Ajusta
    Sign InGet Your Free ATS Score

    Security at Ajusta

    Your resume contains sensitive personal and professional information. Here is how we protect it.

    Encryption

    • In transit: All data is transmitted over HTTPS with TLS 1.2+ encryption. This applies to the web application, Chrome extension, and all API communications.
    • At rest: Resume files stored in Azure Blob Storage use AES-256 encryption. Database records in Azure Cosmos DB are encrypted at rest using Microsoft-managed keys.
    • During processing: Resume content sent to AI models for optimization is transmitted over encrypted channels within the Azure network. No data is stored by the AI providers beyond the processing window.

    Infrastructure

    • Cloud provider: Ajusta runs on Microsoft Azure, which maintains SOC 2, ISO 27001, and GDPR compliance certifications.
    • Authentication: User accounts are secured via Google OAuth 2.0 or email-based authentication with hashed passwords. Session tokens are short-lived and rotated regularly.
    • Access controls: Production systems use role-based access control. Only authorized personnel can access infrastructure, and all access is logged.

    AI Processing and Data Use

    This is the part most people care about, and rightly so. Here is our commitment:

    • No training on your data: We do not use your resume content to train, fine-tune, or improve any AI models. This applies to both our own systems and the third-party AI services we use (Azure OpenAI).
    • Processing only: Your resume content is sent to AI models solely to generate optimization suggestions for your current request. It is not retained by AI providers after processing.
    • Azure data processing agreements: Our AI processing runs through Azure AI services, which are governed by Microsoft's data processing agreements that prohibit using customer data for model improvement.

    Data Retention and Deletion

    • You can delete individual resumes from your account at any time.
    • You can delete your entire account through settings, which triggers permanent removal of all your data within 30 days.
    • We do not retain backup copies of deleted data beyond the 30-day deletion window.
    • Optimization history and application tracking data is deleted alongside your account.

    Chrome Extension Security

    The Ajusta Chrome Extension follows the principle of least privilege:

    • It only activates when you explicitly click the extension icon on a job posting page.
    • It reads only the job description text on the current tab. It does not access your browsing history, other tabs, or any other data.
    • It does not run in the background or track your activity.
    • All communication between the extension and Ajusta servers is encrypted over HTTPS.

    Reporting Security Issues

    If you discover a security vulnerability, please report it to security@ajusta.ai. We take all reports seriously and will respond within 48 hours.

    Related Policies