Security & privacy

Piggzy handles your job search, your resume, and employer credentials. That demands a higher bar. Full technical details are documented in our security model.

Your resume stays private

  • Resumes are stored in private, access-controlled storage — never public URLs.
  • Downloads use short-lived signed links tied to your account.
  • Your original file is immutable; tailoring always produces a new file.
  • Resume contents are never sent to analytics or advertising systems.

Credentials are encrypted

  • Employer and job-site passwords are encrypted with AES-256-GCM before storage.
  • A unique password is generated for every employer account — never reused.
  • Passwords are masked everywhere in the interface by default.
  • Every credential access is rate-limited and audited.
  • We never ask for the password to your personal Gmail, Outlook, or other personal email.

Your data is isolated

  • Every database record is protected with row-level security — your data is queryable only by you.
  • Payment details are handled by Stripe; Piggzy never sees your card number.
  • You can export your data and delete your account at any time.

The agent has hard limits

  • It never bypasses CAPTCHAs, MFA, identity checks, assessments, or legal attestations — it pauses and asks you.
  • It never answers recruiters automatically without your approval.
  • Emails, job pages, and documents are treated as untrusted data, never as instructions.
  • It never claims an application was submitted without verification.

Honest billing

  • Charges apply only to verified successful submissions, with an idempotent ledger.
  • Retries and system errors can never double-charge you.
  • Incorrectly recorded submissions are reversed automatically.