Introduction and scope

This Privacy Policy explains how Accomplish.dev ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use our platform Accomplish.dev at https://accomplish.dev/. This policy provides transparent information about how your data is processed, including when and how it is sent to third-party providers.

By using Accomplish.dev, you agree to the data practices described in this policy.

Information we collect

We collect several types of information to provide and improve our Developer Career OS platform:

Account and Profile Information: We collect your name, email address, password (encrypted), and optional profile details including work experience, educational background, professional skills, career goals, and resume documents (PDF uploads).

Work Activity Data: We collect information about your professional activities in the form of work log entries and task descriptions, project information and organization, time tracking data across projects, git commit references and pull request links, code snippets and technical solutions, tags and categories you create, and CLI command interactions when using our command-line interface.

Job Search Information: When you use our job application tracking features, we collect job application details (company names, positions, application dates), job descriptions and requirements (imported or manually entered), interview notes and stage progression information, cover letters you generate or upload, and supporting documents you upload.

Technical and Usage Data: We automatically collect certain technical information including IP address, browser type and version, device information and operating system, pages visited and features used, timestamps and session duration, referring URLs, and error logs and diagnostic data.

Git Integration Data: If you connect git repositories, we collect repository metadata, commit history references, pull request information, and branch and project structure data. We do not access or store your actual source code unless you explicitly store code snippets using our snippet organization feature.

Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to maintain session state, remember user preferences, analyze usage patterns, and ensure security. You can control cookies through your browser settings, though disabling cookies may limit certain features.

How we use artificial intelligence

Accomplish.dev uses large language models (LLMs) from Google Gemini, Anthropic Claude, and Mistral AI to power key features of our platform. Understanding when and how your data is sent to these AI providers is essential to making informed decisions about using our service.

AI providers we use

We use the following third-party AI service providers:

• Google Gemini API (privacy policy)
• Anthropic Claude API (privacy policy)
• Mistral AI API (privacy policy)

We use AI providers for text generation, content analysis, document summarization, and AI-powered insights. Your data is processed and encrypted in-transit according to modern security standards. How your data is handled by each provider is governed by their terms of service and privacy policies.

Automatic AI processing for embeddings

To enable semantic search and intelligent content organization across your work logs, projects, and documents, we automatically generate text embeddings for content you create within Accomplish.dev. This processing happens automatically in the background without additional user action.

What are embeddings? Embeddings are mathematical representations (numerical vectors) that capture the semantic meaning of text. They allow our AI to understand the meaning and context of your content, enabling powerful search capabilities that find relevant information even when exact keywords don't match.

When embeddings are created: Embeddings are automatically generated when you create or update work log entries, save project descriptions, add tags or notes, or upload and store documents within the platform. This automatic processing enables core search and organizational features.

What data is processed: The text content you create (work descriptions, notes, project details) is sent to our AI providers to generate embeddings. Before sending data for embedding generation, we apply data minimization techniques to remove unnecessary identifiers and limit context to the content itself rather than metadata.

How embeddings are stored: The resulting numerical vectors are stored in our secure vector database infrastructure. Embeddings inherit the same access controls as your original content, are encrypted at rest using AES-256 encryption, and are automatically deleted when you delete the source content.

Legal basis: We process data for embedding generation based on our interest in providing you with enhanced search and organizational features that are core to our service's value proposition. This processing is essential for delivering the intelligent, AI-powered career management tools you expect from Accomplish.dev.

User-triggered AI processing

Unlike automatic embedding generation, certain AI features only process your data when you explicitly choose to activate them. You have complete control over whether and when these features access your information.

Cover Letter Generation: When you click "Generate Cover Letter" or similar buttons, we send your profile information (work experience, skills, education), the specific job description for the application, and any additional context you provide to our AI providers (Google Gemini, Anthropic Claude, or Mistral AI depending on service availability). The AI generates personalized cover letter drafts based on this information. You can edit cover letters before use.

Job Posting Extraction: When you paste a job posting URL and request automated extraction, we fetch the job posting content and send it to our AI providers to parse and structure the information (job title, company, requirements, responsibilities, etc.). This eliminates manual data entry for job applications.

Application Insights: When you request AI-powered insights on your job applications, we send relevant application data (your profile, job description, application status) to our AI providers to generate personalized recommendations for improving your application materials or interview preparation.

AI Assistant Features: If you engage with conversational AI features or ask questions using our AI assistant, your queries and relevant context are sent to our AI providers to generate responses. Conversation history may be included to maintain context across multiple exchanges within a session.

Important: These features are entirely opt-in. AI processing only occurs when you actively click buttons, enable features, or make explicit requests. You can choose not to use these features while still accessing all other functionality of Accomplish.dev.

Data retention for AI processing

Different types of AI-processed data are retained for different periods:

Embeddings: Retained while the source content exists in your account. Automatically deleted within 24 hours after you delete source content.

User-triggered AI outputs: Cover letters and AI-generated content are stored in your account until you delete them. Job extraction results are stored as structured data in your applications.

Security and abuse monitoring logs: Limited log data may be retained for up to 1 year for security, fraud prevention, and abuse detection purposes.

How we use your information

Beyond AI processing, we use your information for the following purposes:

Service Delivery: To provide and maintain our Developer Career OS platform, enable work logging and project tracking features, facilitate job application management, process git integration data, deliver search and organizational features, and maintain your account and profile.

Communication: To send transactional emails (account notifications, security alerts), respond to your support requests and inquiries, send service updates and feature announcements, and provide educational content about using Accomplish.dev (you can opt out of non-essential emails).

Improvement and Analytics: To analyze usage patterns and improve our service, identify and fix technical issues, develop new features based on user needs, conduct research and analytics on aggregate usage trends, and ensure platform performance and reliability.

Security and Legal: To detect and prevent fraud and abuse, enforce our Terms of Service, comply with legal obligations and respond to legal requests, protect our rights and property, and ensure platform security and user safety.

Legal Basis for Processing (GDPR): For EU users, our legal bases for processing include contract performance (providing the service you signed up for), legitimate interests (service improvement, security, fraud prevention), consent (where we explicitly request it, such as for optional AI features or marketing), and legal obligations (compliance with applicable laws).

How we share your information

We share your information only in limited circumstances necessary to provide and improve our service:

AI Service Providers: As described in detail above, we share relevant content with Google Gemini, Anthropic Claude, and Mistral AI to provide AI-powered features. These providers act as data processors.

Infrastructure and Service Providers: We share information with trusted third-party service providers who assist in operating our platform including cloud hosting providers (infrastructure and data storage), authentication services (account security), payment processors (subscription billing - we do not store full credit card numbers), analytics providers (aggregate usage analysis), email service providers (transactional and notification emails), and monitoring and security tools (error tracking, threat detection). All service providers are bound by confidentiality obligations and data processing agreements. They may only process your data according to our instructions and for the specific purposes we authorize.

Business Transfers: If Accomplish.dev is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website before your information becomes subject to a different privacy policy.

Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities including to comply with subpoenas, court orders, or legal processes, to enforce our Terms of Service and other agreements, to protect the rights, property, or safety of Accomplish.dev, our users, or the public, or to investigate potential violations of law or our policies.

Aggregated and Anonymized Data: We may share aggregated, anonymized data that cannot reasonably be used to identify you with third parties for research, marketing, or analytics purposes. For example, we might share statistics about overall usage patterns or trends in developer career management.

With Your Consent: We may share your information with other third parties when you explicitly consent to such sharing.

Important: We do not sell your personal information to third parties. We do not share your information for cross-context behavioral advertising. We do not provide other Accomplish.dev users with access to your private data unless you explicitly share it (for example, by publishing a public profile if we offer such features in the future).

Data security measures

We implement comprehensive technical and organizational security measures to protect your information:

Encryption: All data transmitted between your device and our servers is encrypted using TLS 1.3 or higher. Data stored on our servers is encrypted at rest using AES-256 encryption. Database backups are encrypted using industry-standard encryption methods.

Access Controls: We implement role-based access control (RBAC) limiting employee access to data based on job requirements. Multi-factor authentication is required for all administrative access. We follow the principle of least privilege, granting only minimum necessary access.

Infrastructure Security: Our platform is hosted on enterprise-grade cloud infrastructure. We implement network segmentation and firewalls to isolate systems.

Application Security: We employ secure coding practices and regular code reviews. We conduct security testing as part of our development process. We implement protection against common vulnerabilities (SQL injection, XSS, CSRF). We sanitize user inputs and validate all data. We maintain an isolated testing environment separate from production.

Data Backup and Recovery: We maintain regular encrypted backups of your data. We test backup restoration procedures regularly. We have business continuity and disaster recovery plans in place.

While we implement strong security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the security of your account credentials and should use a strong, unique password.

Data retention and deletion

Active Account Data: We retain your account information, work logs, job applications, and other content for as long as your account remains active. This allows you to access your complete career history and continue using all features.

Closed Account Data: When you close your account, we begin the deletion process. Most personal data is deleted within 30 days. Some data may be retained for up to 90 days in backups. Certain data may be retained longer for legal, tax, or regulatory compliance purposes.

AI-Related Data: Embeddings generated from your content are deleted within 24 hours of source content deletion. Data sent to AI providers (Google, Anthropic, Mistral) is retained according to their policies.

Security and Legal Data: Security logs and fraud prevention data may be retained for up to 1 year. Data required for legal compliance, disputes, or regulatory requirements may be retained as legally necessary.

Anonymized Data: We may retain anonymized, aggregated data indefinitely for analytics and research purposes. This data cannot reasonably be used to identify you.

User Control: You can delete specific content at any time through your account settings (work logs, projects, applications, cover letters, code snippets). You can request complete account deletion by contacting us within the app. You can exercise data deletion rights under GDPR, CCPA, or other applicable privacy laws.

Your privacy rights and choices

Depending on your location, you may have specific privacy rights under applicable laws including GDPR (European Union), CCPA/CPRA (California), and other state privacy laws.

Rights available to all users

Access and Portability: You can access most of your information through your account dashboard. You can export your data in machine-readable formats (JSON, CSV). You can request a complete copy of your personal information by contacting us.

Correction: You can update your profile information, work logs, and other content directly through your account. You can request correction of inaccurate information by contacting us.

Deletion: You can delete specific content (work logs, projects, applications) through your account interface. You can request complete account deletion by contacting us within the app, which will remove your personal information within 30-90 days.

Opt-Out of Optional Features: You can choose not to use AI-powered features (cover letter generation, application insights) while retaining access to other functionality.

Communication Preferences: You can opt out of non-essential marketing emails through the unsubscribe link in any email or your account settings. You cannot opt out of essential service communications (security alerts, account notifications) while maintaining an active account.

How to exercise your rights

In-app Help: After logging in, look for a "?" (help) icon on the bottom left of the screen to access support options.

When submitting requests, please provide sufficient information to verify your identity and specify which right you wish to exercise. We will respond within the timeframes required by applicable law.

International data transfers

Accomplish.dev operates globally and may transfer your information to countries outside your residence, including Europe, where our primary infrastructure is located.

Cookies and tracking technologies

We use cookies and similar technologies to provide, protect, and improve our service.

Essential Cookies: Required for basic functionality including authentication and session management, security and fraud prevention, and load balancing and performance. These cookies cannot be disabled without severely impacting functionality.

Functional Cookies: Enhance user experience including remembering user preferences and settings, maintaining UI state across sessions, and enabling personalized features. You can control these through your browser settings.

Analytics Cookies: Help us understand how users interact with our platform including page views and feature usage, error tracking and debugging, and aggregate usage patterns and trends. We use analytics data only in anonymized, aggregated form.

Third-Party Cookies: We may use limited third-party cookies for authentication services (OAuth providers like Google, GitHub) and fraud prevention and security monitoring. We do not use cookies for cross-site behavioral advertising or tracking.

Your Control: Most browsers allow you to control cookies through settings. You can block or delete cookies, though this may limit certain features. You can opt out of analytics cookies through our cookie preferences or your browser settings.

Children's privacy

Accomplish.dev is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we discover we have collected information from a child under 18, we will delete it promptly.

Changes to this privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

Your Continued Use: Your continued use of Accomplish.dev after changes become effective constitutes acceptance of the updated Privacy Policy for new data processing activities.

Review: We encourage you to review this Privacy Policy periodically to stay informed about our data practices.

Contact information

For privacy questions, concerns, or to exercise your rights:

In-app Help: After logging in, look for a "?" (help) icon on the bottom left of the screen to access support options. Response Time: We aim to respond within 72 hours for general inquiries, 30 days for GDPR requests, and 45 days for CCPA requests

We are committed to working with you to resolve any privacy concerns.

---

By using Accomplish.dev, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.