ResuMatch - Privacy Policy

Last updated: April 2026

ResuMatch is a Chrome extension that analyses job descriptions against your resume. Your privacy matters. This policy explains what data we collect, how we use it, and how we protect it.

Data We Collect

On signup (one-time):

Name and email address - collected when you first open the extension. Used only to send product updates and communicate with early users. Stored in a Google Sheet accessible only to the developer.
Use case selection - your reason for using the extension (e.g., job search, ATS check). Used to improve the product.

Stored locally on your device only:

API keys - your Grok and/or Gemini API keys are stored in Chrome's local storage on your device. They are never sent to any server other than the respective API providers (xAI for Grok, Google for Gemini).
Resume text - your pasted or uploaded resume content is stored locally via chrome.storage.local. It is only sent to the AI provider you configured (Grok or Gemini) for analysis and is not stored on any server we control.

Data We Do NOT Collect

We do not collect or store the job descriptions you analyse.
We do not collect browsing history, cookies, or any page content beyond the active tab when you click "Analyse".
We do not track your usage, clicks, or behaviour within the extension.
We do not sell, share, or monetise any user data.

Third-Party Services

The extension sends data to third-party APIs only when you initiate an analysis:

xAI (Grok API) - if you use a Grok API key, your resume text and the job description are sent to xAI's API for analysis. Subject to xAI's Terms of Service.
Google (Gemini API) - if you use a Gemini API key, the same data is sent to Google's Gemini API. Subject to Google's API Terms.
GOV.UK - the extension downloads the publicly available UK Register of Licensed Sponsors CSV to check visa sponsorship status. No personal data is sent to GOV.UK.
Google Forms - your name, email, and use case selection are submitted to a Google Form on signup.

Data Storage and Security

All user data (resumes, API keys) is stored locally on your device using Chrome's storage API.
No backend server, no database, no cloud storage is used by this extension.
API keys are transmitted directly from your browser to the API provider over HTTPS.
You can delete all stored data at any time by removing the extension from Chrome.

Your Rights

You can request deletion of your signup data (name and email) at any time by emailing us.
You can remove all locally stored data by uninstalling the extension.
You can use the extension without providing a real name or email if you prefer.

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be reflected on this page with an updated date.

Contact
For any privacy-related questions or data deletion requests:
Email: m.umairshah366@gmail.com
Developer: Umair Shah