If you only read this box:
- We collect what a job application needs: contact details, resume, work history, preferences, visa status, and your saved screening answers.
- AI providers (OpenAI via Cloudflare, Google) process your resume, chat, and applications to power the product; they don't train on your data.
- When auto-apply runs, your application data goes to the employer's hiring system, the browser session is recorded, and on Max a human specialist may finish blocked applications.
- We never sell your data. We do use analytics (PostHog) and ad-measurement pixels (Meta, TikTok, Google, X) that share hashed identifiers; you can block them.
- Delete your account in Settings → Privacy: it's a real, immediate hard delete of your profile, files, chats, and recordings.
Introduction
ScoutJobs is an AI-powered job search platform operated by Kasovy LLC, a company registered in Wyoming, United States. We help you find jobs, prepare application materials, and, when you ask us to, submit applications on your behalf. Doing that well requires handling a significant amount of your personal information, so this policy aims to be specific rather than vague: what we collect, what we do with it, who else touches it, and how you get rid of it.
This policy applies to the ScoutJobs website, the talent dashboard, our email communications, and our API. By using ScoutJobs you agree to the practices described here.
Information we collect
Account and profile data. Your name, email address, password (stored hashed) or social sign-in identity (Google or LinkedIn), two-factor authentication secrets if you enable them, phone number, LinkedIn and portfolio URLs, city and country, profile photo, skills, languages, bio, work history, education, certifications, and projects.
Job search preferences. Desired roles and industries, preferred locations and remote preference, salary expectations, availability, search urgency, and per-country visa or work-authorization status.
Resumes and documents. Resume files you upload, the structured data our AI extracts from them, resume variants and cover letters you create in the product, and AI-generated analysis of your resume.
Application data. Jobs you save, dismiss, and apply to; your answers to application screening questions (kept in a reusable answer library you can review and edit); confirmed application facts such as notice period, work authorization, nationality, and relocation willingness; and records of applications our agent submitted for you, including a screen recording of the automated browser session.
Chat and AI content. Your conversations with the ScoutJobs agent and the artifacts it produces for you (cover letters, tailored resumes, interview-prep material).
Billing data. Payments are processed by Stripe. We store your Stripe customer reference, subscription status, and your card brand and last four digits. Full card numbers never touch our servers.
Usage and device data. IP address, browser and device information, pages visited, product events (for example that you uploaded a CV or started a checkout), and advertising click identifiers if you arrived from an ad (see the cookies section).
Sensitive information
Because job applications routinely ask about them, we store your visa status, work authorization, and nationality when you provide them, and we transmit them to employers when an application form requires them. We never guess these values: the auto-apply agent only uses answers you have confirmed.
How we use your information
- Matching you with jobs, including computing semantic embeddings of your skills and experience so we can rank listings against your profile.
- Powering AI features: resume parsing and tailoring, cover letters, interview prep, and the ScoutJobs agent chat.
- Preparing and submitting job applications on your behalf when you use auto-apply.
- Sending you the emails you have opted into (job digests, agent activity, tips, offers) plus transactional email about your account, security, and billing.
- Processing subscriptions, credits, and payments.
- Understanding how the product is used and measuring our advertising, as described in the cookies section.
- Preventing abuse and meeting legal obligations.
AI processing
ScoutJobs is built on large language models. When you upload a resume, chat with the agent, generate a cover letter, or run auto-apply, the relevant content (including your resume text, profile details, and application answers) is sent to third-party AI providers to be processed: primarily OpenAI, routed through Cloudflare's AI Gateway, with Google Gemini used for job-matching embeddings and certain fallback models run on Cloudflare. We use these providers' API services, which do not use your content to train their models under their API terms.
AI output is grounded in the information you gave us. Our systems are designed never to invent facts about you: if something is missing, the product asks you instead of making it up. AI-generated documents are drafts for you to review, not statements we make on your behalf without your involvement.
Applying to jobs on your behalf
When you use auto-apply, we assemble an application from your profile, resume, and confirmed answers, and an automated browser fills in and submits the employer's application form. In doing so:
- Your name, contact details, resume, work history, cover letter, and screening answers are transmitted to the employer's applicant tracking system (for example Greenhouse, Lever, Workable, or Workday), exactly as if you had applied yourself. From that point the employer's own privacy policy governs that data.
- The automated browser session runs on a third-party cloud browser infrastructure provider, and a video recording of the session is stored privately so you and our support team can verify what was submitted.
- Some applicant tracking systems require creating a candidate account; our agent may create one for you using your application email address and complete the email verification step.
- We may route applications through a managed relay email address that forwards employer replies and verification emails to your real inbox, keeping your personal address off third-party forms.
- On our Max plan, applications that automation cannot finish may be completed manually by a vetted ScoutJobs specialist using the information above. This is disclosed in-product before it happens, and you receive proof of submission.
Who we share data with
We do not sell your personal information for money. We share it only with the employers you apply to and with the service providers below, each for a specific purpose:
- Employers and their applicant tracking systems: when you apply to a job, manually or via auto-apply.
- OpenAI, Google (Gemini), and Cloudflare: AI processing, as described above.
- Cloud browser infrastructure provider: runs the automated browser that performs auto-apply submissions.
- Stripe: payment processing (name, email, payment method).
- Amazon Web Services: file storage for resumes and documents, and email delivery (SES).
- Cloudflare: content delivery, security, bot protection, and private storage of auto-apply session recordings.
- PostHog: product analytics and session replay (see cookies section).
- Meta, TikTok, Google, and X: advertising measurement (see cookies section).
- Sentry: error monitoring. We configure it not to receive personal identifiers.
- Gravatar: if you have no profile photo, we request a fallback avatar using a hash of your email address.
Job listings and applications link out to employer and other third-party sites. What you submit there directly is governed by their privacy policies, not this one.
We may also disclose information if required by law, legal process, or to protect the rights and safety of ScoutJobs, our users, or others, and in connection with a merger, acquisition, or sale of assets (in which case this policy continues to apply to your data).
Cookies, analytics, and advertising
We use cookies and similar technologies for three things: keeping you signed in (session, security, and remember-me cookies), understanding how the product is used, and measuring whether our advertising works.
Product analytics. We use PostHog to record product events and page views, and to replay sessions so we can fix usability problems. Session replay masks everything you type before it leaves your browser. If you are signed in, your analytics profile is linked to your account (including your email and plan) so we can understand usage across devices.
Advertising measurement. We run ads on Meta, TikTok, Google, and X, and use their pixels and conversion APIs to measure sign-ups and purchases that came from those ads. This involves sharing ad-click identifiers, IP address, browser information, and a hashed (or, for some platforms, normalized) version of your email address with the relevant platform. Some privacy laws call this "sharing" or "targeted advertising" even though no money changes hands.
These tools currently load for all visitors. You can block them with browser settings, content blockers, or platform-level opt-outs (such as your Meta, Google, or X ad settings), and the site keeps working. To object to this processing entirely, email us and we will help.
Data retention and deletion
We keep your data for as long as you have an account, because the product's value comes from remembering your profile, answers, and history. Two automatic exceptions: resume files uploaded without an account are deleted after 7 days, and detailed API usage records are deleted after 90 days.
You can delete your account yourself at any time from Settings → Privacy. Deletion is immediate and permanent: it cancels any active subscription, then hard-deletes your profile, resumes and uploaded files, generated documents, chat history, application records, screening answers, and auto-apply session recordings. Public share links you created stop working.
We retain a small residue after deletion:
- Your email address stays on our suppression list so we never email you again after bounces, complaints, or unsubscribes.
- Billing records we need for tax and accounting, and the customer records Stripe keeps under its own policy.
- Data already delivered to employers you applied to, which we cannot recall; contact the employer directly to exercise rights over it.
Your rights
Regardless of where you live, you can access and update your profile in the product, edit or delete individual stored application answers, control your email preferences, and delete your account entirely.
Depending on your jurisdiction (for example the EEA or UK under the GDPR, or California under the CCPA), you may additionally have legal rights to access, correct, delete, export, or restrict processing of your personal information, and to object to certain processing. We honor such requests from all users, not just where the law requires it. Email us at the address below and we will respond within 30 days. You also have the right to complain to your local data protection authority.
Data security
All traffic is encrypted in transit, files are stored in private, access-controlled storage, passwords are hashed, and access to production data is restricted to people who need it to operate the service. No system is perfectly secure; if a breach affects your personal data we will notify you as required by law.
International transfers
ScoutJobs serves users globally. Your resume and document files are stored in the European Union (AWS eu-central-1), auto-apply session recordings are stored with Cloudflare, and most of our service providers, including our AI providers, analytics, and payment processor, operate in the United States, so your data is transferred to and processed in the US. Where transfer safeguards are legally required we rely on our providers' standard contractual clauses and equivalent mechanisms.
Children's privacy
ScoutJobs is not intended for anyone under 18. We do not knowingly collect information from minors; if you believe a minor has created an account, contact us and we will delete it.
Changes to this policy
When we change this policy we will update the date at the top of this page, and for material changes we will notify you by email or in the product before they take effect.
Contact information
For privacy questions or to exercise your rights, email [email protected]. Kasovy LLC is registered in Wyoming, United States.
Governing law
This Privacy Policy is governed by the laws of Wyoming, United States and applicable US federal law, without limiting any privacy rights you hold under the mandatory laws of your own country.
