← Back to ApplyVita

Privacy

Last updated: 29 May 2026

ApplyVita is built on a single principle: your resume is yours. This page is the plain-English version of how we honor that — what we collect, what we don't, where it lives, and how to delete it.

We're GDPR-aligned. SOC 2 controls are in progress. ApplyVita is a product of GrahAI Systems, headquartered in India and serving job seekers across the globe.

What we collect

Account data

  • Your email, display name, and profile photo (from Google or signup form).
  • The country we detect your first visit from (used to show ₹ or $ pricing).
  • Device + browser fingerprint (OS, browser, screen size) — for analytics and bug reproduction, never for advertising.

Resume + career data

  • Your uploaded resume, every rewrite, every ATS score, every job you save, every application you track, every mock-interview session.
  • All of this lives in your private Firestore document. Only you (and an explicit Firebase Admin operator under an audited break-glass procedure) can read it.

Usage events

We log named events ("ats_scored", "rewrite_requested", "interview_session_started") so the admin dashboard can chart product health. These events do not contain your resume content — they contain timestamps, feature names, and aggregate metrics like score numbers.

What we do NOT collect

  • The public resume scorer on the home page does not persist anything. The file is read once, scored, and discarded. We never see your name, email, or content from the public scorer.
  • We don't sell, rent, or share your data with advertisers. Period.
  • We don't train AI models on your resume. The AI providers we use to score and rewrite operate under contracts that prohibit training on your data.
  • We don't embed third-party trackers (no Facebook pixel, no LinkedIn Insight Tag, no ad-network beacons).

Where your data lives

Your account doc + all subcollections (applications, saved jobs, outreach drafts, interview sessions) live in Google Firestore, encrypted at rest. Hosting is on Vercel. Email sends go through Resend. Payments (when applicable) go through Razorpay for India and our card processor for everywhere else. We don't store card numbers on our servers — the processors do.

Email communications

We send a small set of branded transactional + lifecycle emails (welcome, ATS-score result, weekly digest, the occasional upgrade nudge). Every email has a one-click unsubscribe in the footer (RFC 8058 — works natively in Gmail and Apple Mail). You can mute one category without unsubscribing from all of them.

Your rights

  • Access: download a JSON copy of your account from settings.
  • Delete: two clicks in settings nukes your resume, applications, saved jobs, interview sessions, and account. We honor this immediately — no support ticket needed.
  • Portability: the JSON export is structured + documented so you can re-import elsewhere.
  • Correction: edit anything in-app at any time.
  • Object: email hello@applyvita.com and we'll handle it manually within one business day.

Cookies

We use a single session cookie set by Firebase Auth so you stay signed in across reloads. We use sessionStorage client-side for attribution and short-lived caching of public stats. No ad cookies. No tracking pixels.

Children

ApplyVita is built for working adults. If you're under 16, please don't use this product without a parent / guardian setting up the account.

Changes to this page

When we materially change this policy, we'll update the "Last updated" date at the top and email existing users with a summary. Material changes are things that affect what we collect, who can read it, or how to delete it — not typo fixes.

Contact

Email hello@applyvita.com. A human reads every one.