Privacy Policy

Last updated: March 31, 2026

This Privacy Policy explains how Bear Tech LLC ("we", "us", "our") collects, uses, and protects your information when you use CleanDeploy at cleandeploy.io. We believe in keeping things transparent — especially for a product built by engineers, for engineers.

1. Information We Collect

Account information: When you sign up, we collect your name and email address through our authentication provider, Clerk. If you sign in with Google or GitHub, we receive the profile information you authorize.

Application tracking data: Any information you enter into the CRM tracker — companies, roles, contacts, interview notes, and application status — is stored to provide the service. This is your data and you control what you enter.

Resume data: If you use the resume builder, the information you provide (work history, skills, education) is used solely to generate your resume. Uploaded resume files are parsed in your browser — the original file binary is never sent to our servers. By default, the parsed text is held in memory only for the current browser session and is discarded when you close the tab. If you choose Save as default resume, the parsed text plus lightweight metadata (filename, type, size, save date, last-used date) is stored in your account in our database for up to 1 year so you can reuse it across the Resume Builder, Apply Kit, and CRM tools without re-uploading. You can delete your saved default resume from your dashboard at any time, which removes it immediately. Job-specific tailored resumes you save in the Application Tracker are stored separately as part of your CRM data.

Payment information: Billing is handled entirely by Stripe. We do not store credit card numbers, bank details, or other payment credentials. We receive only a Stripe customer ID and subscription status.

Usage data: We collect basic usage information such as pages visited and features used to improve the product. We do not use third-party advertising trackers.

2. How We Use Your Information

We use the information we collect to provide and improve CleanDeploy, process payments, communicate service updates, and respond to support requests. We do not sell your personal information. We do not use your data for advertising. We do not share your CRM data, resume content, or interview notes with employers or any third party.

3. AI-Powered Features

CleanDeploy uses AI models (via OpenRouter) to generate interview prep plans, cover letters, negotiation scripts, and resume suggestions. When you use these features, relevant context (such as the job role and company name from your CRM entry) is sent to the AI provider to generate a response. We do not send your full CRM database or personal account details to AI providers. AI-generated outputs are returned directly to you and are not stored by the AI provider for training purposes, per our data processing agreements.

4. Data Storage and Security

CRM data is stored in Upstash Redis (encrypted at rest, TLS in transit) and also cached in your browser's localStorage for offline access. Your browser's localStorage data never leaves your device unless you trigger a sync.

Authentication is managed by Clerk, which handles password hashing, session tokens, and multi-factor authentication independently from our application code.

Payments are processed by Stripe under PCI-DSS compliance. We never see or store your full card number.

We use HTTPS across the entire platform. API endpoints enforce authentication and rate limiting.

5. Cookies and Local Storage

CleanDeploy uses cookies set by Clerk for authentication sessions. We use browser localStorage to cache your CRM data for fast loading and offline access. We do not use advertising cookies or third-party tracking cookies. You can clear localStorage at any time through your browser settings, though this will require a re-sync of your CRM data on next login.

6. Third-Party Services

We use the following third-party services to operate CleanDeploy:

Each service processes data according to their own privacy policies. We select providers with strong privacy and security practices.

7. Job Listing Data

Job listings displayed on CleanDeploy are aggregated from third-party sources (Remotive, RemoteOK, Adzuna, Himalayas, Jobicy). We do not control the content of these listings. Clicking on a job link may take you to an external site with its own privacy policy.

8. Data Retention

Your CRM data is retained as long as your account is active. If you delete your account, we will remove your CRM data from our servers within 30 days. Stripe retains payment records as required by financial regulations. Clerk retains account data per their retention policy, which you can review at clerk.com/privacy.

9. Your Rights

You can export your CRM data at any time using the built-in export feature. You can delete your account through your account settings. You can request a copy of all data we hold about you by emailing us. If you are in the EU/EEA, you have rights under GDPR including access, rectification, erasure, and data portability. If you are a California resident, you have rights under CCPA including the right to know, delete, and opt out of data sales (we do not sell data).

10. Children's Privacy

CleanDeploy is designed for professional use by adults. We do not knowingly collect information from anyone under the age of 16. If we learn that we have collected data from a child under 16, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or in-app notification. The "Last updated" date at the top of this page reflects the most recent revision.

12. Contact

For privacy questions or data requests, contact us at legal@cleandeploy.io or cleandeploy.io@gmail.com.