Job Genie
Job GenieSign in

Last updated: April 24, 2026

Privacy Policy

This page explains what Job Genie collects and why, in plain language. The Service is run by Muhammad Usman Dawoodi (“we”, “us”). Job Genie helps you draft job applications, store materials, and send email from your own Google or Microsoft account.

1. Who we are

The person responsible for personal information processed through Job Genie is Muhammad Usman Dawoodi. For privacy questions, email xmrtusman@gmail.com (primary). You can also reach mail.usmandawoodi@gmail.com if needed.

2. Information we collect

We collect information in the following categories:

  • Account and profile. When you sign in with Google or Microsoft, we receive identifiers, email address, name, and avatar from your identity provider via Supabase Auth. We store a profile record (for example role, activity limits, and account status) in our database.
  • OAuth tokens for email. To send email on your behalf from your mailbox, our backend stores a provider refresh token associated with your account using secure server-side access. Refresh tokens are never exposed to the browser or returned from our APIs to clients.
  • Job applications. Content you provide (such as pasted job descriptions, attachments, and images you choose to submit), fields we derive (company, role, contact email, drafts), and status fields (for example processing, ready, sent, interview, rejected) are stored in our application database.
  • Resumes. If you upload PDF or Word resumes, we store the file in private object storage and may extract text from the document to personalize drafts and features. Extracted text may be stored alongside your resume record.
  • Feedback. If you submit feature requests or bug reports, we store the title, description, and metadata about who submitted it.
  • Technical data. Like most hosted services, our infrastructure and vendors may process IP address, device and browser type, timestamps, and similar diagnostics when you use the Service or when errors are logged.
  • Local browser storage.The sign-in screen may store a non-sensitive preference (for example which provider you used last) in your browser's localStorage to improve the login experience. It does not contain passwords or tokens.

3. How we use information

We use information to:

  • Provide, operate, and secure the Service;
  • Create and improve application drafts using automated processing, including third-party AI services (see Processors);
  • Send email only when you choose to send through your connected Google or Microsoft account, using the permissions you granted;
  • Enforce daily usage limits, prevent abuse, troubleshoot issues, and meet legal requirements if they apply.

4. Why we process your data

We only use your data to run Job Genie for you: sign-in, saving your applications and resumes, generating drafts when you ask, and sending mail when you explicitly send. Where the law asks for a specific basis (for example consent for OAuth, or a contract with you as a user), we rely on that. We also have a basic interest in keeping the Service safe and reliable (for example blocking abuse).

5. Who else sees data (processors)

We use vendors that help us run the app. They only get what they need to do their job. Today that mainly includes:

  • Supabase — authentication, PostgreSQL database, row-level security policies, file storage for resumes, and related infrastructure.
  • Google — identity and, if you use Google, sending email via Gmail APIs under the OAuth scopes you approve.
  • Microsoft — identity and, if you use Microsoft, sending email via Microsoft APIs under the permissions you approve.
  • Groq — large language model inference used to extract job fields and generate draft messages from text you submit (including optional resume-derived text).
  • Hosting provider — the company that runs our Next.js server (for example Render), which may see technical logs as part of normal operations.

Each company has its own privacy policy for how they handle data on their side (for example your Google Account).

6. Where data is stored

As configured for production today, Supabase (database, authentication, resume file storage) and our application host (for example Render) keep primary compute and stored data in provider regions based in the United States. Either may use subprocessors or other regions for backups, CDN, logging, or reliability — check each vendor's docs for the latest. If your Supabase project region differs, that setting controls where your database and files live. We don't run our own data centers.

7. How long we keep things

We keep information while your account exists and we need it to run the Service. You can delete individual resumes or applications where the app lets you. For a full account wipe, follow Deleting your account and data (section 14).

8. Security

We use HTTPS, authenticated APIs, database access rules, and we keep long-lived email tokens on the server only — not in the browser. No setup is perfect: protect your device and your Google/Microsoft account too.

9. Your choices

Depending on where you live, you may have rights to access, fix, delete, or export your data. For a full account deletion, use section 14. For other privacy questions, email the addresses in section 1 — we'll respond in good faith. You can also download or delete data held by Google or Microsoft directly in those accounts.

10. Cookies and similar technologies

Supabase authentication uses httpOnly cookies (or similar mechanisms) to maintain your session. The login page may set a benign provider-hint value in localStorage as described above.

11. Automated features

Drafts and extractions are generated automatically. Always review before you send. Sending only happens when you take a clear action in the app.

12. Children

Job Genie isn't meant for anyone under 16. If you think we received data from a child by mistake, email us and we'll delete it.

13. Changes to this page

We may update this policy occasionally. When we do, we'll change the “Last updated” date at the top. For anything big, we may also put a note in the app or email you.

14. Deleting your account and data

To delete your Job Genie account and all related data we hold, email xmrtusman@gmail.com from the same email address you use to sign in to Job Genie (your Google or Microsoft account email), with the subject line Delete my Job Genie data. We will confirm when processing is complete or ask for a quick verification step if something doesn't match your account.

15. Google API Services

Job Genie's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Policy link: Google API Services User Data Policy.

16. Contact

Questions about privacy: xmrtusman@gmail.com (primary) or mail.usmandawoodi@gmail.com.