Last updated 16 June 2026

Privacy Policy

Ryser is built privacy-first. This policy explains what we collect, why, the legal basis we rely on, and the choices you have. In plain terms: your CV and applications live on your device by default, we only store what we need to provide the service, and we never sell your personal data.

1. Data you provide

  • Profile & CV content — the master CV, skills, preferences, and the jobs you save. By default this is stored only in your browser (local storage). If you create an account, you may opt into cloud sync so it's available across devices. Legal basis: performance of a contract (delivering the Service you've asked for).
  • Account data — if you sign up, your email and authentication details (handled by our auth provider, Supabase). Legal basis: performance of a contract.
  • Billing data — if you subscribe to Pro, payments are processed by Stripe. We never see or store your full card details. Legal basis: performance of a contract.
  • Job-digest emails — if you sign up for weekly job alerts from a jobs page (no account required), we store your email and your chosen industry/region to send those emails, confirmed via a double opt-in link. Legal basis: your consent — withdraw it anytime with the one-click unsubscribe link in every email.

2. How AI generation works

To tailor a CV, write a cover letter, or produce insights, the relevant text from your profile and the chosen job is sent to our AI providers (which may include Cerebras, Groq, Google, and OpenRouter) to generate the result. This content is used to fulfil your request and is subject to those providers' terms. We do not use your content to train our own models.

3. Job search

When you search for roles, a search query derived from your profile is sent to job-board APIs (such as Adzuna, Reed, Jooble, Careerjet, USAJobs, and others) to return matching listings. We don't share your identity with those boards.

4. International data transfers

Some of the providers we use to run Ryser — including our AI providers (Cerebras, Groq, Google, OpenRouter), Supabase, and Stripe — process data outside the UK/EEA, principally in the United States. Where that applies, we rely on the provider's Standard Contractual Clauses (or an equivalent recognised safeguard) to protect your data in transit and at rest.

5. Analytics & cookies

We use only essential cookies by default. Privacy-friendly product analytics (PostHog) run only if you accept, via the cookie banner, and you can decline with no loss of functionality. We don't use advertising trackers.

6. Your rights & choices

  • Export — download your profile and applications as JSON at any time.
  • Delete — clear all local data from your device, and delete your account and synced data if you have one.
  • You can try Ryser without an account; a free account is required to continue after a few generations.
  • Complain— if you're unhappy with how we've handled your data, you can lodge a complaint with your local data protection authority (in the UK, the ICO).

7. Data retention & security

Local data persists until you clear it. Account data is retained while your account is active and is deleted immediately when you delete your account. Job-digest emails are retained until you unsubscribe or ask us to delete them. See our Security & data page for more on how we protect information.

8. Contact

Questions or requests about your data? Email privacy@ryserapp.com.

Your data stays yours. Start free — no card required.

Get started