Privacy Policy

Last updated: April 2026

1. Who we are

NetroApply ("we", "us", "our") provides an AI-powered career operating system that helps users build CVs, generate cover letters, apply to jobs across connected portals, and schedule interviews. We are committed to protecting your personal data and complying with the EU General Data Protection Regulation (GDPR).

2. Data we collect

When you use NetroApply, we collect:

  • Account data: name, email, profile photo, locale, timezone.
  • Career data: CV content, target roles, skills, experience, cover letters, application history.
  • Connected portal data: OAuth tokens and job listings from portals you connect (LinkedIn, Indeed, etc.). Tokens are encrypted at rest with AES-256.
  • Usage data: pages visited, features used, device type. Used to improve the product.
  • Digital Twin data (optional): photo, voice sample, personality traits if you set up Netro MyTwin.

3. How we use your data

  • Provide the core service (CV building, job matching, application tracking).
  • Generate AI content (CVs, cover letters, job recommendations) via your chosen AI provider.
  • Authenticate with job portals on your behalf via OAuth (only with your explicit consent).
  • Send transactional emails (application updates, interview confirmations).
  • Improve and secure the platform.

We do not sell your personal data. We do not share it with advertisers.

4. Legal basis (GDPR)

  • Contract: to provide the service you signed up for.
  • Consent: for optional features like Netro MyTwin, biometric data, marketing emails. You can withdraw consent anytime.
  • Legitimate interest: to improve the product and prevent fraud.

5. Data security

  • End-to-end encryption in transit (TLS 1.3) and at rest (AES-256).
  • OAuth tokens encrypted with a separate master key.
  • Zero cross-user data access — your AI agent only sees your data.
  • Regular security audits and dependency updates.

6. Your rights (GDPR)

You have the right to:

  • Access — request a copy of your personal data.
  • Rectification — correct inaccurate data.
  • Erasure — delete your account and all associated data.
  • Portability — export your data in machine-readable format.
  • Object — stop specific processing (e.g. analytics).
  • Restrict — limit how we use your data.

To exercise any of these rights, contact us at [email protected].

7. Third-party services

We use the following processors (all GDPR-compliant):

  • Clerk (authentication)
  • Stripe (billing)
  • Job portals you explicitly connect (LinkedIn, Indeed, etc.)
  • AI providers (Anthropic Claude, local Ollama models)

8. Data retention

We retain your data while your account is active. After deletion, we remove all personal data within 30 days, except where we are legally required to retain it (e.g. billing records for 7 years).

9. Cookies

We use only essential cookies for authentication and session management. We do not use tracking cookies or advertising pixels without your explicit consent.

10. Changes to this policy

We may update this policy from time to time. Material changes will be notified by email at least 30 days before taking effect.

11. Netro Verify (mobile app)

Netro Verify (Android package com.netromind.netroid.verify) is our companion push-MFA authenticator for NetroApply. It is published on Google Play and operates under this same Privacy Policy.

Data the app collects:

  • Device pairing token — a random UUID generated on pairing, stored locally on the device and on our server, used to authenticate push challenges. Not tied to advertising IDs.
  • Push delivery topic — an opaque per-device topic on our self-hosted ntfy server (no FCM, no third-party push provider). Used solely to deliver MFA prompts.
  • Paired account email — displayed in the app so you can confirm which NetroApply account a sign-in prompt belongs to.

The app does not collect location, contacts, photos, microphone audio, advertising identifiers, biometric data, or analytics. It does not contain ads. All traffic uses TLS 1.3.

Deleting your data from Netro Verify: see netroapply.com/account/delete for in-app unpair instructions and full account deletion options.

Children: Netro Verify is not directed at children under 13 (or under 16 in the EU) and we do not knowingly collect data from them.

12. Contact

Questions? Email [email protected]

← Back to NetroApply