Privacy Policy

Account information: name, email address, profile image, OAuth provider, provider account identifier, and authentication session data when you sign in with Google or GitHub.

Resume and job-search content: master resume text, resume contact details you provide, job URLs, job descriptions, company names, job titles, generated resumes, cover letters, ATS score reports, application statuses, and outreach notes or messages.

Billing and usage information: subscription tier, Stripe customer and subscription identifiers, billing status, subscription period dates, and monthly usage counters. Payment card details are collected and processed by Stripe; OneApply does not store full card numbers.

Outreach and discovery information: search queries, public profile results, LinkedIn profile URLs, work email lookup results, contact titles, contact companies, and messages generated or saved in the app.

Technical information: device and browser data, IP address, logs, cookies or similar session technologies, security events, and diagnostic data generated when you use the website.

To authenticate users, maintain sessions, and keep each user account separate from other accounts.

To provide the application workflow, including resume tailoring, PDF generation, ATS scoring, job tracking, job-board refreshes, contact discovery, and outreach message generation.

To process subscriptions, enforce free and premium usage limits, route users to Stripe Checkout or the Stripe billing portal, and reconcile Stripe webhooks.

To operate, debug, secure, and improve the service, including fraud prevention, abuse monitoring, support, analytics, and reliability work.

To comply with legal obligations, enforce our terms, and respond to valid requests from courts, regulators, payment processors, or law enforcement.

Service providers receive information only as needed to operate the service. These may include hosting and database providers, authentication providers such as Google and GitHub, AI providers such as Google Gemini and OpenRouter, payment processor Stripe, search providers such as Serper or DuckDuckGo-backed search, and contact enrichment providers such as Hunter.io.

Disclosure happens through secure product integrations, encrypted API requests, OAuth redirects, Stripe Checkout or billing portal redirects, Stripe webhooks, application database records, and server logs used to operate the service.

When you request AI generation, resume, job description, application, and outreach context may be sent to AI model providers so they can generate the requested output.

When you request job search or outreach discovery, relevant company, role, query, public profile, and contact details may be sent to search or enrichment providers to return results.

We may disclose information if required by law, to protect users or the service, or in connection with a merger, acquisition, financing, or sale of assets. We do not sell your personal information.

We use HTTPS in production, signed authentication sessions, environment-based secrets, provider-managed OAuth, and provider-managed payment collection through Stripe.

Application data is stored in a database with user ownership checks so users can access only their own resumes, applications, usage, billing state, and outreach records.

Access to production systems and secrets should be limited to people and service providers who need it to operate, maintain, or secure OneApply.

No internet service can be guaranteed completely secure. You should avoid entering information you do not want processed by the service or its providers.

We retain account, resume, application, subscription, and usage data for as long as needed to provide the service, comply with legal obligations, resolve disputes, prevent abuse, and enforce agreements.

You can update resume and application content in the app where controls are available. To request account deletion, data deletion, or a copy of your information, contact the site owner through the support channel provided for the application.

Some information may remain in backups, logs, payment records, or provider systems for a limited period where required for security, legal, accounting, or operational reasons.

OneApply is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new effective date when material changes are made.