GHOSTER← Back

Privacy Policy

Last updated: May 5, 2026

1. Who we are

Ghoster (“we”, “us”, “our”) is a job application tracking platform operated at ghoster.app. We help job seekers track applications, detect employer ghosting, and tailor resumes using AI. Questions? Reach us at support@ghoster.app.

2. What we collect

Account information

Your name, email address, and password (hashed — we never store it in plain text) when you create an account. If you sign in with Google, we receive your name and email from Google.

Profile information

Optional: phone number, LinkedIn URL, and a master resume you upload. You can update or delete these at any time in Settings.

Job application data

Job titles, company names, application statuses, salary ranges, notes, and dates that you enter manually or save via the browser extension.

Resume content

When you use the Resume Tool, we temporarily store your resume text and tailored versions. Resume versions are automatically deleted after 90 days.

Gmail data (optional)

If you connect your Gmail account, we access your inbox to detect emails from employers and automatically update application statuses. We read only emails related to your tracked applications. We store the sender domain, the email subject line (up to 80 characters), the email date, and the detected status classification. We do not store email bodies. You can disconnect Gmail at any time in Settings.

Usage data

Standard server logs including IP address, browser type, and pages visited. We use this to operate and improve the service.

3. How we use your data

  • To provide and operate the Ghoster service
  • To automatically update application statuses based on emails you receive
  • To generate tailored resumes and cover letters using AI (your resume text is sent to our AI provider — see Section 5)
  • To calculate community ghosting scores by company domain (anonymised — only the domain and outcome are used, never your name or email)
  • To process subscription payments via Stripe
  • To send transactional emails (account confirmation, billing receipts). We do not send marketing emails without your explicit consent.

4. Community ghosting scores

When you track a job application, the company domain and final outcome (ghosted, replied, offered) may contribute to our community ghosting score database. This data is aggregated by domain only — no personally identifiable information is shared. Other users see aggregate percentages, not individual records. You can contact us to opt out of contributing to community scores.

5. Third-party services

Supabase — database and authentication infrastructure. Data is stored in EU-West (Ireland) by default. Supabase Privacy Policy

Vercel — hosting and serverless compute. Vercel Privacy Policy

Stripe — payment processing. We do not store your card details. Stripe Privacy Policy

Google — OAuth sign-in and optional Gmail integration. Your use of Google services is subject to Google's Privacy Policy.

Anthropic / OpenAI — AI providers used for resume tailoring and cover letter generation. Your resume text and job description are sent to these services to generate results. You may also bring your own API key in Settings, in which case your data goes directly to your chosen provider under your own account. Anthropic Privacy Policy

6. Data retention

  • Your account and application data is retained while your account is active
  • Resume versions are automatically deleted after 90 days
  • If you delete your account, all personal data is deleted within 30 days
  • Anonymised contribution to community ghosting scores may persist after account deletion

7. Your rights

Depending on where you live, you may have rights including:

  • Access to the personal data we hold about you
  • Correction of inaccurate data
  • Deletion of your account and associated data
  • Export of your data in a portable format
  • Objection to certain processing (e.g. community score contribution)

To exercise any of these rights, email support@ghoster.app. We will respond within 30 days.

8. Cookies

We use only functional cookies necessary to keep you signed in. We do not use advertising or tracking cookies. No cookie consent banner is required because we use no non-essential cookies.

9. Security

All data is transmitted over HTTPS. Passwords are hashed using industry-standard algorithms. We use row-level security on our database so users can only access their own data. Despite our efforts, no system is completely secure — please use a strong, unique password.

10. Children

Ghoster is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has created an account, contact us at support@ghoster.app.

11. Changes to this policy

We may update this policy from time to time. We will notify you by email or an in-app notice if changes are material. The “last updated” date at the top of this page always reflects the current version.

12. Contact

Ghoster — support@ghoster.app