Legal

Privacy Policy

Last updated: 25 May 2026

This policy describes what data the Jobyfi Chrome extension ("Jobyfi", "we", "us") collects, where it goes, and what you can do about it. The intent is readable and honest — not a wall of legalese.

If anything below is unclear, email jobyfi@robertocanini.dev and a human will answer.

1. The short version

Your resume and profile are stored on your own computer, in your browser's storage. We don't put them in a database.
When you click "generate cover letter", we send the job description on that page and a copy of your resume to Google Gemini through our server. Gemini returns the letter. We do not keep either input or output.
We do not run analytics. We do not track your browsing. We do not sell data.
Payment is handled by ExtensionPay (which uses Stripe). We never see your card number.

2. Data we collect

2.1 Data you give us (stays on your device)

When you onboard, you either upload a resume PDF or paste resume text. From that we extract and store a structured profile, which includes:

Name, email, phone, location.
Optional links: LinkedIn, GitHub, portfolio.
Work history (titles, companies, dates, bullets).
Education (schools, degrees, dates).
Skills.
Work preferences (authorisation status, sponsorship needs, salary minimum, remote preference).
The raw text of your resume.
The raw bytes of your resume PDF if you uploaded one — kept locally so Jobyfi can auto-attach the file to applications without you re-picking it every time.
The last 20 cover letters Jobyfi has generated for you, along with the job title, company, and a 240-character excerpt of the job description. This powers the "Letters" tab in the popup so you can revisit or re-copy past letters.
Application records — every time you click the Jobyfi button on a job page, a record is auto-created with the company, role, ATS, date, and the cover letter you sent. Visible in the "Apps" tab. Used for the built-in application tracker. Capped at the 500 most-recent entries.
Custom answers — when you save an answer to a form question Jobyfi didn't fill (like "Notice period?"), it lives in your local storage and is reused on future forms with matching field labels. Editable and deletable from the "Answers" tab in the popup.
Voice & personality settings, if you set them — tone preference, writing samples, signature phrases, and phrases to avoid. Sent to the Worker only when you generate a cover letter, never retained server-side.

All of this data is stored in chrome.storage.local, which lives on your computer. It is not transmitted to us. It is not synced to any cloud unless you explicitly enable Chrome's profile sync, which is a Google feature, not ours. You can wipe it at any time using the "Reset profile" button in the Profile tab and the "Clear all" buttons in the Apps, Answers, and Letters tabs.

2.2 Data sent at the moment you generate a cover letter

When you click the "Generate cover letter" button:

Your browser sends — to our Cloudflare Worker proxy — a request containing: (a) the job description text visible on the page, (b) the job title and company name visible on the page, (c) a copy of the relevant fields from your locally-stored profile, and (d) an authentication token issued by ExtensionPay.
The proxy validates the token, applies rate limits, and forwards the prompt to Google Gemini (Google's generative AI API).
Gemini returns the cover-letter text. The proxy streams it back to your browser.
Neither the input nor the output is written to a database or log on our side. Our error logs contain only HTTP status codes and the opaque ExtensionPay user identifier.

2.3 Data sent at the moment you parse a resume

The same flow as above, with one of two inputs depending on how you onboarded:

If you pasted text: the raw resume text is sent to Gemini.
If you uploaded a PDF: the PDF bytes are sent to Gemini's multimodal endpoint, which extracts both the structured profile fields AND the readable text from the document.

Output is a structured profile JSON plus (for the PDF flow) the extracted resume text. Same retention as cover letters: not kept on our side after the response.

2.4 Request metadata used for abuse prevention

Our Cloudflare Worker proxy logs the following non-content metadata for each request, retained up to 30 days:

Timestamp.
Endpoint name and HTTP status code.
Latency in milliseconds.
Prompt and completion token counts (so we can monitor cost).
Your opaque ExtensionPay or install identifier.
Your source IP address, used to enforce a per-IP daily ceiling on parse requests so a malicious actor cannot drain our LLM budget by cycling install IDs from one machine. Paid (Pro) users skip this IP cap.

We do NOT log: resume content, job-description content, cover-letter content, or any of your profile fields.

2.5 Data we do not collect

We do not collect browsing history.
We do not collect click streams, mouse position, scroll behaviour, or any analytics events.
We do not embed Google Analytics, Meta Pixel, or any third-party tracker.
We do not collect device location.
We do not read pages you visit unless you click the Jobyfi button on that page.

3. Third parties we use

Vendor	What they do for you	What they see
Google Gemini (Google LLC)	Generates cover letters and parses resumes.	The job description text, resume text, and prompt sent at the moment of generation. Google's API terms apply. Google has stated paid API usage is not used to train models.
ExtensionPay (Glide Apps)	Identifies paid users and tells our proxy whether you're on the free or paid tier.	An opaque user identifier. They handle Stripe checkout.
Stripe (via ExtensionPay)	Processes payment.	Your name, email, billing address, card details — directly, never through us. Stripe's policy.
Cloudflare	Hosts our proxy and landing page.	IP-level request metadata as part of normal serving and DDoS protection.

We have no other data processors.

4. Legal basis (GDPR / UK GDPR)

Article 6(1)(b) — Performance of a contract: we process your profile and the data you send through the proxy to deliver the service you signed up for.
Article 6(1)(f) — Legitimate interests: minimal request metadata is processed for security, abuse prevention, and rate-limit enforcement.

We do not rely on Article 6(1)(a) (consent) for service operation, because we don't process anything optional.

5. Your rights

You can, at any time:

Access your data — it lives on your own machine in chrome.storage.local. Use the Profile tab in the popup to view and edit every field. Use the Letters and Apps tabs to see stored cover letters and application history. Browsers also expose chrome.storage contents via DevTools if you want a raw dump.
Delete your data — "Reset profile" in the Profile tab wipes your stored resume (text and PDF bytes), parsed fields, and saved custom answers. "Clear all" in the Letters tab wipes every stored cover letter; "Clear all" in the Apps tab wipes the application tracker. Uninstalling the extension wipes everything, including your install identifier. We have nothing else to delete on our side.
Cancel your subscription — open the popup, click your plan, then "Manage subscription" — that opens Stripe's customer portal where you can cancel, pause, change plan, or download invoices.
Object or complain — email jobyfi@robertocanini.dev or contact your data protection authority. EU residents can reach their national DPA.

We will respond to verifiable requests within 30 days.

6. International transfers

Google Gemini is operated by Google LLC in the United States. By using the cover-letter feature, you accept that the request payload is transferred to the United States for processing. Google's Standard Contractual Clauses apply where required.

Cloudflare serves our proxy from edge locations; the closest one to you handles your request.

7. Children

Jobyfi is intended for adults applying to jobs. We do not knowingly collect data from anyone under 16.

8. Changes to this policy

If we change anything that affects what data is collected or who it is shared with, we will update the date at the top of this page and notify active users through the extension popup at next launch.

9. Contact

Email: jobyfi@robertocanini.dev
Postal address: to be added once the operating entity is finalised — owner action item.

← Back to Jobyfi