🦞 Job Lobster

Privacy Policy

Last updated: 2026-04-20
Draft β€” not yet lawyer-reviewed. This policy accurately describes the current technical behavior of Job Lobster, but the legal language (jurisdiction, lawful basis, data-controller relationships, retention commitments, user rights) should be reviewed with counsel before public launch. The technical facts below are what the code actually does.

1. What we collect

Data you provide

Data we generate about you

Data we do NOT collect

2. Where your data goes

Storage

All of your data is stored in a single SQLite database plus a filesystem directory on a Fly.io virtual machine operated by the Job Lobster operator. Rows are scoped to your user ID so other users cannot see them. Downloaded DOCX/PDF files live under data/users/<your-id>/applications/.

Third-party processors

3. Your rights

Every Job Lobster user can, at any time, without needing to contact us:

The delete operations are real deletes, not soft-deletes. Your data does not sit in a "trash" waiting for a retention window β€” it is removed from the database and file system when you click.

Jurisdiction-specific rights to enumerate: GDPR (if EU users), CCPA (if California users), PIPEDA (if Canadian users). Each has specific language about access, portability, rectification, deletion, automated-decision-making, and data-portability that should be called out explicitly once the user base and operator jurisdiction are defined.

4. Data retention

Data you provide is retained as long as your account is active. When you delete your account, we remove it from our primary store within seconds. Backups and Fly.io's infrastructure redundancy may retain fragments for up to 30 days before full erasure.

LLM provider retention (Anthropic, Resend) is governed by each provider's policy. We do not have control over their internal retention windows.

5. Security

Add if/when applicable: incident response policy, breach notification commitment, SOC 2 status, encryption at rest (Fly volumes are encrypted by default, but worth stating), and any subprocessor list maintenance policy.

6. Children

Job Lobster is a professional tool and not intended for anyone under 16. We do not knowingly collect data from children under that age.

7. Changes

We may update this policy. Material changes will be surfaced in the app. Continued use after a change constitutes acceptance.

8. Contact

Fill in: data-controller name + address, data-protection officer (if required by jurisdiction), and a privacy-specific inbox if you'd like to separate it from general support.

For privacy questions or data requests that the self-serve flows do not cover, contact: adam.o.jurgens@gmail.com.

← Back to Job Lobster Β· Terms of Service