Privacy Policy

Last updated: January 1, 2026

1. Introduction

ATSNinja ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our resume analysis service. This policy applies to all users worldwide and complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.

By using ATSNinja, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of our service.

2. Information We Collect

We collect information that you provide directly to us and information automatically collected when you use our service:

2.1 Information You Provide

  • Account Information: Email address, name, and password (if you create an account)
  • Resume Files: PDF or DOCX files you upload for analysis
  • Job Descriptions: Text you provide for tailored resume analysis
  • Profile Information: Career stage, industry, and other optional profile details
  • Payment Information: Processed through Stripe (we do not store credit card details)

2.2 Automatically Collected Information

  • Analytics Data: Page views, button clicks, and service usage patterns (collected via Umami Analytics)
  • Technical Data: IP address, browser type, device information, operating system
  • Authentication Data: OAuth tokens if you sign in with Google
  • Cookies: Session cookies for authentication and service functionality

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To analyze your resume, generate ATS compatibility scores, and provide recommendations
  • Payment Processing: To process your purchase of full analysis reports through Stripe
  • Account Management: To create and manage your account, including OAuth authentication
  • Service Improvement: To improve our AI algorithms, user experience, and service features
  • Analytics: To understand how users interact with our service and identify areas for improvement
  • Communication: To send analysis results, service updates, and respond to inquiries
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Security: To detect, prevent, and address technical issues, fraud, and security threats

4. Data Storage and Retention

Data Location: Your data is stored on servers operated by Contabo GmbH in Germany (European Union). This ensures compliance with GDPR requirements for data protection.

Retention Periods:

  • Resume Files: Automatically deleted 24 hours after upload
  • Analysis Results: Retained for the lifetime of your account or until you request deletion
  • Account Data: Retained until you delete your account
  • Payment Records: Retained for 7 years for tax and accounting purposes
  • Analytics Data: Aggregated and anonymized data retained indefinitely for service improvement

5. Data Sharing and Disclosure

We do not sell your personal information. We share information only in the following circumstances:

  • Service Providers: Stripe (payment processing), Google (OAuth authentication), Umami Analytics (privacy-focused analytics), OpenAI/Anthropic (AI analysis)
  • Legal Requirements: When required by law, court order, or legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Protection: To protect our rights, property, safety, or that of our users

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption: All data transmitted between your browser and our servers is encrypted using TLS/SSL
  • Secure Storage: Data at rest is stored on secure servers with access controls
  • Payment Security: Payment card information is handled entirely by Stripe (PCI DSS Level 1 certified) and never touches our servers
  • Access Controls: Strict access controls limit who can access your data
  • Regular Audits: Security practices are regularly reviewed and updated
  • Automatic Deletion: Resume files are automatically deleted after 24 hours to minimize data retention

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

  • Essential Cookies: Required for authentication and core service functionality
  • Analytics Cookies: Umami Analytics (privacy-focused, no personal data collection, GDPR compliant)
  • OAuth Tokens: For secure Google authentication

We do NOT use advertising cookies, tracking pixels, or third-party advertising networks. You can control cookies through your browser settings, but disabling essential cookies may affect service functionality.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

8.1 GDPR Rights (EU/EEA Users)

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing of your data
  • Withdraw Consent: Withdraw consent at any time (does not affect prior processing)

8.2 CCPA Rights (California Residents)

  • Know: Request information about data collected, used, and shared
  • Delete: Request deletion of your personal information
  • Opt-Out: Opt-out of sale of personal information (we do not sell data)
  • Non-Discrimination: Equal service regardless of privacy choices

To exercise these rights, contact us at contact@atsninja.app. We will respond within 30 days.

9. International Data Transfers

Our servers are located in Germany (EU). If you access our service from outside the EU, your data will be transferred to and processed in the EU. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses (SCCs) where applicable.

10. Children's Privacy

ATSNinja is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete it.

11. Third-Party Services

We use the following third-party services:

  • Stripe: Payment processing (see Stripe's Privacy Policy)
  • Google OAuth: Authentication (see Google's Privacy Policy)
  • Umami Analytics: Privacy-focused analytics (no cookies, no personal data)
  • AI Providers: Resume analysis (data anonymized where possible)

These services have their own privacy policies. We are not responsible for their practices.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of our service after changes constitutes acceptance of the updated policy. We encourage you to review this page periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: contact@atsninja.app

For EU users, you also have the right to lodge a complaint with your local data protection authority.