JobCap Browser Extension

The JobCap browser extension only accesses page content on the supported ATS domains listed in its Chrome Web Store permissions (Workday, SAP SuccessFactors, Taleo, iCIMS, Greenhouse, Lever, Ashby). It never reads or transmits any other page you visit.

On those pages it reads form field labels and submits filled-field metadata (not the values themselves) to the JobCap backend so we can improve selector coverage. This telemetry includes: ATS platform, number of fields filled and skipped, duration, and the extension version.

Sign-in goes through Supabase OAuth via chrome.identity. Your Supabase access and refresh tokens are stored in chrome.storage.session, which is cleared automatically when you close the browser. No tokens ever touch chrome.storage.local or localStorage.

JobCap is the data controller for information you submit via the extension. Under GDPR you have rights to access, rectify, export, and erase your personal data. Self-service export and deletion are not built into the product yet — until they are, we fulfil every request by email: contact info@jobcap.app and we will respond within one month, as the GDPR requires.

The extension communicates with: (a) your JobCap backend on api.jobcap.app, (b) Supabase for authentication, and (c) Sentry for anonymised error reporting when enabled. No analytics SDKs, ad networks, or social trackers are loaded.

We will post material changes here at least 30 days before they take effect, and update the revision date below.