Privacy Policy

1. Introduction

AppliedYet ("we", "us", or "our") operates the website appliedyet.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using our Service, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide when you:

• Register an account: Name, email address, password (encrypted)
• Use our Service: Job application details including company names, job roles, application dates, notes, and related information
• Contact us: Any information you provide when contacting support@appliedyet.com
• Sign in via OAuth: Profile information from Google (name, email, profile picture) if you choose to use Google sign-in

2.2 Automatically Collected Information

When you access our Service, we automatically collect:

• Usage data: Browser type, device information, IP address, pages visited, time spent on pages
• Technical data: Session information, authentication tokens (encrypted)
• Cookies: Essential cookies for authentication and session management

2.3 Information We Do NOT Collect

We do not collect:

• Payment information (Service is currently free)
• Government identifiers (e.g., tax file numbers, driver's licence numbers)
• Sensitive information as defined by the Privacy Act unless explicitly necessary

3. How We Use Your Information

We use your personal information for the following purposes:

• Service provision: To provide, maintain, and improve the AppliedYet service
• Account management: To create and manage your user account
• Communication: To send service-related emails (account verification, password resets, important updates)
• Authentication: To verify your identity and secure your account
• Analytics: To understand how users interact with our Service and improve user experience
• Legal compliance: To comply with applicable laws and regulations
• Security: To detect, prevent, and address technical issues and fraudulent activity

We will only use your personal information for the purposes for which it was collected, or for a directly related purpose that you would reasonably expect.

4. Disclosure of Your Information

4.1 Third-Party Service Providers

We share your information with the following trusted third-party service providers:

• Neon Database (USA): Database hosting and storage. Subject to their privacy policy and GDPR/Privacy Shield compliance.
• Vercel (USA): Website hosting and content delivery. Subject to their privacy policy.
• Resend (USA): Transactional email delivery (verification emails, password resets). Subject to their privacy policy.
• Google (USA): OAuth authentication (if you choose to sign in with Google). Subject to Google's privacy policy.

These service providers are contractually obligated to handle your information securely and only use it for the purposes we specify.

4.2 Cross-Border Data Transfers

Your personal information may be transferred to, stored, and processed in countries outside Australia, including the United States. We take reasonable steps to ensure that overseas recipients handle your personal information in accordance with the APPs.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders)
• Government or regulatory authority requests
• Protection of our legal rights or the safety of users

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity. You will be notified via email and/or prominent notice on our Service of any such change.

4.5 No Sale of Personal Information

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Security

We implement industry-standard security measures to protect your personal information:

• Encryption: All data transmitted is encrypted using SSL/TLS protocols (HTTPS)
• Password protection: Passwords are hashed using bcrypt before storage
• Authentication tokens: Securely generated and stored session tokens
• Database security: Encrypted database connections and access controls
• Regular security updates: We keep our systems and dependencies up to date

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

6. Your Rights and Choices

Under the Australian Privacy Principles, you have the following rights:

6.1 Access and Correction (APP 12 & 13)

You have the right to request access to the personal information we hold about you and to request correction of any inaccurate or outdated information. You can access and update most of your information through your account settings.

6.2 Account Deletion

You may request deletion of your account and associated personal information at any time through the Settings page. Upon deletion:

• Your account and all associated data will be permanently deleted
• This action cannot be undone
• We may retain certain information as required by law or for legitimate business purposes

6.3 Marketing Communications

If we send marketing communications (we currently do not), you can opt-out at any time by clicking the unsubscribe link or contacting us at support@appliedyet.com.

6.4 Cookies

We use essential cookies for authentication. You can set your browser to refuse cookies, but this may prevent you from using certain features of our Service.

6.5 Exercising Your Rights

To exercise any of these rights, please contact us at support@appliedyet.com. We will respond to your request within 30 days as required by the Privacy Act.

7. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When you delete your account:

• Your data is immediately deleted from our active systems
• Backup copies may persist for up to 30 days
• Certain records may be retained for legal or accounting purposes as required by law

8. Children's Privacy

Our Service is intended for users aged 18 and over, or minors with parental consent. We do not knowingly collect personal information from children under 18 without parental consent. If you believe we have inadvertently collected information from a child, please contact us immediately at support@appliedyet.com.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification for significant changes

Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

10. Complaints and Disputes

If you have a complaint about how we have handled your personal information, please contact us first at support@appliedyet.com. We will:

• Acknowledge your complaint within 7 days
• Investigate your complaint
• Provide a response within 30 days

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Email: enquiries@oaic.gov.au

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

12. Governing Law

This Privacy Policy is governed by the laws of Australia. The Privacy Act 1988 (Cth) and the Australian Privacy Principles apply to our collection, use, and disclosure of your personal information.