What I AppliedSign in

Privacy Policy

Last updated: 2026-06-28

Overview

What I Applied ("we", "the service") is a personal application tracker. This policy describes what we collect when you use the website and the optional Chrome extension, how we use it, and your choices.

Account and profile data

When you register, we store your email and a hashed password. You may add resume details, application records, interview stages, and optional contact links. This data is tied to your account and used only to provide the service (tracking applications, generating tailored assets, and similar features you request).

Chrome extension (job import)

If you install our browser extension, it runs only when you click Import on a job posting or company page. In that moment it may read:

  • The page URL
  • Visible text from the page (for example job description or company information)
  • Structured metadata on the page when present (such as schema.org JobPosting)

That information is sent to our servers over HTTPS so we can prefill your "Log application" form. You review and edit fields before saving; nothing is stored as an application until you click Save in the web app.

The extension does not run in the background on arbitrary sites, does not contain our AI API keys, and only communicates with our application origin (for example what-i-applied.vercel.app).

Artificial intelligence (Google Gemini)

Some features send text to Google's Gemini API for processing, including resume PDF parsing, browser import cleanup, application coach assets, job search direction, and similar tools you explicitly trigger. We send only the text needed for that feature (for example scraped page text or your resume content). Google's terms and privacy policy apply to their processing.

Retention and deletion

Application and profile data remain in your account until you delete or change it. Server logs may retain technical metadata (such as request timing and error codes) for a limited time for security and debugging; we avoid logging full job descriptions in routine logs.

Sharing

We do not sell your personal data. We use infrastructure and API providers (hosting, database, and AI) only to operate the service. We may disclose information if required by law.

Security

Passwords are stored hashed. The site is served over HTTPS. Rate limits apply to AI-heavy endpoints to reduce abuse. You are responsible for keeping your login credentials private.

Contact

Questions about this policy or your data: contact the operator listed on the site footer (LokaTech) or the email you use to operate the service.