Who we are
nojobnolife (“nojobnolife”, “we”, “us”, “our”) runs an online service that helps job seekers find roles, tailor their CV to each one, identify the right people to contact at a company, and draft and send outreach. This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, and the choices and rights you have.
We are the data controller for the personal data described here. nojobnolife operates from France and is governed by EU and French data-protection law — the General Data Protection Regulation (GDPR) and the French Data Protection Act — alongside the US state privacy laws set out below. For any privacy question, or to exercise your rights, email hello@nojobnolife.com.
Who and what this policy covers
This policy applies to nojobnolife.com, our web application and related services (together, the “Service”). It covers people who visit the site or join our waitlist, registered users, and people whose business contact details are processed because a user is reaching out to them. Our use of the Service is also governed by our Terms of Service, Cookie Policy and Acceptable Use Policy. Separate, additional terms apply to our referral (“Champions”) programme.
Information we collect
Information you give us
- Waitlist details — your email address, and optionally your name, phone or WhatsApp number, country, school or university, graduation year, and short answers about your job search (how many roles you apply to, how you track outreach today, what you find hardest, and what you would be willing to pay).
- Account details — when you sign in, your name, email address and profile photo from your Google account, plus any settings and preferences you configure.
- Your CV and profile — the CV, work history, education, skills and other career information you upload or enter so the Service can score roles and tailor applications for you.
- Outreach content — the job descriptions you add, and the emails and documents the Service drafts for you and that you choose to send.
- Payment details — if you buy a paid plan, billing is handled by our payment processor, Stripe. We receive confirmation of payment and limited billing metadata; we do not receive or store your full card number.
- Support and other messages — anything you send us by email or other channels.
Information we collect automatically
- Device and connection data — your IP address, the approximate country derived from it, and your browser and device type.
- Usage data — the pages and features you use, the actions you take and when, collected through an EU-hosted product-analytics provider and lightweight cookieless traffic measurement.
- Error and diagnostic data — crash and error reports collected by an error-monitoring service that help us keep the Service working.
- Cookies and similar technologies — see our Cookie Policy for the full list and how to control them.
Information from third parties
- Google — if you sign in with Google or connect Gmail, Google provides your basic profile and the access needed for the features you enable (see “Google user data” below).
- Contact-discovery providers — to help you reach the right person at a company, the Service looks up publicly available, business-related contact information (such as a name, job title, employer and professional email address) using third-party providers.
Information about people you contact
A core feature of the Service is helping you identify and email the right person at a target company — for example a hiring manager or recruiter. To do this we process limited business-contact information about those individuals, typically their name, job title, employer and professional email address. We rely on legitimate interests as the legal basis, balanced against the rights and interests of those individuals. Anyone can ask us to access or delete the contact data we hold about them by emailing hello@nojobnolife.com, and we will honour that request. Users are responsible for using this feature lawfully — see our Acceptable Use Policy.
How we use your information, and our legal bases
Under the GDPR we must have a legal basis for each use of your personal data. The table below sets out what we do and why.
| What we do | Legal basis (GDPR) |
|---|---|
| Run the waitlist and tell you when access opens | Consent, and our legitimate interest in running a beta |
| Provide the Service — score roles, tailor your CV, find contacts, draft and send outreach | Performance of our contract with you |
| Use AI to analyse job descriptions and your CV and to draft content | Performance of our contract with you |
| Send and track outreach through your connected email account, at your instruction | Performance of our contract with you |
| Process payments and prevent fraud | Performance of our contract, and legal obligation |
| Send you service and transactional emails | Performance of our contract, and legitimate interest |
| Measure and improve the Service with analytics | Consent for non-essential analytics, otherwise legitimate interest |
| Keep the Service secure and debug problems | Legitimate interest, and legal obligation |
| Comply with the law and enforce our terms | Legal obligation, and legitimate interest |
Where we rely on consent, you can withdraw it at any time without affecting processing already carried out. Where we rely on legitimate interests, you can object — see “Your rights” below.
Automated processing and AI
The Service uses AI models from a leading AI vendor to read job descriptions and your CV, score how well a role fits, suggest edits, and draft outreach emails and documents. These are suggestions: nothing is sent on your behalf without your involvement, and you stay in control of what is sent. We do not use this processing to make legal or similarly significant decisions about you by automated means alone, and our contract with the AI vendor prohibits the use of your data to train their general-purpose models.
Google user data (Gmail) and Limited Use
If you connect a Google account, the Service requests only the access needed for the features you turn on — for example, sending outreach emails from your account and detecting replies so it can track follow-ups. Your Google authorisation tokens are stored encrypted, and you can revoke our access at any time from your Google Account settings.
Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. In particular, we use Google user data only to provide and improve the features you ask for; we do not sell it; we do not use it for advertising; and we do not allow humans to read it except where you ask us to, where it is necessary for security or to comply with the law, or where the data has been aggregated and anonymised.
Who we share your information with
We do not sell your personal data. We share it only with the categories of service providers (“subprocessors”) that help us run the Service, and only as far as needed. Each is bound by contract to protect your data. The categories we use today are:
| Category of subprocessor | Purpose | Region |
|---|---|---|
| Authentication and database providers | Account sign-in, user data storage | EU / US |
| Cloud hosting (web and backend) | Serving the website and running the application | EU / US |
| Product analytics provider | Understanding feature usage | EU |
| Error and performance monitoring | Diagnosing crashes and bugs | US |
| AI model provider | Scoring roles, tailoring CVs, drafting outreach | US |
| Business contact-discovery providers | Surfacing publicly available business contact details | EU / US |
| Sign-in identity provider (Google) | Sign-in and Gmail sending / reply tracking, where you connect Gmail | US / global |
| Transactional email provider | Sending service and notification emails | EU / US |
| Payment processor (Stripe) | Card payments and billing | EU / US |
A current, named list of our subprocessors is available on request — email hello@nojobnolife.com. Regions are indicative and may include processing in more than one country. We may also disclose personal data where the law requires it, to enforce our terms, to protect rights, safety and security, or as part of a merger, acquisition or sale of assets — in which case we will tell you.
International data transfers
Some of our subprocessors are located outside the European Economic Area (EEA), including in the United States. When we transfer personal data outside the EEA, we rely on appropriate safeguards — typically the European Commission's Standard Contractual Clauses, or a provider's certification under an approved transfer framework. You can ask us for more detail at hello@nojobnolife.com.
How long we keep your data
We keep personal data only as long as we need it for the purposes above:
- Waitlist data — until access launches and you become a user, until you ask us to delete it, or until we decide not to proceed with the beta.
- Account and Service data — for as long as you have an account, and for a limited period afterwards.
- Contact data about outreach recipients — for as long as it is useful to the relevant outreach, or until the individual or the user asks us to delete it.
- Payment and legal records — for as long as the law requires, for example under tax and accounting rules.
- Analytics and logs — for a limited retention window.
When we no longer need data we delete or anonymise it. You can ask us to delete your data sooner at any time, and we confirm completed deletion requests in writing — normally within seven days.
How we protect your data
We use technical and organisational measures appropriate to the risk, including encryption in transit, encryption of sensitive credentials such as connected-email tokens, access controls, and reputable infrastructure providers. No system is perfectly secure, but we work to protect your data and, where a breach affects your rights, to notify you and the relevant authority as the law requires.
Your rights in the EEA and UK
If you are in the EEA or the UK, you have the right to:
- Access — get a copy of the personal data we hold about you.
- Rectification — correct inaccurate or incomplete data.
- Erasure — ask us to delete your data (the “right to be forgotten”).
- Restriction — ask us to limit how we use your data.
- Portability — receive certain data in a portable, machine-readable format.
- Objection — object to processing based on legitimate interests, and to any direct marketing.
- Withdraw consent — where we rely on consent, withdraw it at any time.
To exercise any of these, email hello@nojobnolife.com. We respond within the time the law allows, normally one month. You also have the right to complain to your local supervisory authority; in France this is the CNIL (cnil.fr).
Your rights in California and other US states
If you are a California resident, the CCPA/CPRA gives you the right to know what personal information we collect and how we use and disclose it, to access and delete it, to correct inaccurate information, and to be free from discrimination for exercising these rights.
We do not sell your personal information, and we do not share it for cross-context behavioural advertising — so there is no “Do Not Sell or Share” action to take. You can still exercise the rights above by emailing hello@nojobnolife.com. Residents of other US states with privacy laws — including Virginia, Colorado, Connecticut, Utah and Texas — have similar rights, which we honour on the same basis.
You may use an authorised agent to make a request. We will verify your identity before acting, usually by confirming control of the email address on your account.
Children
The Service is not intended for children. You must be at least 16 years old to join the waitlist or use the Service. We do not knowingly collect personal data from anyone under 16. If you believe a child has given us their data, email hello@nojobnolife.com and we will delete it.
Changes to this policy
We may update this policy as the Service evolves or the law changes. When we make material changes we will update the date at the top of this page and, where appropriate, notify you. Your continued use of the Service after an update means you accept the revised policy.
How to contact us
For any privacy question, or to exercise your rights, email hello@nojobnolife.com. We are the controller responsible for your personal data and will do our best to resolve any concern before you approach a regulator.
We are a small team building in the open. As nojobnolife is formally incorporated, we will add our registered company details and a French legal notice (mentions légales) to this page.