TAILOR./ Privacy Policy

Privacy Policy

Last updated: 3 May 2026

The short version

  • Privacy by design. We collect only what’s needed to run the service.
  • We utilise AI technology and associated providers to process your CV and job description to generate your results, and nowhere else.
  • Your account email and saved sessions are stored with our database host (Supabase, EU region).
  • Subscription billing is handled by Stripe. We never see your card details.
  • You can download or delete everything we hold about you at any time, in two clicks, from your Account page.
  • We do not sell your data, share it for advertising or use it to train AI models.

1. Who we are

TAILOR is an AI-powered job application optimisation tool operated by EMJ Digital Solutions, a sole trader based in the United Kingdom. From a single job advert and your CV, the service produces a tailored CV, alignment report, cover letter, interview brief, company research and 30/60/90-day plan. References to “we”, “us” and “our” in this policy refer to that operator. Our service address is 61 Bridge Street, Kington, HR5 3DJ, United Kingdom. For privacy enquiries, contact us at privacy@tailor-get-noticed.com.

2. What data we collect and why

CV and job description text

When you paste or upload a CV and job description, this text is transmitted to our AI processing service to generate your tailored CV, alignment report, cover letter, interview brief, company research and 30/60/90-day plan. This is the core function of the service.

Legal basis: Performance of contract. Processing is necessary to deliver the service you have requested.

Account email

We store your email address so you can sign in via a passwordless one-time code. We do not store passwords. Your email is the only personal identifier we associate with your account.

Legal basis: Performance of contract.

Subscription and usage state

If you subscribe to a paid plan, we store your plan tier, current billing period dates, the number of analyses you’ve used in the current period and the customer / subscription identifiers issued by Stripe. We use these to grant access, enforce per-period caps and show you what you’ve used.

What we do not store: card numbers, CVCs or any other payment instrument data. Stripe handles all of that directly. See Section 3.

Legal basis: Performance of contract; legal obligation (tax / accounting records).

Saved sessions

When you save an analysis session, the full result (CV, alignment report, cover letter, interview brief, etc., including the source CV and job description text) is stored in our database, linked to your account. You can list, re-run or delete saved sessions at any time from inside the app, or remove them all at once by deleting your account.

Legal basis: Consent. You actively choose to save a session.

Referral relationships

If you sign up using a referral code, we record the link between you and the referrer (account IDs, status, timestamps) so we can apply the referral discount and credit. We do not store the referrer’s email or other personal information against your account.

Legal basis: Performance of contract.

Free-tier abuse signals

For unauthenticated free-tier usage, we may store a short-lived browser fingerprint and IP address to enforce reasonable per-device usage limits and detect abuse. This data is not linked to any account, is rolled over regularly and is used only for rate-limiting.

Legal basis: Legitimate interest. Preventing abuse of a free service.

Engagement signals (signed-in users)

Once you sign in, we record per-tab session timestamps, the pages you visit on TAILOR, the IP address you connect from and your browser’s User-Agent string (e.g. “Chrome on Mac”). This helps us see how the product is actually used, troubleshoot issues you report and detect suspicious activity on accounts.

Legal basis: Legitimate interest. Running, supporting and securing the service.

What we do not collect

  • No passwords (passwordless email auth only)
  • No card numbers or other payment instrument data. Stripe handles all of that
  • No tracking cookies, analytics scripts or advertising identifiers
  • No behavioural profiling or cross-site tracking
  • No use of your data to train AI models

3. Who we share your data with

We use a small number of third-party processors to run the service. We do not share your data with anyone else.

Anthropic, PBC

Provider of the Claude AI model used to process your CV and job description text.

Privacy policy

OpenAI, LLC

Alternative AI provider used when Anthropic is not configured. Only one provider processes any given request.

Privacy policy

Supabase Inc.

Hosts our authentication system and Postgres database. Your account email and saved sessions live here. We use the EU region (London / Frankfurt).

Privacy policy

Stripe Payments Europe Ltd.

Processes all subscription payments and the cancel / change-plan flow. Stripe receives your email and card details directly. These never touch our servers.

Privacy policy

Resend (Resend.com, Inc.)

Sends transactional email on our behalf: your sign-in code, account-deletion confirmations and referral-reward notifications. Receives the recipient email address and message contents.

Privacy policy

Railway Corp.

Hosts the TAILOR application servers (EU region, Amsterdam). Sees inbound HTTP requests as part of normal operation, including IP addresses for the duration of standard server logs (see Section 4).

Privacy policy

All providers above are bound by their own privacy policies and data processing agreements. Under the API terms applicable to this service, neither Anthropic nor OpenAI use your CV or job description text to train their models.

4. How long we retain your data

Account & profile: Retained until you delete your account from the Account page. On deletion, your profile, all saved sessions and any referral records are removed within minutes.

Saved sessions: Retained until you delete them individually from inside the app, or until you delete your account. We do not apply automatic expiry to paid users’ sessions.

Analysis results that aren’t saved: Not stored. The text is sent to the AI provider for processing and is not written to disk by TAILOR.

Subscription & payment records (with Stripe): Retained per Stripe’s own retention policy and for as long as required for UK tax and accounting law (typically up to 7 years for invoices and transaction records). Deleting your TAILOR account cancels any active subscription and removes the link from your profile, but Stripe’s underlying transaction records remain with Stripe.

Free-tier abuse signals: Rolling retention, kept no longer than 90 days.

Server access logs: Standard web server logs (including IP addresses) retained for up to 30 days for security and diagnostic purposes, then deleted automatically.

5. Your rights

Under UK GDPR, you have the following rights regarding your personal data. The most common ones can be exercised yourself, immediately, from the Account page:

Right of access / portability

Click “Download my data” on the Account page to get a JSON copy of everything we hold about you.

Right to erasure

Click “Delete my account” on the Account page. Cancels your subscription, removes your profile, sessions and referrals.

Right to rectification

Email us if any data we hold is inaccurate.

Right to object

Object to processing where we rely on legitimate interest (e.g. abuse signals).

Right to restrict

Ask us to pause processing of your data in certain circumstances.

Right to lodge a complaint

If you are unhappy with how we handle your data, you can complain to the UK Information Commissioner’s Office (ico.org.uk).

For any rights request you can’t self-serve from the Account page, contact us at privacy@tailor-get-noticed.com. We will respond within 30 days.

6. Cookies and tracking

TAILOR uses only what’s strictly necessary to make the service work:

  • ·Essential session cookies set by Supabase Auth, used to keep you signed in. These are first-party cookies, not used for tracking and expire automatically.
  • ·Stripe may set cookies on its own checkout pages (which load on stripe.com, not on our site). See Stripe’s privacy policy for details.

We do not use analytics scripts, advertising pixels, behavioural profiling or any cross-site tracking technology. Because we only set strictly necessary cookies, no consent banner is required under UK PECR.

7. Data security

We use HTTPS for all traffic in transit. Your account is protected by passwordless email-based authentication. We do not store passwords. Payment information is processed by Stripe and never reaches our servers. Saved sessions are stored in a managed Postgres database with Row Level Security policies that prevent any user from reading another user’s data. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. Children's privacy

TAILOR is intended for use by adults in a professional context. We do not knowingly collect data from anyone under the age of 16. If you believe a minor has submitted data through this service, please contact us and we will delete it promptly.

9. Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top of this page will reflect any changes. For material changes, we will additionally notify signed-in users by email. Continued use of the service after a change constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions or requests, please contact us at:

EMJ Digital Solutions

61 Bridge Street, Kington, HR5 3DJ, United Kingdom

privacy@tailor-get-noticed.com

← Back to TAILORTerms of Service

Last updated 3 May 2026