1. Introduction

Apply Today AI, Inc. ("we," "us," or "our") operates Intelligent Resume™, a service that helps users create professional résumés through voice-guided conversations with an AI assistant. This Privacy Policy describes how we collect, use, retain, and protect your personal information when you use Intelligent Resume™.

Intelligent Resume™ is designed to minimize data collection and automatically delete your information within 90 minutes of session completion or expiration. We do not create user accounts, store audio recordings, or use your data for AI training purposes.

By using Intelligent Resume™, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

When you use Intelligent Resume™, you provide:

• Full Name
• Email Address (required to receive your completed résumé)
• Phone Number (optional)
• LinkedIn Profile URL (optional)
• Target Industry (optional)

2.2 Information Generated During Your Session

During your conversation with the AI assistant:

• Voice audio (processed in real time, not stored)
• Transcript (temporary, deleted within 90 minutes of session completion)
• Extracted résumé content (work experience, education, skills, achievements)

2.3 Automatically Collected Technical Information

• Session identifiers
• Browser and device type
• IP address (security & fraud prevention)
• Timestamps
• Basic error logs and performance diagnostics

2.4 Information We Do Not Collect

We do not collect:

• Account credentials
• Demographic data
• Browsing history
• Fingerprints or persistent identifiers
• Advertising identifiers
• Payment card numbers (Stripe only)

2.5 GDPR Transparency Requirements (EU/UK Users)

For users in the European Union and United Kingdom, we provide the following information as required by the General Data Protection Regulation (GDPR):

Data Controller Information

• Name: Apply Today AI, Inc.
• Address: 5717 Legacy Dr., Suite 250, Plano, TX 75024, United States
• Email: privacy@applytodayai.com

Legal Basis for Processing

• Consent (GDPR Article 6(1)(a)) for resume generation
• Contractual Necessity (GDPR Article 6(1)(b)) for service delivery
• Legitimate Interests (GDPR Article 6(1)(f)) for fraud prevention

Special Category Data

We do not intentionally collect special category data (race, ethnicity, health, religion, etc.). If you voluntarily include such information in your resume content, we process it under GDPR Article 9(2)(a) (explicit consent).

Data Protection Officer

Not required under GDPR (we process data of fewer than 250 employees, and we do not engage in large-scale processing of special category data).

Storage Location

All data is processed in the United States. See Section 10 for information about international transfer mechanisms.

Automated Decision-Making

We use AI to structure and format your resume based on your interview responses. This is not automated decision-making with legal or similarly significant effects under GDPR Article 22, as you review and approve the final resume.

Right to Withdraw Consent

You may withdraw consent at any time by emailing privacy@applytodayai.com. Withdrawal does not affect the lawfulness of processing before withdrawal.

2.6 Canadian Residents (PIPEDA)

Under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), we process your personal information based on:

Express Consent

By using Intelligent Resume™, you expressly consent to:

• Collection of your contact and professional information
• Use for resume generation purpose only
• Retention for up to 90 minutes (successful sessions) or 7 days (failed sessions)
• Transfer to the United States for processing

Implied Consent

We rely on implied consent for:

• Technical logs necessary for service operation
• Payment records for fraud prevention and accounting

Withdrawal of Consent

You may withdraw consent at any time by contacting privacy@applytodayai.com.

Withdrawal will result in:

1. Immediate cessation of processing
2. Deletion of all data within 24 hours
3. Full refund if resume has not yet been delivered

Office of the Privacy Commissioner

If you believe we have violated PIPEDA, you may file a complaint at: https://www.priv.gc.ca/en/report-a-concern/file-a-formal-privacy-complaint/

2.7 Analytics and Performance Tracking

We use Google Analytics to understand how users interact with our service:

What we collect:

• Page views and navigation patterns
• Button clicks and user interactions
• Session duration and completion rates
• Device type and browser information

Purpose:

To improve user experience and service performance

Your choices:

• You can accept or decline analytics cookies via the banner that appears on your first visit
• Change your preference anytime at Cookie Settings
• Enable "Do Not Track" in your browser settings
• Use ad blockers like uBlock Origin

Data retention:

• Google Analytics retains data for 14 months
• Cookie consent preference stored in your browser indefinitely

Legal basis:

• GDPR: Your consent (Article 6(1)(a))
• We do not use analytics cookies without your explicit consent

For more information about Google Analytics privacy practices, see Google's Privacy Policy.

3. How We Use Your Information

We use your information solely to:

• Generate your résumé
• Email you your completed résumé (PDF)
• Operate the service and ensure reliability
• Process payment via Stripe
• Prevent fraud or abuse
• Comply with legal obligations

We do not use your data for marketing, profiling, advertising, or analytics beyond service delivery.

4. Data Processing and Third-Party Services

4.1 ElevenLabs (Voice Processing)

Configured as follows:

• train_using_data: false
• store_audio: false
• store_transcript: false

ElevenLabs processes your voice in real time and discards audio immediately. No recordings are kept.

4.2 OpenAI (Résumé Generation)

We send only extracted résumé content — never your name, email, phone number, or LinkedIn URL.

OpenAI:

• does not train on your data
• does not retain your data beyond processing
• uses your content only to format the résumé

4.3 Stripe (Payment Processing)

We do not access or store your card information.

4.4 Email Delivery Provider

Used only to send your résumé PDF.

4.5 Supabase (Temporary Data Storage)

Used for:

• temporary transcripts
• temporary structured résumé content
• temporary session data

All deleted within 90 minutes of session completion or expiration.

5. Data Retention and Deletion

5.1 Immediate Deletion

• Voice audio
• Failed audio fragments

5.2 Within 90 Minutes of Session Completion

• Transcript
• Structured résumé data
• Processing artifacts
• Intermediate AI outputs

5.3 Session Metadata

Temporary, deleted within 90 minutes.

5.4 Payment Records

Maintained by Stripe per legal requirements.

5.5 No Long-Term Storage

Nothing is stored for future use.

5.6 Failed Session Classification

A session is considered "failed" when one or more of these conditions occur:

• Payment successfully processed but no transcript received within 24 hours
• System error during resume generation (as logged by our monitoring systems)
• User reports a technical issue preventing resume delivery within 7 days

Retention for Failed Sessions

Failed sessions are retained for up to 7 days solely for the purpose of:

• Processing refund requests
• Diagnosing technical issues
• Providing customer support

All other sessions (successful completions) are automatically deleted within 90 minutes of session completion or expiration.

Verification of Deletion

You may verify deletion by contacting privacy@applytodayai.com with your session ID. We will confirm deletion status within 48 hours.

6. AI Training and Data Usage Restrictions

Your data is never used for AI training by:

• Apply Today AI, Inc.
• ElevenLabs
• OpenAI

Your data is used only to generate and deliver your résumé.

7. Data Security

Security measures include:

• HTTPS encryption
• Secured encrypted storage
• Limited access controls
• Stripe-isolated payment processing
• Automated deletion
• No persistent identifiers

We strive to protect your information but cannot guarantee absolute security.

8. Your Rights and Choices

8.1 Data Subject Rights

You may exercise the following rights regarding your personal information:

8.2 How to Exercise Your Rights

Email: privacy@applytodayai.com

Include:

• Your full name
• Email used for the session
• Session ID (if known)
• Specific request

Response Time

• Standard requests: Within 30 days
• Complex requests: Within 60 days (we will notify you of extension)

Identity Verification

For security, we verify requests via:

• Email confirmation sent to the address used for your session
• Session ID + last 4 digits of payment amount

8.3 No Fee for Requests

We do not charge a fee for rights requests, except where requests are:

• Manifestly unfounded
• Excessive (e.g., requesting data that was already deleted per our schedule)
• Repetitive beyond what's reasonable

8.4 Right to Lodge a Complaint

If you believe we have violated your privacy rights, you may:

EU/UK Residents

Lodge a complaint with your national Data Protection Authority. List available at: https://edpb.europa.eu/about-edpb/board/members_en

Canadian Residents

File a complaint with the Office of the Privacy Commissioner of Canada. Website: https://www.priv.gc.ca

U.S. Residents

Contact your state Attorney General's consumer protection division.

9. Children's Privacy

Not for individuals under 18.

We delete any inadvertently collected data immediately.

10. Cross-Border Processing Notice

Intelligent Resume™ processes all data in the United States. For users located outside the United States:

10.1 Legal Mechanisms for International Transfers

EU/UK Users

We rely on Standard Contractual Clauses (SCCs) approved by the European Commission (2021 version) for transfers from the EU/UK to the U.S.

Canadian Users

We process under PIPEDA's consent-based framework for cross-border data transfers.

Other Jurisdictions

We obtain explicit consent for cross-border processing where required by applicable law.

10.2 Requesting Transfer Documentation

You may request a copy of our Standard Contractual Clauses or other transfer mechanisms by emailing:

Email: privacy@applytodayai.com
Subject: "Data Transfer Documentation"

10.3 Withdrawal of Consent

You may withdraw consent for international transfer at any time. Withdrawal will require us to:

1. Immediately cease processing your data
2. Delete all stored information within 24 hours
3. Issue a full refund if resume has not yet been delivered

By using Intelligent Resume™, you acknowledge and consent to this processing where required by applicable law.

11. Changes to This Privacy Policy

We may update this policy and will post the new effective date when we do.

12. Contact Information

12.1 Data Breach Notification

In the unlikely event of a data breach affecting your personal information:

Notification Timeline

We will notify you within 72 hours of discovering the breach. Notification will be sent to the email address used for your session.

Information We Provide

• Nature of the breach (what data was affected)
• Likely consequences of the breach
• Measures we have taken to address the breach
• Measures you can take to protect yourself

Regulatory Notification

Where required by law, we will also notify relevant supervisory authorities within 72 hours of discovery.

Breach Prevention Measures

We employ the following safeguards:

• Encrypted data transmission (HTTPS/TLS 1.3)
• Encrypted data at rest
• Automated deletion schedules (minimize exposure window)
• Regular security audits
• Limited employee access to data

Because most data is automatically deleted within 90 minutes of session completion or expiration, the window for potential breach exposure is minimal.

12.2 Contact Details

13. California Residents - Your Privacy Rights

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have additional rights.

13.1 Categories of Personal Information We Collect

We collect the following categories of personal information:

• Identifiers: Name, email address, IP address, session ID
• Professional Information: Work history, skills, education, achievements
• Audio Data: Processed in real-time during interview (not stored)
• Payment Information: Handled by Stripe (we do not access card details)

13.2 Business Purpose for Collection

We collect and use this information for:

• Resume generation and delivery
• Payment processing
• Service operation and support
• Fraud prevention and security

13.3 We Do Not Sell or Share Your Information

13.4 Right to Opt-Out of Sale/Sharing

Because we do not sell or share personal information, no opt-out is necessary.

13.5 Right to Limit Use of Sensitive Personal Information

We use sensitive information (work history, education) only for the intended service purpose. We do not use it for additional purposes requiring limitation rights.

13.6 Shine the Light Law

California residents may request information about disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information for such purposes.

13.7 Contact for California Privacy Rights

Email: privacy@applytodayai.com
Subject: "California Privacy Rights Request"
Response Time: 30 days