Legal

Privacy Policy

Effective date: June 4, 2026

Overview

Cover Me (“we”, “our”, or “us”) is an open-source Chrome extension that generates tailored cover letters from job postings using your resume and an AI model. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that data.

Cover Me operates in two distinct modes with fundamentally different data handling characteristics:

  • BYOK (Bring Your Own Key) — free, unlimited. You supply your own Claude or OpenAI API key. Your resume, API key, and cover letter history are stored exclusively on your device in encrypted local storage. No account is required and no data is sent to our servers.
  • Hosted (Free & Pro). You create an account. Your resume is encrypted and stored on our backend. Cover letter generation is handled by our server-side proxy using our API key. Pro subscribers are billed through Stripe.

Where this policy applies differently by mode, it is clearly noted.

Information We Collect

Information you provide directly

  • Resume text. When you upload a PDF or DOCX file, text is extracted client-side on your device. The raw binary file is never stored or transmitted. In BYOK mode, the extracted text is stored only in your browser's local storage. In Hosted mode, the extracted text is transmitted to our server over HTTPS and stored in an encrypted database.
  • Account credentials (Hosted mode only). Your email address and password are used to create and authenticate your account, managed by Supabase Auth. Passwords are hashed using bcrypt and are never stored in plaintext.
  • API keys (BYOK mode only). Your Claude or OpenAI API key is encrypted on your device using AES-256-GCM via the Web Crypto API before being written to local storage. It is decrypted only at the moment of an API call and immediately discarded from memory. It is never transmitted to our servers, logged, or included in error messages.

Information collected automatically

  • Job posting data. When you activate the extension on a job posting, the extension reads the page content of the active tab (job title, company name, and job description) solely to generate your cover letter. This data is processed transiently — it is passed to the AI model and then discarded. It is not logged, stored on our servers, or used for any purpose beyond generating your cover letter.
  • Cover letter history. Generated cover letters are saved locally in your browser storage (BYOK and Hosted Free modes) or synced to our encrypted backend (Hosted Pro mode) for cross-device access.
  • Authentication session tokens (Hosted mode only). A JWT access token and refresh token are stored in your browser's local storage to maintain your session. These tokens are transmitted to our backend with each generation request to authenticate you.
  • Usage count (Hosted Free mode only). We record the number of cover letters generated per day per account for the purpose of enforcing the 10 letters/day free tier limit. Only the count is stored — no content or metadata about individual letters is recorded server-side for Free users.
  • Billing information (Pro subscribers only). If you subscribe to Cover Me Pro, your payment is processed by Stripe. We store only your Stripe Customer ID and subscription status in our database. Full payment details (card numbers, CVV, etc.) are never transmitted to or stored by our servers.

Information we do NOT collect

  • We do not track your browsing history or the URLs of pages you visit.
  • We do not collect analytics, telemetry, or usage metrics.
  • We do not use cookies for tracking or advertising.
  • We do not collect any data from tabs other than the active job posting tab, and only when you explicitly activate the extension.
  • We do not sell, rent, or trade your data to any third party.

How We Use Your Information

We use the information we collect exclusively to provide the Cover Me service:

  • To generate tailored cover letters by combining your resume text with the job posting data you activate the extension on.
  • To authenticate you and maintain your session (Hosted mode).
  • To enforce the daily generation limit for Free tier accounts (Hosted mode).
  • To sync your cover letter history across devices (Pro mode only).
  • To process subscription billing through Stripe (Pro mode only).
  • To respond to support requests you initiate by contacting us directly.

We do not use your data for advertising, profiling, training AI models, or any purpose beyond what is listed above.

Chrome Extension Permissions

The following section details every permission declared in Cover Me's manifest.json, why it is necessary, and exactly how it is used. No permission is requested beyond what is strictly required to deliver the extension's single stated purpose: generating cover letters from job postings.

Declared permissions

storage
Why it is needed: The extension must persist user data between browser sessions and popup opens/closes. Without storage access, settings, resume text, API keys, cover letter history, and auth session tokens would be lost every time the popup is closed.

Exactly how it is used:
  • Stores user settings (AI provider, mode selection) in chrome.storage.local
  • Stores the AES-GCM encrypted API key (BYOK mode) in chrome.storage.local
  • Stores extracted resume text (BYOK mode) in chrome.storage.local
  • Stores cover letter history in chrome.storage.local
  • Stores JWT session tokens (Hosted mode) in chrome.storage.local

chrome.storage.sync is deliberately never used to avoid any cloud synchronisation of sensitive data. All storage is local to your device.
activeTab
Why it is needed: To generate a cover letter from a job posting, the extension must read the content of the job posting page. The activeTab permission grants temporary access to the current tab only, and only when the user explicitly activates the extension by clicking the toolbar icon or the Generate button. Without this permission, the extension cannot read job posting content.

Exactly how it is used: When you click “Generate”, the service worker uses chrome.tabs.query({active: true, currentWindow: true}) to identify the active tab, then sends a message to the content script running on that tab to extract the job title, company name, and job description. The tab URL is used solely to identify the job board and route to the correct scraper. Page content is processed in memory and not retained after the cover letter is generated.
scripting
Why it is needed: The scripting permission is required to register and manage the content scripts that read job posting pages. Content scripts for LinkedIn, Indeed, Greenhouse, Lever, Workday, Ashby, and a generic fallback are injected into job posting pages to locate and extract the job description from each site's unique HTML structure.

Exactly how it is used: Content scripts are declared statically in manifest.json and are only activated by explicit user action (clicking Generate). Scripts read the page's DOM to locate job title, company, and description elements. No scripts are loaded from remote URLs — all code is bundled in the extension package.
tabs⚠ Chrome shows: “Read your browsing history
Why Chrome shows this warning: Chrome displays “Read your browsing history” for the tabs permission because the API can theoretically access tab URLs. Cover Me's actual use is far narrower.

Why it is needed: The service worker uses chrome.tabs.query({active: true, currentWindow: true}) to retrieve the tab ID of the current tab so it can send a message to the content script running on that specific tab. Without the tab ID, the service worker cannot target the correct content script to scrape job data.

What we do NOT do: We do not enumerate, store, or transmit the URLs or titles of any tabs. We do not monitor tab activity. We do not access any tab other than the one that is active at the moment you click Generate. No browsing history is collected or recorded at any point.

Why a narrower alternative is not feasible: The activeTab permission alone does not expose the tab.id property to the service worker context; tabs is required to query and retrieve the active tab object including its ID in the background service worker.

Host permissions

Host permissions allow the extension to make network requests to specific domains. Cover Me requests the minimum set of domains required for each operating mode.

https://api.anthropic.com/*
Used by: BYOK mode only (when you select Claude as your AI provider and supply your own API key).

Why it is needed: In BYOK mode, the service worker calls the Anthropic Claude API directly from your browser using your own API key to generate cover letters. The request contains your API key (in the Authorization header), the job description, and your resume text. No Cover Me server is involved — the request goes directly from your browser to Anthropic.

Not used in Hosted mode.
https://api.openai.com/*
Used by: BYOK mode only (when you select OpenAI as your AI provider and supply your own API key).

Why it is needed: Same rationale as the Anthropic permission above — direct browser-to-OpenAI API calls using your own key in BYOK mode.

Not used in Hosted mode.
https://*.supabase.co/*
Used by: Hosted mode only.

Why it is needed: In Hosted mode, the extension communicates with our Supabase backend for three purposes:
  • Authentication — signing in, signing up, and refreshing JWT session tokens via the Supabase Auth API.
  • Cover letter generation — sending the job data and session token to our backend Edge Function, which retrieves your encrypted resume, calls the Claude API with our key, and returns the generated letter.
  • Resume sync — uploading your resume text to encrypted backend storage when you sign in, so it is available to the backend proxy.

Not used in BYOK mode.

Data Storage & Security

On-device storage (all modes)

  • All on-device data is stored in chrome.storage.local — never in chrome.storage.sync, cookies, or localStorage.
  • API keys (BYOK mode) are encrypted with AES-256-GCM using a key derived via the Web Crypto API before being written to storage. The plaintext key exists in memory only for the duration of a single API call.
  • Resume text and cover letter history are stored unencrypted in local storage (BYOK mode) since they never leave your device.

Server-side storage (Hosted mode only)

  • Resume text is encrypted with AES-256-GCM before being stored in our Supabase Postgres database. The encryption key is derived from a server-side secret. Plaintext resume text is never persisted to disk.
  • Generated cover letters (Pro mode) are encrypted with AES-256-GCM before storage.
  • All data in transit is protected by TLS 1.2 or higher (enforced by Supabase and Vercel).
  • Database access is protected by Supabase Row-Level Security policies. Users can only access their own data rows.
  • The Supabase service-role key (which bypasses RLS) is used only server-side in webhook handlers and is never exposed to clients.

Third-Party Services

Cover Me integrates with the following third-party services. Each service receives only the data necessary for its function.

AnthropicPrivacy Policy ↗

When used: BYOK mode (Claude provider) and Hosted mode (our key)

Data received: Your resume text and the job posting data. In BYOK mode, requests are made with your own API key and are subject to your agreement with Anthropic. In Hosted mode, requests are made with our key.

OpenAIPrivacy Policy ↗

When used: BYOK mode only (OpenAI provider)

Data received: Your resume text and the job posting data, using your own API key. Requests are subject to your agreement with OpenAI.

SupabasePrivacy Policy ↗

When used: Hosted mode only

Data received: Email address, hashed password, encrypted resume text, encrypted cover letters (Pro), session tokens, and usage counts. Supabase hosts our authentication system and database.

StripePrivacy Policy ↗

When used: Pro subscribers only

Data received: Payment information (card details, billing address). Stripe processes all payments; we receive only a customer ID and subscription status. We never see or store your raw card details.

VercelPrivacy Policy ↗

When used: All users who visit the web dashboard

Data received: Standard web server access logs (IP address, browser, requested URL) for the dashboard at covermeweb.com. Vercel hosts our Next.js web application.

Data Retention

  • BYOK mode: All data resides on your device. You can delete it at any time by removing the extension or clearing extension storage in Chrome settings. We hold no copy of it.
  • Hosted account data: Your account, resume, and cover letter history are retained for as long as your account is active. You may request deletion at any time by contacting us at lincolnlaylor@gmail.com. We will permanently delete all your data within 30 days of a verified deletion request.
  • Usage count records: Daily generation counts are deleted after 90 days.
  • Stripe billing records: Stripe retains transaction records as required by financial regulations. We cannot delete data held directly by Stripe.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of all data we hold about you.
  • Correction: Request correction of inaccurate data.
  • Deletion: Request permanent deletion of your account and all associated data.
  • Portability: Request your data in a machine-readable format.
  • Objection: Object to processing of your data.
  • Restriction: Request restriction of processing while a dispute is resolved.

To exercise any of these rights, email lincolnlaylor@gmail.com. We will respond within 30 days. We may need to verify your identity before processing a request.

Limited Use Statement

Cover Me's use of information received from Chrome extension APIs, browser storage, and user-provided data is limited to the practices disclosed in this Privacy Policy. Specifically:

  • Data collected is used solely to provide and improve the cover letter generation feature you have explicitly requested.
  • We do not use data to develop, improve, or train AI or machine learning models other than passing it transiently to third-party AI APIs (Anthropic/OpenAI) in real time as part of the generation request.
  • We do not use data for personalised advertising or retargeting of any kind.
  • We do not sell or transfer user data to third parties for purposes unrelated to providing the Cover Me service.
  • We do not allow humans to read user-generated content (resumes, cover letters, job postings) except with explicit user consent, for security and fraud prevention, to meet legal obligations, or in aggregate anonymised form.
  • We do not use data to determine creditworthiness or for lending decisions.

The use of information received from Chrome extension APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

Children's Privacy

Cover Me is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. For material changes, we will notify Hosted mode users via email. Continued use of Cover Me after a policy change constitutes acceptance of the updated policy.

Because Cover Me is open source, all historical versions of this policy are visible in the public GitHub repository commit history.

Contact

If you have any questions about this Privacy Policy, wish to exercise your data rights, or want to report a security concern, please contact:

Lincoln Laylor

Developer, Cover Me

lincolnlaylor@gmail.com

Cover Me is open-source software released under the MIT License. The source code is available at github.com/TheLinc/cover-me.