, feedback)

These data are processed—sometimes with automated decision-making—so we can, for example, recommend jobs, assess skills, and draft application materials. Processing relies on contractual necessity (Art. 6 (1)(b) GDPR) and our legitimate interest in improving and securing the Services (Art. 6 (1)(f)).

2. Data Processing and Local Storage in Extension

By default, the Chrome extension performs most processing locally on your device, so résumé and job-description data stay in your browser. If you elect a cloud feature (e.g., multi-device sync), only the data required for that feature are transmitted to secured AIApply servers.

3. OpenAI API Usage in Web Application and Extension

When you request AI-generated text (e.g., a cover letter) we send the minimal necessary prompt data to the OpenAI API. AIApply instructs OpenAI not to use those prompts or outputs for model training. Returned text is stored in your account only as long as you choose to keep it or as needed to deliver the feature.

4. Mobile Application & Audio Transcription

(Applies to the AIApply iOS app)

Scope of Collection

Résumés/CVs and job descriptions you upload or paste
Audio streams and recordings created during mock- or live-interview sessions
Text transcripts of those audio streams (generated by Deepgram, Inc.)

Purpose & Legal Basis

To (a) generate real-time interview answers, (b) refine future recommendations, and (c) enhance model performance
Legal bases: contractual necessity (Art. 6 (1)(b)) and legitimate interest (Art. 6 (1)(f))

On-Device vs Cloud Processing

Audio is captured on-device and streamed directly to Deepgram for speech-to-text conversion; AIApply receives only the text transcript
Audio files are not retained by AIApply after transcription
Transcripts remain in your account until you delete them, close your account, or request earlier deletion

Third-Party Sub-processor: Deepgram, Inc.

Acts solely as a sub-processor under a GDPR-compliant Data Processing Addendum and is contractually barred from using your data for any other purpose

International Transfers

Where transcription traffic leaves the UK/EEA, it is protected by Standard Contractual Clauses or another lawful mechanism (GDPR Chapter V)

Audio & Recording Consent

By starting an interview session, you confirm that all participants have consented to being recorded and transcribed as required by law in their jurisdiction. AIApply disclaims liability for recordings made without proper notice

Data Deletion

Deleting a session or closing your account removes related transcripts from active systems within 30 days (back-ups within a further 30 days). You may request immediate deletion via [email protected]

5. Web Scraping by Extension

To help populate application forms, the extension may temporarily scrape job-posting text that appears in your browser. Scraped content is processed either on-device or—if you opt in to cloud features—stored on secure AIApply servers for as long as necessary to provide the requested functionality.

6. Log Files

Like most online services, we keep server logs (IP address, browser type, ISP, date/time stamp, referring/exit pages, click data). Logs are used for security, analytics, and troubleshooting and are not routinely tied to your identity.

7. Cookies, Web Beacons & Mobile Storage

Cookies (web app): store session tokens and user preferences to improve performance
iOS storage: uses on-device storage and Keychain; the mobile app sets no advertising cookies

8. Third-Party Data Sharing

AIApply does not sell or rent your personal data. We share data only with:

Service providers who act on our instructions (e.g., hosting, analytics, transcription) and are bound by confidentiality;
Authorities or other parties when required to comply with law, enforce terms, protect rights, or detect security issues.

9. Data Removal Upon Account Closure

Closing your AIApply account triggers deletion of personal data that are no longer needed for legal or operational reasons. Back-ups are purged within the timelines noted in Section 4.7.

10. Your Data-Protection Rights (EEA Residents)

You may request access, correction, deletion, restriction, or portability of your personal data, or object to certain processing, by emailing [email protected]. We will respond within applicable statutory time limits.

11. Changes to This Privacy Policy

We may update this Policy periodically. Any changes will be posted here with a new "Last updated" date. Where required by law, material changes will be accompanied by additional notice or consent.

12. User Responsibilities

Maintain the confidentiality of your login credentials, use strong unique passwords, and notify us promptly of any unauthorised use.

13. Policy Review & Updates

We review this Policy at least annually to ensure conformity with evolving laws, regulations, and industry standards.

14. Limitation of Liability

While we implement industry-standard safeguards, no system can guarantee absolute security. AIApply's liability is limited to the fullest extent permitted by applicable law.

15. Third-Party Links Disclaimer

Our Services may contain links to external sites not controlled by AIApply. We are not responsible for their content or privacy practices.

16. Contact Us

Questions about this Privacy Policy?

Email: [email protected]
Data Protection Officer: [email protected]
Mail: 24 Bowness Road, Little Lever, Bolton, England BL3 1UB

17. Security Safeguards

We implement reasonable technical and organisational measures—such as access controls, network-level protections, and, where appropriate, encryption—to help protect personal data against accidental or unlawful destruction, loss, or unauthorised disclosure. No security method is infallible; therefore, we cannot guarantee absolute security.

18. Automated Decision-Making & Profiling

Certain features (for example, skills scoring or job-match ranking) rely on algorithmic processing. These outputs are provided for informational purposes only and are not used by AIApply to make decisions that produce legal or similarly significant effects about you. You may contest or seek human review of any automated output by contacting [email protected].

19. Children's Privacy

Our Services are not directed to minors under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, please email [email protected] so we can promptly delete it.

20. International Data Transfers (Core Services)

AIApply's primary servers are located in the United Kingdom and the European Economic Area. Where service providers or data subprocessors are situated in jurisdictions without an adequacy decision, transfers are carried out under Standard Contractual Clauses or another lawful mechanism recognised by the UK GDPR and EU GDPR.

21. Complaints to Supervisory Authorities

You have the right to lodge a complaint with your local data-protection authority. In the United Kingdom this is the Information Commissioner's Office (ICO). We encourage you to contact us first so we can try to resolve your concern.

(End of Policy)