Last updated: 2026-06-11
Privacy Policy — Job Fit Checker
Job Fit Checker is a Chrome extension that reads the job posting on the page you’re currently viewing, sends it together with your profile to the Job Fit Checker backend, and returns a fit verdict (Apply / Maybe / Skip) with reasoning. This page explains what data the extension handles, where it goes, and how long it lives.
Your account
You create an account with an email address and password. The backend stores your email, a salted password hash (argon2 — never the password itself), your prepaid balance, and a ledger of charges and top-ups. Your email is used to verify the account, to deliver password-reset links, and for support — never for marketing, and it is never shared or sold.
What the extension stores locally on your device
The extension uses Chrome’s chrome.storage.local to keep:
- A session token (
sessionToken) — an opaque random string issued by the backend when you sign in or sign up. It is sent as aBearertoken on every backend request and is what proves your identity. It is not your password. - Your profile (
profileMd) — the markdown text built from your resume during onboarding (or pasted into Options). The PDF you upload is read in your browser; only its extracted text is sent to the backend for structuring, and the file itself never leaves your machine. - Your hard rules, feedback log, profile history, and last verdict cache — preferences and a small history of analyses so the same job isn’t re-analyzed (and re-billed) every time you reopen the popup.
- The backend URL (
backendUrl) — by defaulthttps://palvn.com/api. You can change this in Options if you run your own instance.
This data lives only on your computer in the Chrome profile that installed the extension. It is not synced. Uninstalling the extension removes all of it.
What is sent to the backend, and when
Nothing is sent in the background. Each action sends exactly what it needs:
- Analyze — the visible text of the job posting on the current tab (title, URL, body text), your profile markdown, and your hard rules.
- Profile extraction (onboarding) — the text extracted from your resume PDF. A resume typically contains personal data: your name, contact details, work history, education.
- Profile refinement — your current profile, the verdict being corrected, and your feedback text.
- Company lookup / document tailoring — the company name and the job-description text.
The backend (palvn.com— operated by the extension’s author) forwards these to an LLM provider via OpenRouter to generate the result. Prompts and model choice live on the backend.
What the backend stores
- Billing records (kept for billing integrity): per-request rows with timestamp, user id, model, token counts, and the charged amount; plus a ledger of balance top-ups (including the free trial credit). These contain no job or resume text.
- Analysis audit log(kept up to 15 days, then deleted automatically): the request content of each Analyze call — which includes your profile markdown and the job-posting text — together with the model’s response. Access is restricted to the operator; it exists to debug wrong verdicts. Deleting your account removes these rows immediately.
- Tailored documents (kept 24 hours, then deleted automatically): when you use resume/cover-letter tailoring, the job description and the generated PDFs are stored until the download link expires.
- Account data: email, password hash, verification status, balance.
Third parties
- OpenRouter (
openrouter.ai) — the inference gateway the backend uses. Subject to OpenRouter’s privacy policy. - The model providers OpenRouter routes to (e.g. OpenAI, Anthropic, Google) — subject to their respective privacy policies.
- Brevo (
brevo.com) — the email delivery service the backend uses to send account verification and password-reset mail. Brevo processes your email address and the content of those transactional messages (which contain no job or resume data). Subject to Brevo’s privacy policy. Your email is never used for marketing.
The extension itself does not embed any analytics, telemetry, ad SDKs, or tracking pixels. There is no Google Analytics, no Sentry, no fingerprinting. Your data is never sold or shared for advertising.
Payments
The prepaid balance is topped up manually by the operator (you arrange it by email). The extension and backend never see or store card numbers or other payment instruments.
Retention summary
| Data | Where | Kept for |
|---|---|---|
| Profile, hard rules, verdict cache | Your device | Until you clear it or uninstall |
| Session tokens | Backend (hashed) | 30 days or until sign-out/revocation |
| Billing rows, top-up ledger | Backend | Indefinitely (anonymized if you delete your account) |
| Analysis audit log (profile + JD text) | Backend | ≤ 15 days, auto-purged |
| Tailored documents (JD + PDFs) | Backend | ≤ 24 hours, auto-purged |
| Email + account data | Backend | Until you delete your account |
Your rights — including deleting your account
You can:
- Inspect, edit, or delete your profile at any time from the extension’s Options page.
- Sign out (which revokes the session server-side and deletes the token from your device).
- Delete your account yourself: Options → Account → Delete account. This immediately removes your email, password hash, analysis audit rows, and tailored documents; billing rows are anonymized (no longer linked to any identifying data) and retained for accounting. Local extension data is wiped at the same time.
- Email the operator for a copy or correction of your data.
Contact
For privacy questions, data requests, or top-ups, contact the operator at: mytablet5421@gmail.com
Changes to this policy
If the policy changes materially (e.g. a new third party is introduced), the “Last updated” date at the top of this page changes and the extension’s next release notes mention it.