← Back to Home

Privacy Policy

Effective Date: May 9, 2026

Tsenta ("Tsenta," "we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our website, applications, and related services (the "Services").

This Policy applies to all Tsenta surfaces, including the dashboard.tsenta.com web app, the api.autojobs.me and api.tsenta.com APIs, the Tsenta browser extension, the Tsenta desktop application, and the Tsenta connector for third-party AI assistants (such as Claude via the Model Context Protocol).

By using Tsenta, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We may collect the following types of information:

(a) Information You Provide

  • Account details (name, email, password).
  • Resume(s), job application materials, and cover letters you upload.
  • Information entered into forms (job preferences, work history, etc.).

(b) Automatically Collected Information

  • Device information (operating system, browser, IP address).
  • Usage data (features accessed, clicks, application activity).
  • Log data for security and troubleshooting.

(c) Email Integration Data

If you grant us access to your email account:

  • We may temporarily process limited email content for the sole purpose of detecting and autofilling one-time passwords (OTPs).
  • We do not permanently store or analyze your full email contents.
  • Access is restricted to OTP-related messages and processed securely.
  • We do not read or store the contents of your personal emails beyond what is strictly necessary to detect OTP codes.

(d) AI-Generated Content

When you request AI assistance (e.g., resume tailoring, application question responses), we may process your input and return AI-generated output.

2. How We Use Information

We use your information to:

  • Provide and improve our Services.
  • Tailor your resume to job descriptions (on request).
  • Generate application question responses (on request).
  • Facilitate job searches and applications.
  • Detect and autofill OTP codes when email integration is enabled.
  • Communicate with you about updates, features, and support.
  • Monitor usage and ensure security.

We do not sell your personal information to third parties.

3. Sharing of Information

We may share information:

  • With service providers and subprocessors who help us operate (see the named list below).
  • With third-party job boards or applicant tracking systems (ATS) when you choose to apply through Tsenta.
  • For legal reasons, if required by law, court order, or to protect our rights.

We do not share email content, resumes, or applications with recruiters or employers unless you explicitly submit them through our platform.

Service Providers and Subprocessors

We rely on the following categories of third-party providers to deliver the Services. Each provider receives only the data necessary for its function and is contractually required to process it on our behalf in accordance with applicable law.

  • Hosting and infrastructure: Fly.io (application hosting and managed PostgreSQL), Cloudflare (CDN, DDoS protection, edge security).
  • Authentication: Firebase Authentication (Google) for user identity and session tokens.
  • AI and LLM providers: Anthropic (Claude) and OpenAI for resume tailoring, application question generation, job-fit reasoning, and AI-assistant connector usage.
  • Analytics and monitoring: PostHog (product analytics) and Sentry (error monitoring).
  • Email delivery and integration: Resend and Amazon Web Services (SES) for transactional email; Composio for OAuth-based read access to your Gmail or Outlook account when you enable email integration.
  • Payments: Dodo Payments for subscription, credit, and pack purchases.

We may add or change subprocessors as the Services evolve. A current list is available on request by emailing agnay@tsenta.com.

4. AI Usage and Connector Integrations

(a) AI Features Within Tsenta

  • Our AI features may process your resume, job descriptions, and application questions to generate tailored outputs.
  • You are responsible for reviewing AI-generated content before submitting it to employers.
  • We may use anonymized or aggregated data to improve our AI systems.
  • Inputs and outputs of AI features are processed by the LLM providers listed in Section 3 (currently Anthropic and OpenAI) under their respective privacy and data-processing terms.

(b) Third-Party AI Assistants and the Tsenta MCP Connector

Tsenta can be connected to third-party AI assistants such as Claude (Anthropic) using the Model Context Protocol (MCP). When you authorize such an integration through OAuth:

  • The AI assistant's provider receives the prompts you send in that assistant, the tool inputs the assistant passes to Tsenta on your behalf, and the tool outputs Tsenta returns (which may include your profile data, job listings, application status, and inbox messages).
  • That data is governed by the AI assistant provider's own privacy policy and data-processing terms in addition to this Policy.
  • We log connector activity (tool name, timestamps, OAuth client identifier) for analytics, abuse detection, and support.
  • You can revoke connector access at any time from your Tsenta account settings; revocation invalidates the connector's access and refresh tokens immediately.

Connecting Tsenta to a third-party AI assistant is optional. If you do not authorize an integration, no data flows to that assistant's provider through this channel.

5. Data Retention

  • We keep your data as long as your account is active.
  • You may delete your account at any time, which will remove your personal information from our active systems.
  • Some limited data may be retained as required by law or for legitimate business purposes (e.g., preventing fraud, resolving disputes).

6. Security

We use reasonable administrative, technical, and physical safeguards to protect your information.

For email integration, we use secure, limited-scope access (such as OAuth where available). We only process the minimum data required to detect OTP codes and do not retain full copies of your emails.

Reporting a vulnerability: if you believe you have found a security issue affecting Tsenta, please report it through our bug-bounty program at tsenta.com/bug-bounty. We investigate every report in good faith and ask that you give us a reasonable opportunity to remediate before public disclosure.

7. Your Rights

(a) General Rights

You can:

  • Access, edit, or delete your account information through your profile settings.
  • Opt out of non-essential communications.
  • Delete your account; we will delete your personal data from active systems within a reasonable period.
  • Revoke email access at any time in your account settings.

(b) Rights Under GDPR (EU/EEA Users)

If you are located in the European Union, you may have the following rights under the General Data Protection Regulation (GDPR):

  • Right to access the data we hold about you.
  • Right to request correction or deletion of your data.
  • Right to restrict or object to processing.
  • Right to data portability.
  • Right to withdraw consent for email integration.

To exercise these rights, contact us at agnay@tsenta.com

(c) Rights Under CCPA / CPRA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):

  • Right to know what categories of personal information we collect, the sources of that information, the purposes for which we use it, and the categories of third parties we share it with (all described in Sections 1 through 4 of this Policy).
  • Right to access a copy of the personal information we hold about you.
  • Right to request deletion of your personal information.
  • Right to correct inaccurate personal information.
  • Right to limit the use and disclosure of sensitive personal information.
  • Right to opt out of the "sale" or "sharing" of your personal information. We do not sell your personal information and do not share it for cross-context behavioral advertising.
  • Right to non-discrimination for exercising any of these rights.

To exercise any of these rights, email agnay@tsenta.com. We will verify your request using account-based authentication and respond within the timeframes required by law.

8. Cookies and Tracking

Tsenta uses cookies and similar technologies to operate the Services and understand how they are used:

  • Strictly necessary: session cookies that keep you signed in, CSRF-protection tokens, and load-balancing cookies set by our infrastructure provider (Cloudflare). These cannot be disabled without breaking the Services.
  • Analytics: first-party analytics events captured via PostHog so we can understand feature usage and reliability. PostHog is configured for privacy-respecting capture (no third-party advertising cookies).
  • Error monitoring: Sentry may set short-lived identifiers to correlate client errors with backend logs.

We do not use third-party advertising cookies and do not participate in cross-context behavioral advertising networks. Most browsers let you block or delete cookies; doing so may affect Tsenta's functionality.

9. Children's Privacy

Tsenta is not directed to children under the age of 13 (or under 16 in the EU/EEA), and we do not knowingly collect personal information from such children. If you believe we have collected information from a child below the applicable age, please email agnay@tsenta.com and we will delete it promptly.

If you have any questions about this Privacy Policy, please contact us at agnay@tsenta.com