Privacy Policy
Last updated: April 27, 2026
1. Introduction
ApplyFlow ("we", "our", "us") is a job application automation tool. We are committed to protecting your privacy. This policy explains how we handle your information when you use our service at applyflow.nayanapps.com.
2. Data We Access
When you sign in with Google, we request access to the following Google services:
- Google Sheets — To create and manage your application tracking spreadsheet
- Gmail (Send & Read) — To send application emails on your behalf and detect replies
- Google Drive — To store and attach your resume files
- Google Calendar — To create interview event reminders
- Profile Info — Your name, email, and profile picture for authentication
3. How Your Data Is Stored
Your data stays in YOUR Google account. We do not copy, store, or retain your emails, spreadsheets, resumes, or calendar events on our servers. All application data lives in a Google Sheet created in your own Google Drive.
Our server processes your requests in real-time using your OAuth tokens and does not persist any personal data beyond the authenticated session.
4. Authentication & Tokens
We use Google OAuth 2.0 for authentication. Your access tokens are used only during active sessions to interact with Google APIs on your behalf. We issue a JWT (JSON Web Token) stored in your browser's local storage for session management. We do not store your Google password.
5. AI Features
When you use AI-powered features (email generation, cover letters), your input (job title, company name, template text) is sent to Google Gemini or OpenAI APIs for processing. We do not store AI-generated content on our servers. These third-party AI providers have their own privacy policies.
6. Data Sharing
We do not sell, rent, or share your personal information with any third parties. Your data is only accessed through Google APIs with your explicit consent, and only for the functionality you use within ApplyFlow.
7. Data Deletion
Since all your data resides in your own Google account, you can delete it at any time by:
- Deleting the "ApplyFlow" spreadsheet from your Google Drive
- Revoking ApplyFlow's access at Google Account Permissions
8. Cookies & Local Storage
We use browser local storage to store your authentication token and theme preference. We do not use third-party tracking cookies or analytics services.
9. Security
All communication between your browser and our servers is encrypted via HTTPS. We use industry-standard OAuth 2.0 for authentication and JWT for session management.
10. Changes to This Policy
We may update this policy from time to time. Any changes will be reflected on this page with an updated "Last updated" date.
11. Contact
If you have questions about this privacy policy, please contact us at ramakrishna8.sunkara@gmail.com.