JobLittJobLittSign in

Data Policy

Last updated: 2026-05-18

This Data Policy describes what data JobLitt stores about you, where it lives, who can access it, and how long we keep it. It complements our Privacy Policy with practical operational detail.

No sale, no third-party sharing

We do not sell, rent, or share your data with third parties for their own use. Your resume, preferences, and generated artefacts are processed only to deliver the Service you have asked for. We do not repackage user data as a product, and we do not allow third parties to use it for advertising, profiling, or training their own models.

Data categories and retention

  • Account record (email, name). Retained for the life of your account. Deleted on account deletion.
  • Uploaded resume (file + extracted text). Retained until you replace it (a new upload replaces the previous one) or delete your account.
  • Job preferences. Retained until you change them or delete your account.
  • Generated artefacts (strategies, cover letters, enhanced resumes). Retained until you delete them or your account.
  • Authentication logs and OTP codes. OTP codes expire within minutes. Authentication logs are retained for up to 90 days for security and abuse-detection purposes.
  • Billing records. Subscription metadata and invoices are retained for the period required by applicable tax and accounting law.

Where data is stored

Data is stored on reputable cloud infrastructure (managed Postgres for structured records, object storage for files, and ephemeral memory for in-flight requests). All storage is encrypted at rest and accessed only over TLS.

Who can access your data

  • You. Through the Service interface, at any time.
  • Operational service providers. A small number of providers we use to run the Service (hosting, email delivery, payment processing, AI model inference) may receive the minimum data needed to perform their function. They act on our instructions, are bound by confidentiality, and may not use your data for any other purpose.
  • JobLitt staff. Limited personnel may access data when strictly necessary for support, debugging, or compliance, under access controls and audit logging.

We do not provide data access to advertisers, data brokers, or third-party marketers — under any circumstances.

AI model usage

When you request a strategy, cover letter, or resume enhancement, the relevant content (resume text, target job, your preferences) is sent to our AI inference provider over an authenticated, encrypted channel. We contract with providers whose terms prohibit training their general-purpose models on customer data. Outputs are returned to you and stored against your account.

Deletion

You can delete your resume or any generated artefact from the Service interface. Deleting your account removes your account record, resume, preferences, and generated artefacts within 30 days. Some records may persist longer in encrypted backups, but they are not restored to the live Service and expire on the standard backup rotation. Records we are legally required to retain (e.g., invoices) are kept for the statutory period.

Export and data requests

To request a copy of the data we hold about you, or to ask questions about this Data Policy, contact privacy@joblitt.com. We respond to verified requests within a reasonable timeframe, typically within 30 days.

Changes

We may update this Data Policy from time to time. Material changes will be notified through the Service or by email.