JobFit Privacy Policy

Effective date: 2026-04-09
Publisher: sanghyun-io
Contact: ppkimsanh@gmail.com

JobFit is a Chrome extension that analyzes supported job posting pages and compares them with a user-saved profile. JobFit offers both local analysis (on-device) and optional premium AI-powered analysis (server-based). This policy explains what JobFit reads, what it stores, how it uses that information, and what choices users have.

1. What JobFit does

JobFit reads supported job posting pages in the browser, normalizes the posting into a consistent structure, and displays an on-page analysis panel and local fit score. The extension also provides an options page where users can save profile preferences such as target roles, skills, domains, regions, and remote-work preferences.

Premium features (optional): Users may purchase credits to access AI-powered analysis. When a user initiates a Quick Analysis or Deep Dive, the job posting data and user profile are sent to our server, which forwards the analysis request to OpenAI. The AI-generated insights are returned to the extension for display. These premium features are entirely opt-in and require explicit user action.

As of this policy's effective date, JobFit uses the following job-site host-permission domains from the extension manifest: linkedin.com, indeed.com, indeed.co.uk, indeed.ca, glassdoor.com, wellfound.com, ziprecruiter.com, greenhouse.io, jobs.lever.co, myworkdayjobs.com, wd1.myworkday.com, wd3.myworkday.com, wd5.myworkday.com, wanted.co.kr, jobkorea.co.kr, saramin.co.kr, incruit.com, jumpit.co.kr, careers.kakao.com, teamblind.com, peoplenjob.com, rocketpunch.com, recruit.navercorp.com, notion.so, notion.site, and about.daangn.com. JobFit also requests api.gamja.top only for extension-initiated API requests, not for content script injection. This list may change in future versions of the extension.

2. Information JobFit reads

JobFit's content script is loaded on pages within the supported job-site domains listed above. On each page load, JobFit reads the page URL and may inspect limited page metadata or page structure to determine whether the page is a recognized job posting.

On supported job posting pages, JobFit may read:

  • Page URL, job title, company name
  • Location, workplace type, employment type
  • Salary information when present
  • Apply method and application URL
  • Requirements, qualifications, skills, and technologies
  • Job description content needed for extraction and scoring

JobFit may also store user-entered information from the options page:

  • Target roles, skills, domains, years of experience
  • Summary text, preferred regions, remote-work and language preference

3. How JobFit uses information

Local features (no data leaves the device):

  • Detect supported job posting pages
  • Extract normalized job fields
  • Compute a local fit score against the saved profile
  • Render the in-page diagnostics panel

Premium AI analysis (user-initiated only):

  • Send job posting data and user profile to our API server for AI-powered analysis
  • Our server forwards the request to OpenAI to generate insights
  • Return the AI-generated results to the extension for display

Anonymous analytics (opt-in only):

  • If the user opts in, aggregate usage statistics (feature counts, not personal data) may be sent to our server
  • No personally identifiable information is collected
  • Users can opt out at any time from the extension settings

Parser health telemetry (opt-in only, shares the same toggle as analytics):

  • When the user opts in, each time the extension parses a supported job posting it reports:
    • the adapter id (e.g. linkedin, greenhouse)
    • whether parsing succeeded or failed
    • how many structured fields were extracted (counts only, never the values)
    • the domain name (e.g. linkedin.com) — never the full URL
    • the extension version
  • The payload contains no URLs, no job posting content, and no device or user identifiers.
  • Purpose: detect broken adapters across the fleet without accessing user data.
  • Retention: 30 days, after which reports are automatically deleted.
  • Users can opt out at any time from the extension settings — the same toggle as anonymous analytics.

4. Where information is stored

On-device: User profile and analysis snapshots are stored in chrome.storage.local.

Server-side (premium users only): Account ID, license key hash, credit balance, and usage metadata. The server does not persistently store job postings, user profiles, or AI results.

5. Data transmitted to third parties

  • OpenAI — for premium AI analysis (user-initiated only)
  • Lemon Squeezy — for payment processing (user-initiated only)

JobFit does not include third-party analytics, advertising, or tracking libraries in its extension runtime.

6. Sharing and selling

JobFit does not sell user data. Data is shared with OpenAI and Lemon Squeezy solely to provide the services described above.

7. Retention and deletion

On-device data persists until the user clears it or removes the extension. Server-side data is retained while the account is active. Contact us to request deletion.

8. Security

On-device data uses Chrome's extension storage API. Server communication uses HTTPS. License keys are stored as cryptographic hashes.

9. Chrome Web Store limited use disclosure

JobFit complies with CWS Limited Use requirements: single purpose, no selling, necessary transfers only, no creditworthiness use.

10. Permissions

  • storage — save user profile and analysis locally
  • host permissions — load content scripts on supported job-site domains and contact the JobFit API server
  • activeTab — access the active tab when the popup is opened

11. Children's privacy

JobFit is not directed to children under 13.

12. Changes to this policy

Updates will be posted at this URL with a revised effective date.

13. Contact

Questions? Contact: ppkimsanh@gmail.com