We use cookies to improve your experience

    We use essential cookies to authenticate you and store your preferences. Optional cookies help us understand how you use our service. Learn more about cookies or view our Privacy Policy.

    This document is provided in English. The German version is legally binding for users in Germany.

    Last Updated: 3/16/2026

    Privacy Policy

    1. Introduction

    Executive Applications ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

    2. Information We Collect

    2.1 Information You Provide

    • Account Information: Email address, name (from Google OAuth)
    • Profile Information: Language preferences, account settings
    • LinkedIn Information: LinkedIn profile URLs provided during registration, and LinkedIn profile documents you upload for our profile consistency audit feature. We use this to contact you regarding your account, offer onboarding assistance, or gather feedback about our service.
    • CV/Resume Data: Work experience, education, skills, and other information in uploaded CVs
    • Job Data: Job descriptions, job titles, company names you're tracking
    • Analysis Data: Your interactions with our matching and analysis features

    2.2 Automatically Collected Information

    • Usage Data: Pages visited, features used, time spent on the platform
    • Device Information: Browser type, operating system, IP address
    • Cookies and Similar Technologies: Session cookies, preference cookies
    • Authentication Data: Login timestamps, session tokens

    3. How We Use Your Information

    We use your information to:

    • Provide, maintain, and improve the Service
    • Analyze CVs and match them with job descriptions using AI
    • Authenticate your identity and manage your account
    • Process your subscription and payments
    • Send service-related notifications and updates
    • Respond to your support requests
    • Contacting you via LinkedIn regarding your account, onboarding assistance, or to gather feedback (Art. 6(1)(b) GDPR - contract performance; Art. 6(1)(f) GDPR - legitimate interest in customer success)
    • Detect and prevent fraud and abuse
    • Comply with legal obligations
    • Improve our AI models and algorithms (anonymized data only)

    4. Third-Party Services

    We use the following third-party services that may collect and process your data:

    4.1 Supabase (Data Storage & Authentication)

    We use Supabase to store your account data, CVs, and job information. Supabase is GDPR compliant and SOC 2 Type II certified.

    • Purpose: Database hosting, authentication, real-time features
    • Data Shared: All user data and uploaded content
    • Location: EU North region (Europe)
    • Privacy Policy: supabase.com/privacy

    4.2 Google OAuth (Authentication)

    We use Google OAuth for user authentication. Google may collect information according to their privacy policy.

    • Purpose: User authentication
    • Data Shared: Email address, profile name, profile picture (optional)
    • Privacy Policy: policies.google.com/privacy

    4.3 Anthropic (Claude AI)

    We use Anthropic's Claude AI for CV analysis, job matching, document generation, and web search capabilities.

    • Purpose: AI-powered CV analysis, job matching, document generation, and web research
    • Data Shared: CV content, job descriptions
    • Data Retention: According to Anthropic's data retention policy
    • Privacy Policy: anthropic.com/privacy

    4.4 Bright Data (Data Collection Services)

    We use Bright Data exclusively for collecting publicly available job posting information. This service does NOT process any of your personal data, CV content, or uploaded documents.

    • Purpose: Collecting publicly available job descriptions and posting information
    • Data Shared: None of your personal data — only public job posting URLs
    • Privacy Policy: brightdata.com/privacy

    5. Cookies and Tracking Technologies

    We use the following types of cookies:

    5.1 Essential Cookies

    Required for authentication and basic functionality of the Service. These cannot be disabled.

    5.2 Preference Cookies

    Store your language preferences and UI settings.

    5.3 Analytics Cookies (Future)

    We may implement analytics tools in the future to understand how users interact with our Service. You will be able to opt out via our cookie settings.

    6. Data Retention and Deletion

    • Active Accounts: Data retained while account is active
    • Deleted Accounts: Data deleted within 30 days of account deletion
    • Inactive Accounts: Accounts inactive for 24 months may be deleted with notice
    • Backup Data: May persist in backups for up to 90 days

    You can request deletion of your data at any time through your privacy settings. We will delete your data within 30 days unless we are legally required to retain it.

    7. Your Rights

    You have the right to:

    • Access: Request a copy of your personal data
    • Rectification: Correct inaccurate data
    • Erasure: Request deletion of your data ("right to be forgotten")
    • Data Portability: Export your data in a machine-readable format
    • Restriction: Restrict processing of your data
    • Object: Object to processing of your data
    • Withdraw Consent: Withdraw your consent at any time

    You can exercise these rights through your privacy settings or by emailing [email protected]. We will respond to your request within 30 days.

    8. Data Security

    We implement industry-standard security measures including:

    • Encryption in transit (HTTPS/TLS)
    • Encryption at rest
    • Regular security audits and updates
    • Access controls and authentication
    • Secure data centers (Supabase EU North)

    However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

    9. International Data Transfers

    Your data is primarily stored in the EU (Supabase EU North region). When using Anthropic services (Claude AI), your data may be transferred to the United States or other countries where Anthropic operates. These transfers are protected by appropriate safeguards such as Standard Contractual Clauses.

    10. Children's Privacy

    Our Service is not directed to persons under 16 years of age. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, please contact us and we will delete such information.

    11. Do Not Track

    We respect Do Not Track (DNT) browser settings. When DNT is enabled, we limit data collection to essential functionality and do not use optional analytics or marketing cookies.

    12. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last Updated" date at the top of this policy indicates when it was last revised.

    13. Contact

    For privacy-related questions or to exercise your rights, contact us at:

    Email: [email protected]

    Data Protection Officer: [email protected]

    14. Complaints

    If you believe we have violated GDPR, you have the right to file a complaint with your local data protection authority.