Back to Login
Last updated: 6/12/2026

Privacy Policy

Your privacy is our priority. Learn how we collect, use, and protect your data.

1. Information We Collect

We collect information to provide and improve our services. The types of information we collect include:

  • Account information: name, email address, phone number, gender, and profile picture (provided during registration or via Google Sign-In).
  • Job preferences: preferred job positions, locations, and blocked positions that you configure.
  • Documents: CV/resume files (PDF) and email templates (HTML/TXT) that you upload to our platform.
  • Usage data: application history, daily quota usage, referral activities, and interaction logs.
  • Payment information: transaction records processed by Midtrans (we do not store your credit card or banking details directly).
  • Technical data: IP address, browser type, device information, and cookies for authentication and analytics.

Data Security

We implement industry-standard security measures to protect your data, including HTTPS encryption for all data in transit, HttpOnly secure cookies for authentication tokens, and commercially acceptable storage practices to prevent unauthorized access, disclosure, loss, or modification. Access to user data is restricted to authorized personnel only.

2. Google User Data

When you sign in with Google, Mailezz requests access to specific Google services. This section explains exactly what data we access and how we use it.

Scopes We Request

  • openid, email, profile — Used for authentication and to display your name, email, and profile picture in the app.

How We Use Google Data

  • We use your Google profile information (name, email, profile picture) only for account creation, display within the app, and communication with you.
  • We store your Google OAuth refresh token securely on our server solely to maintain your authenticated session.

No AI/ML Training on Google Data

Mailezz does NOT use any data obtained from Google APIs for developing, improving, or training generalized artificial intelligence or machine learning models.

Limited Use Disclosure

Mailezz's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google user data for the purposes described in this privacy policy — authenticating your account.
  • We do not transfer Google user data to third parties, except as necessary to provide or improve the service (e.g., backend server processing), with explicit user consent, for security purposes (e.g., investigating abuse), or to comply with applicable laws.
  • We do not use Google user data to serve advertisements.
  • We do not allow humans to read Google user data unless: (a) you have given explicit consent, (b) it is necessary for security purposes such as investigating abuse, (c) it is necessary to comply with applicable law, or (d) the data is aggregated and anonymized for internal operations.

Revoking Google Access

You can revoke Mailezz's access to your Google account at any time by visiting your Google Account security settings at https://myaccount.google.com/permissions. You can also delete your Mailezz account through the Settings page, which will remove all stored data including your Google OAuth tokens.

Google API Services User Data Policy

3. How We Use Your Information

  • To provide, maintain, and improve our services.
  • To send job application emails and create drafts on your behalf (via Gmail API).
  • To personalize your experience, including matching job vacancies to your preferences.
  • To process payments and manage your subscription/membership tier.
  • To communicate with you about service updates, security alerts, and support requests.
  • To prevent fraud, abuse, and ensure platform integrity (including the Scam Checker feature).
  • To generate aggregated, anonymized analytics to improve the service.

4. Data Sharing & Third Parties

We do not sell your personal information. We may share your data only in these limited circumstances:

  • Payment processing: Transaction data is shared with Midtrans for payment processing. Midtrans has its own privacy policy governing their use of this data.
  • Legal compliance: We may disclose your data if required by law, legal process, or government request.
  • Service protection: We may share data to protect the rights, property, or safety of Mailezz, our users, or the public.
  • With your consent: We may share data with third parties when you explicitly authorize us to do so.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. Specifically:

  • Account data: Retained until you delete your account.
  • Application history and email logs: Retained for the lifetime of your account to provide activity tracking.
  • Uploaded documents (CV, templates): Retained until you replace or delete them, or until you delete your account.
  • Google OAuth tokens: Retained until you revoke access or delete your account.
  • Payment records: Retained as required by applicable tax and financial regulations.

Account Deletion

When you delete your account, all personal data, uploaded documents, preferences, and OAuth tokens are permanently removed from our systems within 30 days. Some anonymized, aggregated data may be retained for analytics purposes.

6. Your Rights

You have the following rights regarding your personal data:

  • Access: You can view your personal data through the Dashboard → Profile section at any time.
  • Correction: You can update your personal information through the Dashboard → Profile → Personal Data page.
  • Deletion: You can delete your account and all associated data through the Dashboard → Settings → General page.
  • Data Portability: You can request a copy of your data by contacting us at [email protected].
  • Revoke Consent: You can revoke Google access at any time via https://myaccount.google.com/permissions.
  • Withdraw from Service: You can stop using the service and delete your account at any time without penalty.

7. Cookies & Local Storage

We use cookies and similar technologies for:

  • Authentication: Session cookies to keep you logged in (HttpOnly, Secure).
  • Preferences: Storing your language preference and theme (dark/light mode).
  • Security: CSRF protection and fraud prevention.

We do not use third-party tracking cookies or advertising cookies.

8. Children's Privacy

Mailezz is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy, how we handle your data, or wish to exercise your data rights, please contact us at [email protected].