Account data
What you give us when you sign up:
- Email address
- Password (stored as a bcrypt hash — we never see your plain-text password)
- If you sign in with Google: email + Google account ID via OAuth (no Google password)
PRIVACY POLICY
Your data, explained plainly.
AI Proposal Writer for Upwork is a Chrome extension that drafts Upwork proposals using Claude AI. This is what we collect, why we collect it, and what we don't touch.
01 / DATA WE COLLECT
Seven categories. That's it.
Each category exists for one specific purpose. None of it is sold or shared.
Profile data
Optional, used only to personalize proposals:
- Professional title and bio
- Skills list
- Past project descriptions
- Hourly rate and availability
Job data
Sent when you click Generate:
- Job title
- Job description text
- Budget and experience level
The full description is not retained — we keep only a 100-character title snippet so you can find the proposal in History.
Generated proposals
Stored so you can revisit them in History:
- The full proposal text we generated
- Tone, length, and AI model used
- Token counts (cost tracking)
- Optional fit-score result
- Timestamp
Usage data
Minimal logs for billing and abuse prevention:
- Number of proposals generated (quota enforcement)
- Plan-change history (signups, upgrades, cancellations, refunds, downgrades)
- Aggregate token counts per request
Billing data
References to your record at Polar (our payment processor):
- Polar customer ID and subscription ID
- Plan tier (FREE / PRO)
- Billing-period start / end
- Cancel-at-period-end flag
We never store card numbers, CVV, or billing addresses.
Diagnostic data
Attached only when you submit feedback via the in-app prompt:
- Browser user-agent (truncated to 200 chars)
- Current plan (FREE or PRO)
- Proposals generated this month
Used solely for product debugging. Never sold or shared.
02 / DATA WE DON'T COLLECT
What's off-limits.
If you've ever wondered if a Chrome extension is reading your other tabs — we're not.
NEVER COLLECTED
- Browsing history
- Upwork account credentials
- Full job descriptions after the proposal is generated
- Payment-card numbers, CVV, billing addresses
- Any data from pages outside Upwork job listings
03 / HOW WE USE DATA
One purpose per data type.
No secondary uses. No "data enrichment." No targeting.
| Data | Purpose |
|---|---|
| Authentication, password reset, plan-change notifications | |
| Profile | Personalize AI-generated proposals |
| Job description | Generate your proposal via Claude AI (not retained after response) |
| Generated proposals | Power the in-app History view so you can revisit past drafts |
| Usage counts | Enforce monthly plan limits, refund-eligibility checks |
| Polar IDs | Manage your subscription and show billing details |
04 / THIRD-PARTY SERVICES
Three vendors. Each with one job.
Anthropic generates the AI text, Polar takes payment, Google handles optional sign-in. That's the full list.
| Service | Purpose | Privacy Policy |
|---|---|---|
| Anthropic (Claude AI) | Proposal generation | anthropic.com/privacy |
| Polar | Payment processing (Merchant of Record) | polar.sh/legal/privacy |
| Optional sign-in via Google account | policies.google.com/privacy |
Job descriptions are transmitted to Anthropic's API to generate proposals. Anthropic's data handling is governed by their usage policy.
05 / DATA RETENTION
How long things stick around.
| Data type | Retention period |
|---|---|
| Account data | Until you delete your account |
| Profile data | Until you delete your account or clear your profile |
| Generated proposals | Until you delete the individual proposal or your account |
| Usage logs | 90 days |
| Plan-change history | Until you delete your account |
| Job descriptions | Not retained — only a 100-char title snippet is kept |
| Recent charges | Never stored — fetched live from Polar each time |
06 / YOUR RIGHTS
Three actions, no friction.
Access
Stored profile data is visible at any time from the extension settings.
Delete
Email support@approidtech.com and we'll wipe your account, profile, templates, history, and plan-change records.
Export
Templates can be exported as JSON from the Templates tab — yours to take with you.
07 / SECURITY
How we protect what we store.
Hashed passwords
Bcrypt with per-record salt. Even an unlikely database breach doesn't expose your password.
Short-lived tokens
API tokens are JWTs valid for 15 minutes, with rotating refresh tokens.
HTTPS everywhere
All transit is TLS. No data leaves your device unencrypted.
Restricted DB access
The database is reachable only from our backend servers — never the public internet.
08 / CHANGES
When this policy updates.
We will update this policy as the service evolves. Continued use of the Extension after changes are posted constitutes acceptance.
09 / CONTACT
Questions or deletion requests.
support@approidtech.com — every reply is from a human, usually within one business day.