Last updated: February 22, 2026
ApplySmith ("we", "us", "our", "the extension") is a Chrome browser extension that helps users tailor resumes, cover letters, and screening question answers to Government of Canada job postings using AI. This policy explains what data we collect, how we use it, who we share it with, and your rights.
Account information: When you sign in, we collect your email address (via Google OAuth or email verification). This is used to identify your account, track usage, and manage subscriptions.
Profile data: Your candidate profile (name, contact info, work experience, education, skills, references, cover letter preferences) is stored locally in your browser using Chrome's storage API. This data is sent to our API only when you explicitly use an AI feature (e.g., tailor resume, generate cover letter, generate screening answer).
Job posting content: When you use AI features, the text of the job posting you are viewing is sent to our API for processing. This data is not stored on our servers after the request completes.
Usage data: We track the number of AI generations per account per month to enforce plan limits. We do not track which specific jobs you apply to, your browsing history, or the content of generated results.
Payment information: Payments are processed by Stripe. We do not store credit card numbers. We store your Stripe customer ID to manage subscriptions.
Data we do NOT collect: We do not collect your browsing history, web activity on sites other than GC Jobs, cookies, IP addresses, device identifiers, or analytics data. We do not monitor keystrokes, clicks, or mouse movements.
We do not use your data for advertising, marketing, or any purpose unrelated to the extension's core functionality.
We do not sell, trade, or rent your personal data to anyone. We only share data with the following service providers, strictly as needed to operate the extension:
Your profile data is stored locally in your browser using Chrome's storage API and is not uploaded to our servers except during AI requests that you initiate. Account data (email, subscription plan, usage count) is stored in Cloudflare Workers KV, a secure edge storage service.
All communication between the extension and our API is encrypted using HTTPS/TLS. Authentication uses JSON Web Tokens (JWT) with HMAC-SHA256 signing. We do not store passwords — authentication is handled through Google OAuth or one-time email verification codes.
ApplySmith's use and transfer of information received from Google APIs adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically:
ApplySmith is not intended for use by children under 13 (or under 16 in the European Economic Area). We do not knowingly collect data from children. If we learn that we have collected personal data from a child, we will delete it promptly.
Our servers are located globally via Cloudflare's edge network. By using ApplySmith, you consent to your data being processed in Canada and other jurisdictions where Cloudflare operates. We comply with Canada's PIPEDA and applicable privacy laws.
We may update this policy from time to time. Changes will be posted on this page with an updated revision date. If we make material changes to how we handle your data, we will notify users through the extension.
For privacy questions, data access requests, or data deletion requests, contact: privacy@applysmith.ca