Privacy Policy

Last updated: 2026-04-27

Applier respects your privacy. This policy explains what data we collect, how we use it, who we share it with, and how to exercise your rights as a data subject under the Brazilian General Data Protection Law (LGPD - the Brazilian counterpart of GDPR).

1. Data we collect

We collect only what is necessary to operate the service: name, email, professional data (resume, LinkedIn, job preferences), credentials of portals you choose to connect (encrypted), and application logs (role, date, status).

We do not collect browsing history outside the product, banking data (payments are processed by Stripe and Mercado Pago), or sensitive information (health, religious beliefs, political opinion).

2. How we use your data

Professional data feeds the AI that generates tailored resumes and identifies compatible roles. Portal credentials are used exclusively for application automation, never for human access.

Application logs feed the dashboard and are used to improve our models (always in aggregated and anonymized form).

3. Sharing

We do not sell personal data. We share only with essential service providers (cloud providers, OpenAI/Anthropic for AI inference, Stripe/Mercado Pago for billing) under confidentiality agreements and DPAs.

Each application submitted to a job portal (LinkedIn, Indeed, etc.) includes your resume data - you explicitly authorize this sharing by connecting each portal.

4. Data subject rights (LGPD art. 18)

You have the right to: confirm the existence of processing, access your data, correct incomplete or incorrect data, anonymize/block/erase unnecessary data, portability, deletion upon consent, information on sharing, and consent withdrawal.

To exercise any right, talk to one of our agents or use the "My account -> LGPD" page in the dashboard.

5. Cookies and tracking

The institutional site (applier.me) does not use third-party tracking cookies. The authenticated panel (app.applier.me) uses essential first-party cookies for session. We do not use Google Analytics or Facebook Pixel.

6. Security

We adopt ISO 27001, AES-256 at rest, TLS 1.3 in transit, optional multi-factor authentication, and audit logs. Portal credentials are stored in a dedicated vault (AES-256-GCM key rotated periodically).

7. DPO contact

Data Protection Officer: talk to one of our agents via the "My account -> LGPD" panel. Response within 5 business days.