Privacy Policy for CareerSuite.ai

Last Updated: July 7, 2025

Our Commitment to Your Privacy & Data Sovereignty

Welcome to CareerSuite.ai ("we," "our," or "us"). We provide a suite of AI-powered tools to assist you in your job application process by leveraging AI. This Privacy Policy is a comprehensive document explaining exactly what data our browser extension and its optional backend Google Apps Script processes, why we process it, and how you remain in full control.

Our core principle is Data Sovereignty: you own and control your data. Our extension is designed as a tool that operates within your own environment (your browser and your Google Account). We do not operate central servers to store your Personal Identifiable Information (PII), resume content, or job application data. Please read this policy carefully to understand our practices.

1. Data Processing for Core Extension Features (In-Browser)

A. Data Stored Locally on Your Device (Your Browser Storage)

The following information is stored exclusively on your computer using secure browser storage mechanisms. We never see, collect, or upload this data.

  • My Resume Profile: All data you enter into the "My Resume Profile" page—including your name, contact information, work experience, skills, education, projects, and any demographic information you provide for autofill purposes—is saved only in your browser's local storage. This allows you to have a persistent profile without needing to re-enter it.
  • Google Gemini API Key: To power the AI features, you provide your own personal Gemini API key. This key is stored in your browser's sync storage, which allows it to be available across your synced devices (if you have browser sync enabled). It is never transmitted to us.
  • User Settings and Preferences: Your choices, such as the selected theme, are stored locally to personalize your experience.
  • Session Data: Temporary data for an active resume tailoring session (e.g., your choices for AI-suggested bullets) is stored in your browser's session storage. This data is automatically cleared when you close the browser tab or end the session.

B. Data Transmitted for AI Analysis & Generation (Directly to Google)

To provide AI-powered features, the extension must send certain content directly to Google's Generative Language API. This data is sent from your browser to Google's servers and is never routed through or stored on our servers.

This transmitted data includes:

  • Job Description Text: When you click "Analyze Job Posting," the text content of the active job description page is sent to the Gemini API for analysis.
  • Resume Content: For resume tailoring, sections of your "My Resume Profile" are sent to the Gemini API, along with the job description, to generate tailored suggestions.
  • Autofill & Form Data: To enable the autofill feature, a simplified, text-only representation of the HTML form fields (including their labels and names) from an application page is sent to the Gemini API to intelligently map your profile data to the correct fields. This can include text already present on the page you are viewing.
  • Cover Letter Inputs: To generate a cover letter draft, a curated set of data—including the job description analysis and your accepted tailored resume points—is sent as a prompt to the Gemini API.

The processing of this data is subject to Google's API Terms of Service and Privacy Policy. We recommend you review their policies to understand how they handle data.

2. Data Processing for Optional Backend Features (Your Google Account)

Our most powerful automation features, such as the Job Tracker, are optional and require you to explicitly grant permissions for our Google Apps Script to run within your own Google Account.

C. Required Google Account Permissions & Data Handling

When you choose to set up the Job Tracker, you authorize our open-source Apps Script to perform the following actions on your behalf, within your account:

  • View your email address (`userinfo.email`): This permission is used solely to identify you during the initial setup process and to display your email within the extension's UI to confirm you are logged in.
  • Create and Manage Its Own File (`drive.file` scope): Our script will create a new, dedicated Google Sheet named "CareerSuite.ai Data" in your Google Drive. The `drive.file` permission is a highly secure, restricted scope that only allows our script to access this single file that it creates. The script cannot and will not view, edit, access, or delete any of your other pre-existing spreadsheets or files in your Google Drive.
  • Read and Modify Specific Emails (`gmail.modify` scope): This is our most sensitive permission, and it is essential for the automation of the job tracker. Its use is strictly limited:
    1. Label Creation: The script creates a set of dedicated labels within your Gmail account (e.g., `CareerSuite.AI/To Process`). This gives you full visibility into which emails are being targeted.
    2. Targeted Reading: Our script only reads emails that have been categorized under these specific labels by a Gmail filter that is also created during setup. It does not scan your general inbox or any other folders.
    3. Sending for Analysis: Snippets from these specific emails are sent to the Google Gemini API to extract application details.
    4. Label Modification (The Reason for `modify`): After an email has been successfully processed, the script modifies its labels (e.g., removes `.../To Process` and adds `.../Processed`). This is critical to prevent the same email from being processed endlessly every time the automation runs. This is why a `readonly` permission is insufficient.

D. UserProperties Storage (Within Your Google Account)

The Apps Script stores your Gemini API key (passed securely from the extension) and internal configuration details (like the IDs of the Gmail labels it created) in your personal `UserProperties` store. This is a private storage space tied to the script running within your Google Account, which we do not have access to.

3. Data We Do NOT Collect

To be perfectly clear, CareerSuite.ai and its developers never collect, see, store, or have access to:

  • Your Google Account password.
  • Your Gemini API key.
  • The content of your resume or job descriptions.
  • The content of your emails.
  • Any data within your Job Tracker Google Sheet.
  • Your browsing history.

4. Third-Party Services

Our service functions as a powerful interface to third-party services that you control:

  • Google Gemini API: For all AI features.
  • Google Drive & Google Sheets: For the optional Job Tracker.
  • Gmail: For the optional Job Tracker automation.

Your use of these services through our extension is also governed by their respective privacy policies and terms of service.

5. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services or for other operational, legal, or regulatory reasons. We will post any changes on this page and in our store listing, and we will update the "Last Updated" date at the top of this policy. We encourage you to review it periodically.

6. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us via the support links provided on the official CareerSuite.ai Chrome Web Store page.