Privacy
Version 1.0 · Last updated 2026-05-09. App version 0.4.0.
This page summarises what Helpmefindthejob does with your data. This text is product-honest, not legal advice. It must be reviewed by counsel before commercial sale.
Privacy-first by default
Helpmefindthejob is a calm tool. We took deliberate decisions to keep it that way:
- No third-party analytics. No Google Analytics, no Plausible, no Mixpanel, no Hotjar. Your sessions are not heatmapped or session-recorded.
- No advertising network. We do not sell ads, attribute clicks, or share data with brokers.
- No surveillance feed. No "engagement" optimisation, no algorithmic ranking that profits from time-on-site, no notifications you didn't ask for.
- No third-party fonts or scripts at load time. The static surface (sign-in, privacy, terms, Impressum) loads only first-party CSS. No CDN beacons.
- Strictly necessary cookies only. Two first-party cookies (session + CSRF) and a few language / UI preference keys. No consent banner is required under § 25 TTDSG; see Data retention for the audit trail.
- Bring-your-own AI. When you click Analyze fit, you choose: paste a session-only key, configure a saved provider, or hand the prompt to your own ChatGPT/Claude subscription. We never resell your prompts to a third party.
What we store
- Your email address and a salted PBKDF2 hash of your password.
- Companies you add to your watchlist (name, website, career-page URL, sector, notes).
- Discovered jobs from public career pages and your scan history (status, errors, pages checked).
- Imported jobs you keep in your pipeline and the AI-generated brief for each.
- Your AI provider preferences, but never raw API keys. Session-only API keys you paste in the UI are sent only with one Run AI request and are never written to disk.
- Operational metadata: session tokens (hashed), last login timestamp, per-day scan/AI usage counters.
- An admin audit log of admin user-management actions (create, deactivate, role change, password reset, send invite).
What we do not collect
- Browsing history outside the app.
- Tracking pixels or third-party analytics.
- Raw payment data (no payment integration today).
Where data lives
Helpmefindthejob is self-hosted. Your data lives on the operator's server (today: a VPS hosted by the workspace admin). Backups, when configured, are local tarballs on the same host unless the operator configures off-host storage.
External services we may contact on your behalf
- Public company websites you add (only their public pages, with robots.txt respected).
- The AI provider you select — only when you explicitly click Analyze fit, Tailor CV, or Prepare brief.
- An SMTP relay for invitations and password resets, when configured.
Chat assistant — when AI intent routing is enabled
The in-app chat assistant uses two routing layers: slash-commands
(e.g. /add-company) and keyword matching — both
run locally on our server and never contact a third party.
When the operator enables AI intent classification (set via the
server-side HELPMEFINDTHEJOB_CHAT_AI_ROUTER=true + a managed
AI key), free-form chat messages that don't match a slash-command
or keyword are sent to the operator-configured upstream provider
(currently one of: OpenAI, Anthropic, Google Gemini, DeepSeek,
OpenRouter) for intent classification only. The AI receives the
text of your message plus up to the last 6 turns of the
conversation; it does not receive your CV, your
imported jobs, or any other profile data unless a separate AI
feature (Analyze fit / Tailor CV / Prepare brief) is invoked.
The AI never executes anything. It can only suggest one of a fixed
whitelist of commands (e.g. add a company, create a
saved search); the deterministic confirmation gate still
shows you the parsed arguments and asks you to confirm before any
database write. Every classification is audit-logged as a
chat_ai_route event with the input (truncated to 120
characters) and the classified command — visible to you on
request as part of your data export.
You can disable AI routing for your account by switching your AI
provider to Manual in Settings; the operator can disable
it globally by unsetting HELPMEFINDTHEJOB_CHAT_AI_ROUTER.
Per-user rate limits (currently 20 classifications per minute)
prevent abuse.
Your rights
You can export all your data from Settings → Backup & restore → Export backup. You can delete your companies, discovered jobs, and imported jobs from the app. To request full account deletion, ask the workspace admin.
Data retention
See Data retention for current default windows.
Contact
For privacy questions, contact your workspace admin.