ApplyLeft is an AI-powered resume builder that creates professional, ATS-optimized resumes tailored to specific job descriptions. It analyzes job requirements and automatically adjusts your resume content to highlight the most relevant experience and skills.

Is ApplyLeft free to use?

Yes! ApplyLeft offers a free tier that allows you to create up to 3 tailored resumes per day. For more generous limits and premium features, you can get Pro access for $24 which gives you 950 resumes for 30 days. No subscription required—renew when you want.

What makes ApplyLeft different from other resume builders?

ApplyLeft uses advanced AI to analyze job descriptions and automatically tailor your resume for each application. Unlike traditional resume builders, ApplyLeft optimizes your content for ATS systems and highlights skills that match specific job requirements.

How does the AI resume tailoring work?

Simply paste a job description, and our AI analyzes the requirements, identifies key skills and keywords, then rewrites your resume bullet points to emphasize your most relevant experience. This takes just seconds and dramatically improves your chances of getting interviews.

What file formats can I download my resume in?

ApplyLeft generates professional PDF resumes with pixel-perfect formatting. PDFs are the most widely accepted format by recruiters and ATS systems.

Privacy Policy

Effective Date: November 2, 2025

Last Updated: November 2, 2025

Your Privacy Matters: We are committed to protecting your personal information and being transparent about our data practices. This policy explains what data we collect, how we use it, and your rights. If you have any questions, please contact us at privacy@applyleft.com.

1. Introduction and Data Controller

Welcome to ApplyLeft's Privacy Policy. This policy describes how edbn.me ("we", "us", "our"), the parent company operating ApplyLeft at applyleft.com, collects, uses, discloses, and safeguards your personal information.

We are committed to protecting your privacy and being transparent about our data practices. This Privacy Policy applies to all users of our Service, regardless of location, and complies with applicable data protection laws including GDPR, CCPA, and other relevant regulations.

By using ApplyLeft, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.

Data Controller Information:

Company: edbn.me

Service: ApplyLeft (applyleft.com)

Contact: privacy@applyleft.com

Support: support@applyleft.com

2. Information We Collect

We collect several types of information to provide and improve our Service:

Account Information:

Email address (required for authentication)

Name (optional, for resume generation)

Password (encrypted and never stored in plain text)

OAuth provider information (Google, GitHub)

Account creation and last login timestamps

Resume and Profile Data:

Professional experience and work history

Educational background and certifications

Skills, achievements, and languages

Contact information (phone, LinkedIn, location)

Job titles, company names, and descriptions

Resume versions and modification history

Payment and Billing Information:

Payment method details (processed by Dodo Payments)

Billing address and tax information

Transaction history and invoice records

Pro access status and expiry dates

Usage Data:

Pages visited and features used

Resume generation and chat message counts

Time spent on the platform

Browser type, device information, and IP address

Referral source and navigation patterns

Chat and AI Interaction Data:

Messages sent to our AI assistant

AI-generated content and recommendations

User feedback and ratings

Technical and Security Data:

Session tokens and authentication cookies

Error logs and debugging information

Security event logs

3. How We Use Your Information

We use collected information for the following purposes:

Service Delivery and Core Functionality:

Authenticate your identity and manage your account

Generate AI-powered resume content tailored to job descriptions

Store and manage your resume versions and history

Process payments and manage Pro access

Track usage limits and enforce fair use policies

Export resumes to PDF format

Service Improvement and Analytics:

Analyze usage patterns to improve features and user experience

Monitor platform performance and identify technical issues

Train and improve our AI models (using anonymized data)

Conduct A/B testing and feature experiments

Develop new features and functionality

Communication:

Send transactional emails (account confirmation, password resets)

Notify you of Pro access expiry and billing issues

Respond to support inquiries and provide customer service

Send important service announcements and security alerts

Share product updates and new features (with opt-out option)

Legal and Security:

Detect, prevent, and investigate fraud and security incidents

Enforce our Terms of Service and other policies

Comply with legal obligations and respond to lawful requests

Protect the rights, property, and safety of our users and company

We DO NOT:

Sell your personal information to third parties

Use your resume content for advertising purposes

Share your data with employers without your explicit consent

Use your personal information for unrelated marketing

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process personal data based on the following legal grounds:

Contractual Necessity:

Processing required to provide the Service you've requested

Account management and authentication

Resume generation and storage

Payment processing and Pro access management

Legitimate Interests:

Service improvement and analytics

Security and fraud prevention

Technical optimization and performance monitoring

Customer support and communication

Consent:

Marketing communications (opt-in required)

Non-essential cookies and analytics

AI model training using your anonymized data

Legal Obligation:

Compliance with tax and financial regulations

Response to lawful government requests

Retention for legal proceedings

You have the right to withdraw consent or object to processing based on legitimate interests at any time.

5. How We Share Your Information

We share your information only in the following limited circumstances:

Essential Service Providers:

Supabase (authentication, database hosting, and storage)

Dodo Payments (payment processing and Pro access management)

Email service providers (transactional emails only)

Cloud hosting infrastructure providers

All service providers are bound by data protection agreements and are prohibited from using your data for any other purpose.

Business Transfers:

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our Service before your information is transferred and becomes subject to a different privacy policy.

Legal Requirements:

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas). We will notify you of such requests unless prohibited by law.

Protection of Rights:

We may disclose your information to:

Enforce our Terms of Service and policies

Investigate potential violations

Protect against legal liability

Detect, prevent, or address fraud or security issues

With Your Consent:

We may share your information with third parties when you explicitly consent, such as integrations with job boards or applicant tracking systems (future features).

We DO NOT:

Sell your personal data to data brokers

Share your resume content with recruiters without permission

Provide your information to advertisers for targeting

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

Active Accounts:

Your data is retained while your account remains active

Resume content and versions are stored indefinitely until deletion

Chat history is retained for service improvement

Deleted Accounts:

Personal information is deleted within 30 days of account closure

Backups may retain data for up to 90 days for disaster recovery

Some information may be retained longer for legal compliance

Payment and Billing Records:

Transaction records retained for 7 years (tax and accounting requirements)

Purchase history retained for dispute resolution

Anonymized Data:

Aggregated, anonymized analytics retained indefinitely

De-identified data used for AI model training

Security Logs:

Authentication logs retained for 1 year

Security incident logs retained for 3 years

You can request deletion of your data at any time by contacting us at privacy@applyleft.com.

7. Data Security

We implement comprehensive security measures to protect your information from unauthorized access, alteration, disclosure, or destruction.

Technical Safeguards:

TLS/HTTPS encryption for all data in transit

AES encryption for sensitive data at rest

Industry-standard password hashing (bcrypt with salt)

Row-level security (RLS) policies in our database

Regular security audits and penetration testing

Web Application Firewall (WAF) protection

DDoS mitigation and rate limiting

Organizational Safeguards:

Access controls and role-based permissions

Employee training on data protection

Confidentiality agreements with all staff and contractors

Regular security awareness training

Incident response and breach notification procedures

Infrastructure Security:

Multi-factor authentication for administrative access

Automated security updates and patches

Regular backups with encryption

Geographically distributed data centers

24/7 security monitoring

Despite our best efforts, no security system is impenetrable. We cannot guarantee the absolute security of your data. In the event of a data breach, we will:

Notify affected users within 72 hours of discovery

Report to relevant authorities as required by law

Take immediate steps to contain and remediate the breach

Provide guidance on protective measures you can take

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

Universal Rights (All Users):

Access: Request a copy of your personal data

Correction: Update inaccurate or incomplete information

Deletion: Request deletion of your personal data

Export: Download your data in a machine-readable format

Opt-out: Unsubscribe from marketing communications

Additional Rights (GDPR - EEA, UK):

Right to object to processing based on legitimate interests

Right to restrict processing in certain circumstances

Right to data portability in a structured, commonly used format

Right to withdraw consent at any time

Right to lodge a complaint with a supervisory authority

Additional Rights (CCPA - California):

Right to know what personal information is collected

Right to know if personal information is sold or disclosed

Right to say no to the sale of personal information (Note: We do not sell data)

Right to equal service and price (no discrimination for exercising rights)

How to Exercise Your Rights:

1. Email us at privacy@applyleft.com with your request

2. Use the data export feature in your account settings

3. Contact our support team through the dashboard

We will respond to all requests within 30 days (or as required by applicable law). For security purposes, we may need to verify your identity before processing your request.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and analyze usage patterns.

Types of Cookies We Use:

Essential Cookies (Always Active):

Authentication tokens (required for login)

Session management cookies

Security cookies (CSRF protection)

Load balancing cookies

Functional Cookies (Opt-out Available):

User preference storage (theme, language)

Feature flags and A/B testing

Usage tracking for feature improvement

Analytics Cookies (Opt-out Available):

Page view and navigation tracking

Feature usage statistics

Error and performance monitoring

User flow analysis

We DO NOT use:

Third-party advertising cookies

Cross-site tracking cookies

Social media tracking pixels

Cookie Management:

You can control cookies through:

Your browser settings (block all non-essential cookies)

Our cookie consent banner (opt-out of analytics)

Account settings (disable optional tracking)

Note: Disabling essential cookies will prevent you from using certain features of the Service.

10. International Data Transfers

ApplyLeft is operated from the United States. If you access our Service from outside the US, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

These countries may have different data protection laws than your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place:

Safeguards for International Transfers:

Standard Contractual Clauses (SCCs) approved by the European Commission

Data Processing Agreements with all third-party processors

Adequate level of protection as required by GDPR and other regulations

Binding corporate rules where applicable

For EEA, UK, and Swiss Users:

We comply with the EU-US Data Privacy Framework principles and implement appropriate technical and organizational measures to ensure your data receives adequate protection when transferred outside the EEA.

Countries Where Data May Be Processed:

United States (primary hosting)

European Union (backup and CDN)

Other regions as required for service delivery

By using ApplyLeft, you acknowledge and consent to the transfer of your information to countries outside your country of residence.

11. Children's Privacy

ApplyLeft is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at privacy@applyleft.com. We will take steps to delete such information from our systems.

Age Verification:

By creating an account, you represent that you are:

At least 18 years old, or

The age of majority in your jurisdiction if higher than 18

We reserve the right to request proof of age and to terminate accounts that do not meet these requirements.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Your California Rights:

1. Right to Know: Request disclosure of personal information collected, used, disclosed, and sold

2. Right to Delete: Request deletion of personal information

3. Right to Opt-Out: Opt out of sale of personal information (Note: We do not sell personal information)

4. Right to Correct: Request correction of inaccurate personal information

5. Right to Limit: Limit use and disclosure of sensitive personal information

6. Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights

Categories of Personal Information We Collect:

Identifiers (name, email, IP address)

Professional information (resume content, work history)

Commercial information (subscription and payment history)

Internet activity (usage data, browsing behavior)

Geolocation data (approximate location from IP)

We DO NOT sell your personal information. We do not share it for cross-context behavioral advertising.

To exercise your California rights:

Email: privacy@applyleft.com

Subject line: "California Privacy Rights Request"

Include: Your name, email, and specific request

We will verify your identity and respond within 45 days.

Authorized Agents:

You may designate an authorized agent to make requests on your behalf. The agent must provide proof of authorization.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have specific rights under the General Data Protection Regulation (GDPR).

Your GDPR Rights:

1. Right of Access: Obtain confirmation of data processing and access to your data

2. Right to Rectification: Correct inaccurate or incomplete personal data

3. Right to Erasure ("Right to be Forgotten"): Request deletion of your data

4. Right to Restriction of Processing: Limit how we use your data

5. Right to Data Portability: Receive your data in a structured, machine-readable format

6. Right to Object: Object to processing based on legitimate interests

7. Right to Withdraw Consent: Withdraw consent for consent-based processing

8. Right to Lodge a Complaint: File a complaint with your local supervisory authority

Data Protection Officer:

For GDPR-related inquiries, contact our Data Protection Officer:

Email: dpo@applyleft.com

Response time: Within 30 days

Supervisory Authority:

You have the right to lodge a complaint with your local data protection authority. A list of EU supervisory authorities is available at: https://edpb.europa.eu/about-edpb/board/members_en

Legal Basis for Processing:

We process your data based on:

Performance of contract (providing the Service)

Legitimate interests (service improvement, security)

Consent (marketing, optional features)

Legal obligation (compliance with laws)

14. Third-Party Links and Services

Our Service may contain links to third-party websites, services, or integrations that are not operated by us. This Privacy Policy does not apply to third-party services.

Third-Party Services We Use:

Supabase: Authentication and database hosting (Privacy: https://supabase.com/privacy)

Dodo Payments: Payment processing (Privacy: https://dodopayments.com/privacy)

Google OAuth: Authentication (Privacy: https://policies.google.com/privacy)

GitHub OAuth: Authentication (Privacy: https://docs.github.com/en/site-policy/privacy-policies)

When you interact with third-party services:

You are subject to their privacy policies and terms

We have no control over their data practices

We are not responsible for their content or privacy practices

We recommend reviewing the privacy policies of any third-party services before providing your information.

OAuth Permissions:

When you use OAuth (Google, GitHub), we only request:

Your email address for authentication

Your name and profile picture (optional, for display)

We do not access or store your passwords for third-party services.

15. Do Not Track Signals

Some web browsers have a "Do Not Track" (DNT) feature that signals to websites you visit that you do not want to have your online activity tracked.

Because there is not yet a common understanding of how to interpret DNT signals, ApplyLeft does not currently respond to web browser DNT signals. Instead, we offer you choices about data collection through our cookie settings and account preferences.

You can control tracking through:

Browser settings (disable cookies)

Cookie consent preferences in your account

Opt-out of analytics tracking

We will update this policy if industry standards for DNT are established.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You of Changes:

Update the "Last Updated" date at the top of this policy

Post the new policy on this page

Send email notification for material changes

Display an in-app notification upon your next login

Material vs. Non-Material Changes:

Material Changes (require notice):

New purposes for data collection or use

Changes to data sharing practices

Reduction in your privacy rights

Changes to data retention periods

Non-Material Changes (no notice required):

Clarifications of existing practices

Contact information updates

Formatting or organizational changes

Your Consent:

By continuing to use ApplyLeft after changes take effect, you accept the updated Privacy Policy. If you do not agree with the changes, you should stop using the Service and request account deletion.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

17. Contact Us and Data Protection Officer

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General Privacy Inquiries:

Email: privacy@applyleft.com

Response time: Within 5 business days

Data Protection Officer (GDPR):

Email: dpo@applyleft.com

Response time: Within 30 days (as required by GDPR)

Customer Support:

Email: support@applyleft.com

Support portal: https://applyleft.com/support

Legal Department:

Email: legal@applyleft.com

For legal notices and data requests from authorities

When contacting us, please include:

Your full name and email address associated with your account

A clear description of your request or concern

Any relevant documentation (for access or deletion requests)

We are committed to resolving your privacy concerns and will work with you to address any issues promptly and transparently.