Privacy Policy for Flynner

This Privacy Policy explains how Flynner (“we”, “us”, or “our”) collects, uses, and protects your information when you use our website and services at flynner.dev (the “Service”). By using the Service, you agree to the collection and use of information as described here.

Account information

• Name and email address, used to create and secure your account and for account-related communication.
• Authentication data managed via our authentication provider (Supabase).

Job search data

• Applications, pipeline stages, notes, salary information, and recruiter contacts you add to the Service.
• Search queries and saved companies.

GitHub data (optional)

• If you connect GitHub, we access repository metadata (names, descriptions, languages, and READMEs) to match jobs to your stack and provide context for AI-generated cover letters.

Payment information

• Subscription and billing details are processed by Stripe. We do not store your card details on our servers.

Usage & device data

• IP address, browser type, device information, and pages visited, collected via cookies and similar technologies to keep the Service secure and improve performance.

We use the information we collect to:

• Provide, maintain, and improve the Service, including your application board, company research, and recruiter CRM;
• Generate AI-assisted cover letters grounded in the repositories and preferences you provide;
• Process subscription payments and manage your billing;
• Send account-related communications, such as confirmations, security alerts, and support responses;
• Monitor, debug, and secure the Service against abuse.

We share data with trusted service providers only as necessary to operate the Service. These providers are contractually obligated to protect your data and may only use it to provide services to us.

• Supabase — authentication and database hosting.
• Stripe — subscription billing and payment processing.
• GitHub — repository data, if you choose to connect your account.
• AI providers — process the content used to generate cover letters and writing suggestions.

We do not sell your personal data, and we do not share your job search data with employers, recruiters, or advertisers.

We retain your account and job search data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within a reasonable period, except where we are required to retain certain records (such as billing history) for legal or accounting purposes.

Depending on your location, you may have rights under data protection laws such as the GDPR, including the right to:

• Access the personal data we hold about you;
• Request correction of inaccurate data;
• Request deletion of your account and associated data;
• Export your data in a portable format;
• Object to or restrict certain processing of your data.

To exercise any of these rights, contact us using the details below. We will respond within a reasonable timeframe.

We use essential cookies to keep you signed in and to remember your preferences. We may also use analytics cookies to understand how the Service is used so we can improve it. You can control cookies through your browser settings, though disabling essential cookies may affect your ability to use the Service.

Flynner is not directed at children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.

We use industry-standard technical and organizational measures — including encryption in transit, access controls, and secure infrastructure providers — to protect your information. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Flynner is operated from the Netherlands. Your information may be processed by service providers located in other countries, including the United States. Where this happens, we rely on providers that offer appropriate safeguards for cross-border data transfers, such as standard contractual clauses.

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will post the updated policy on this page with a revised “Last updated” date, and for material changes we will make reasonable efforts to notify you by email.