Privacy Policy
Your privacy is important to us. This policy explains how we collect, use, and protect your data.
Last updated: January 2025 | Effective Date: January 1, 2025
Data Controller
The data controller responsible for your personal data is:
[Company Address]
[City, Postal Code]
Germany
Email: privacy@werkstudentjobs.com
Introduction
WerkStudentJobs ("we", "our", or "us") is committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR/DSGVO) and German data protection laws (BDSG). This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our AI-powered job application platform.
Data We Collect
Account Information
- Email address (required for account creation and authentication)
- Password (encrypted and hashed)
- Account creation and last login timestamps
Profile and Resume Data
- Personal information: Name, contact details (email, phone, address, LinkedIn)
- Professional information: Work experience, education, skills, certifications
- Resume documents: Uploaded PDF files
- Custom sections and projects
- Language proficiencies
Job Application Data
- Job preferences and search history
- Job matching scores and compatibility data
- Application variants (tailored resumes)
- Cover letter drafts and suggestions
AI Processing Data
- AI-generated profile extractions from uploaded resumes
- Skill categorization and suggestions
- Job matching analysis results
- Cached AI responses (stored for 6 hours)
Technical Data
- IP address (for security and fraud prevention)
- Browser type and version
- Device information
- Session cookies and authentication tokens
- Usage analytics and error logs
Legal Basis for Processing
We process your data based on:
Contract Performance (Art. 6(1)(b) GDPR)
Processing your resume data, generating tailored applications, and providing job matching services is necessary to fulfill our service contract with you.
Consent (Art. 6(1)(a) GDPR)
You provide explicit consent when uploading your resume and using our AI-powered features. You can withdraw consent at any time by deleting your account.
Legitimate Interests (Art. 6(1)(f) GDPR)
We process technical data for security, fraud prevention, service improvement, and analytics based on our legitimate business interests, balanced against your privacy rights.
Data Security
We implement industry-standard security measures:
Your Rights Under GDPR
Right of Access (Art. 15)
Request a copy of all personal data we hold about you
Right to Rectification (Art. 16)
Correct inaccurate or incomplete data via your profile settings
Right to Erasure (Art. 17)
Request deletion of your account and all associated data
Right to Data Portability (Art. 20)
Export your data in JSON format for use elsewhere
Right to Object (Art. 21)
Object to processing based on legitimate interests
Right to Withdraw Consent (Art. 7)
Withdraw consent at any time by deleting your account
Right to Lodge a Complaint (Art. 77)
File a complaint with your local data protection authority
Third-Party Services & Data Transfers
We work with trusted service providers to deliver our platform:
Supabase (Database & Authentication)
We use Supabase for secure database storage and user authentication. Data is stored in EU regions with GDPR-compliant infrastructure.
Location: EU | Privacy: GDPR Compliant
OpenAI (AI Processing)
We use OpenAI's API for AI-powered resume analysis and content generation. OpenAI does not use API data to train their models. Data is processed in accordance with OpenAI's Enterprise Privacy commitments.
Location: USA | Data Processing Agreement: Standard Contractual Clauses
Contact Us
For questions about this Privacy Policy or to exercise your rights, please contact:
Data Protection Officer: dpo@werkstudentjobs.com
Response Time: Within 30 days (GDPR requirement)
You also have the right to lodge a complaint with the German Federal Commissioner for Data Protection and Freedom of Information (BfDI) or your local state data protection authority.