← Back to Aplio

Privacy Policy

Last updated: 5 March 2026

1. Who we are

Aplio (“we”, “us”, “our”) is an AI-powered job application assistant. We are based in New Zealand. If you have any questions about this policy, contact us at hello@aplio.app.

2. Information we collect

We collect the following categories of data:

  • Google account information — your name and email address, obtained when you sign in with Google. We do not store your Google password.
  • Gmail access — with your explicit consent, we read emails from job boards (e.g. Seek recommendation emails) to surface relevant jobs, and send cover letter emails on your behalf. We read only what is necessary for these features and do not store the content of your emails on our servers beyond the current session.
  • Profile data — information you enter into your Aplio profile: name, current role, employer, skills, career summary, location, phone, and email address. This is stored in our database to pre-fill your applications.
  • Application data — job titles, company names, generated cover letters, and reply tracking data associated with applications you create.
  • Usage data — standard web server logs (IP address, browser type, pages visited, timestamps). We use this for security and debugging only.

3. How we use your information

  • To provide and improve the Aplio service
  • To generate tailored cover letters and CV content using AI (Anthropic Claude)
  • To send emails from your Gmail account on your behalf when you click “Send”
  • To track application replies and surface job recommendations from your inbox
  • To enforce fair-use limits and, if applicable, manage your subscription
  • To contact you about service updates or account matters

We do not sell your personal information to third parties. We do not use your data for advertising.

4. Third-party services

We share data with the following third-party processors to operate the service:

  • Google (OAuth & Gmail API) — authentication and Gmail access. Governed by Google’s Privacy Policy.
  • Anthropic — AI generation of cover letters and CV content. Your job description and profile data are sent to Anthropic’s API to generate text. Anthropic does not use API inputs to train models by default.
  • Neon / PostgreSQL — cloud database hosting for your profile and application data.
  • Vercel — cloud hosting and serverless compute.
  • Stripe — payment processing for Pro subscriptions. We do not store your card details; they are handled directly by Stripe.

5. Data retention

We retain your profile and application data for as long as your account is active. If you request deletion of your account, we will delete all personal data within 30 days, except where we are required to retain it for legal or accounting purposes.

6. Your rights

Under applicable privacy law (including the New Zealand Privacy Act 2020 and, where applicable, the GDPR), you have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Request deletion of your data
  • Withdraw consent for Gmail access at any time via your Google Account permissions
  • Lodge a complaint with your local privacy regulator

To exercise any of these rights, email us at hello@aplio.app.

7. Security

We use HTTPS for all data in transit. Access tokens are stored in encrypted, server-side sessions and are never exposed to the browser. We limit access to your data to what is strictly necessary to provide the service.

8. Changes to this policy

We may update this policy from time to time. When we do, we will update the “Last updated” date at the top of this page. Continued use of Aplio after changes are posted constitutes acceptance of the updated policy.

9. Contact

Questions or requests regarding this policy: hello@aplio.app

Terms of ServiceBack to Aplio