TYF://
sys://privacy-policy

Privacy Policy

Last updated: February 2026

1. Introduction

Tracked Your Future ("we," "our," or "us") operates a job application tracking platform available at trackedyourfuture.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our Service.

2. Data We Collect

2.1 Account Information

When you register, we collect your name, email address, and a hashed version of your password. If you sign in with Google or GitHub, we receive your name, email, and profile image from those providers.

2.2 Application Data

You may enter job application details including company names, role titles, descriptions, URLs, salary information, status updates, and notes. This data is stored in our database and scoped exclusively to your account.

2.3 Documents

You may upload CVs, cover letters, and other documents. Files are stored in our S3-compatible object storage. We store metadata including file name, type, and size.

2.4 AI-Processed Data

When you use AI features (CV parsing, job description extraction, match scoring, cover letter generation, interview preparation), your data is sent to third-party AI providers (OpenAI, Anthropic, or Google). We track AI usage metadata (provider, model, token counts, cost) but do not store raw AI responses beyond the structured results you see in the application.

2.5 Billing Data

Payment processing is handled by Stripe. We store your Stripe customer ID, subscription status, and payment history. We do not store credit card numbers, bank details, or other sensitive financial information.

2.6 Technical Data

We collect IP addresses for rate limiting and security purposes. These are processed in memory and not stored long-term. We use localStorage in your browser for UI preferences (theme selection, sidebar state, cookie consent, boot animation).

3. How We Use Your Data

  • To provide and maintain the Service
  • To authenticate your identity and secure your account
  • To process job applications and documents you manage
  • To provide AI-powered analysis at your request
  • To process subscription payments via Stripe
  • To send transactional emails (verification, password reset)
  • To enforce rate limits and prevent abuse

4. Third-Party Services

We share data with:

  • Stripe -- for payment processing (subject to Stripe's Privacy Policy)
  • AI Providers (OpenAI, Anthropic, Google) -- for AI features you explicitly invoke
  • OAuth Providers (Google, GitHub) -- if you choose social sign-in
  • Email Service -- for transactional email delivery

We do not sell your personal data to any third party.

5. Data Retention

We retain your data for as long as your account is active. You may request data export or account deletion at any time from the Settings page. Upon account deletion, all your data (applications, documents, AI usage, subscriptions) is permanently removed through cascading database deletion.

6. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

  • Access -- Export all your data as JSON from Settings
  • Rectification -- Edit your profile and application data at any time
  • Erasure -- Delete your account and all associated data from Settings
  • Portability -- Download your data in a machine-readable format
  • Restriction -- Contact us to restrict processing
  • Objection -- Contact us to object to specific processing

7. Cookies and Local Storage

We use session cookies for authentication (managed by NextAuth.js). We use browser localStorage for UI preferences: theme selection (green/amber), sidebar collapsed state, CRT overlay toggle, cookie consent status, and boot animation seen state. No third-party tracking cookies are used.

8. Security

We protect your data with: hashed passwords (bcrypt), JWT-based session tokens, HTTPS encryption in transit, rate limiting on authentication endpoints, and scoped database queries that prevent cross-tenant data access. While we implement industry-standard security measures, no system is 100% secure.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or in-app notification. Continued use of the Service after changes constitutes acceptance.

10. Contact

For privacy-related inquiries, contact us at [email protected].