Privacy Policy

Last updated: January 6, 2026

Welcome to RemoteDevJobs. We are committed to protecting your privacy and handling your data in an open and transparent manner. This privacy policy sets out how we collect, use, and safeguard your personal information when you use our platform.

1What Data We Collect

We collect different types of data depending on whether you are a Worker or an Employer.

For Workers

Account Information:Name, email address, and authentication credentials (e.g., one-time codes or OAuth).
Profile Information:Profile picture, headline, bio, skills, work experience, education, languages, nationality, location, and social media links.
Application Data:Records of jobs you apply for, timestamps, and match scores.

For Employers

Account Information:Name, email address, authentication credentials, and company name.
Company Profile:Company logo, website, description, location, and links.
Job Postings:Details of the jobs you post, including location, salary ranges, and application method (URL or email).
Payment Information:We use Stripe for payment processing and do not store your credit card details directly. We store Stripe customer IDs, subscription status, job token balance, and billing history.

For All Users

Analytics Data:We use PostHog to collect usage analytics only if you consent. This includes pages visited, features used, and general usage patterns.
Technical and Security Data:IP address, browser/device type, timestamps, and anti-abuse signals (including Turnstile verification) for security and fraud prevention.
Support Communications:If you contact us, we process the content of your messages and related details.
Third-Party Sign-In Data:If you choose Google sign-in, we receive your email address and basic profile information from Google.

When you apply to a job or your profile is visible to employers, we share your profile and application data with the employer for that role. Employers act as independent data controllers and handle your data under their own privacy notices. If you apply via email or an external link, your data is sent directly to the employer.

Note: We do not actively request special categories of data (e.g. health, race, religion). Please do not include special category data in your profile or applications. If you choose to provide it, we will process it only where you give explicit consent or another lawful basis under GDPR Art. 9(2) applies.

2Purpose of Data Collection

Your data is used for the following purposes:

To Provide Our Services

To create and manage your account, display your profile to potential employers (for workers), post jobs (for employers), and facilitate job applications.

Automated Matching and Shortlisting

To calculate skill and location match scores and, where applicable, restrict applications that do not meet required criteria.

To Improve Our Platform

We use analytics data to understand how our platform is used and to make improvements.

To Communicate With You

To send you important information about your account, job applications, and (with your consent) marketing communications.

To Process Payments

To handle subscriptions and payments for our services.

To Keep the Platform Secure

To prevent fraud, abuse, and unauthorized access, including bot detection and monitoring.

To Comply with Legal Obligations

Such as tax, accounting, or fraud prevention requirements.

To Provide Support and Handle Requests

To respond to support inquiries, feedback, and data protection requests.

3Legal Basis for Processing

We process your personal data under the following GDPR legal bases, mapped to our processing activities:

Processing Activity	Legal Basis
Creating and managing your user account	Performance of a Contract (Art 6(1)(b))
Processing job applications and sharing with employers	Performance of a Contract (Art 6(1)(b))
Automated matching, ranking, and application gating	Performance of a Contract (Art 6(1)(b)); Legitimate Interests (Art 6(1)(f))
Processing payments and subscriptions	Performance of a Contract (Art 6(1)(b))
Sending transactional emails (e.g., password resets, application updates)	Performance of a Contract (Art 6(1)(b))
Using analytics cookies and PostHog	Consent (Art 6(1)(a))
Ensuring platform security and preventing fraud/abuse (including Turnstile)	Legitimate Interests (Art 6(1)(f))
Product feedback outreach	Legitimate Interests (Art 6(1)(f))
Sending marketing communications	Consent (Art 6(1)(a))
Using essential cookies for authentication and security	Legitimate Interests (Art 6(1)(f))
Complying with tax and financial regulations	Legal Obligation (Art 6(1)(c))
Responding to legal requests and data subject rights	Legal Obligation (Art 6(1)(c))

4Cookies and Tracking Technologies

We use cookies and similar technologies (including local storage) to operate and improve our services. A cookie is a small text file stored on your device.

Essential Cookies

These are necessary for the website to function and cannot be switched off. They are used for security, authentication, and enabling core platform features.

Analytics Cookies

These cookies, provided by PostHog, help us understand how users interact with our platform. Data is collected in pseudonymous form and only after you consent. You can withdraw consent at any time.

Embedded Media

If you play embedded videos (e.g., YouTube), the provider may set its own cookies or collect device data. We only load embedded content when you interact with it.

Managing Your Preferences

You can manage your cookie preferences at any time through our cookie consent banner. We store your choice in local storage. Blocking essential cookies may affect site functionality.

5Third-Party Services

We use the following third-party services to provide and secure the platform:

Stripe

Payment processing

PostHog

Analytics (consent-based)

Supabase

Database, authentication, and storage

Resend

Transactional email delivery

Cloudflare Turnstile

Bot protection and abuse prevention

Google

OAuth sign-in when you choose Google authentication

YouTube

Embedded product video hosting

Employers who receive candidate data through the platform act as independent data controllers. If you apply via email or an external link, your data is sent directly to the employer and their privacy policy applies.

6Data Retention

We retain your data for the following periods:

Worker Profiles

Deleted after 24 months of inactivity or upon account deletion.

24 months of inactivity

Job Applications

Deleted 24 months after the application date.

24 months

Employer Accounts

Retained for 5 years for financial and legal compliance.

5 years

Job Posts

Public for 30 days, then retained up to 12 months after expiry for audit and dispute handling.

30 days public + 12 months retention

Payment Records

Retained for the statutory tax and accounting period.

As required by law

Security Logs

Security and anti-abuse logs (including Turnstile) retained for up to 12 months.

12 months

Analytics Data

PostHog analytics retained for up to 13 months after collection.

13 months

Support Communications

Support emails and requests retained up to 24 months after resolution.

24 months after closure

Backups

Backups are retained on a rolling basis for up to 30 days.

30 days

After these periods, your data is securely deleted or anonymized unless required otherwise by law or to establish, exercise, or defend legal claims.

7Your Data Rights

Under GDPR, you have the following rights:

Right of Access

Request a copy of the data we hold about you.

Right to Rectification

Correct any inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data.

Right to Restriction

Request we limit how your data is processed.

Right to Object

Object to processing based on legitimate interests or direct marketing (including product feedback outreach).

Right to Portability

Receive a machine-readable copy of your data.

You may lodge a complaint with your local Data Protection Authority. If you are in Greece, you can contact the Hellenic Data Protection Authority (www.dpa.gr).

To exercise these rights, contact us at remotedevjobs.eu@gmail.com, or use account tools such as deletion requests. You can also request a data export. We respond within one month, which can be extended by two months for complex requests. We may request identity verification where necessary. You can withdraw consent for analytics at any time via the cookie banner.

8Automated Decision-Making and Profiling

We use automated matching to calculate skill and location fit scores. This helps candidates understand fit and helps employers review applicants. If required skills or location criteria are not met, the platform may prevent an application from being submitted.

Logic overview: required skills carry more weight than optional skills, and location requirements can disqualify an application. We do not use special category data for these decisions.

You can request human review, express your point of view, or contest a decision by contacting us at remotedevjobs.eu@gmail.com.

9Data Security

Security Measures

We implement appropriate technical and organizational measures (encryption, access control, monitoring) to protect your data. Access to data is restricted to authenticated users and enforced through role-based access controls and database security rules.

Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. This notification will describe the nature of the breach, the likely consequences, and the measures we have taken to address it. We will also notify the relevant data protection authority as required by law.

10International Data Transfers

Data Storage & Transfers

Our data is primarily stored in the EU. Some service providers may process data outside the EU/UK (e.g., Stripe, Resend, Cloudflare Turnstile, Google/YouTube).

In such cases, we rely on safeguards such as Standard Contractual Clauses (SCCs) and, where relevant, the UK IDTA/addendum, and we conduct transfer impact assessments with supplementary measures as needed.

11Children's Data

Not for Individuals Under 18

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information.

12Changes to This Privacy Policy

Policy Updates

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by email or via the platform.

13Contact Us

Have Questions?

Data Controller: [Legal Entity Name], [Registered Address], [Company Number]. If you have any questions about this Privacy Policy or our data practices, contact us at the email below. If we appoint a Data Protection Officer, we will list their contact details here.

14Product Feedback Communications

We may contact you occasionally to request feedback, run satisfaction surveys, or ask about your experience using RemoteDevJobs. We use this information to improve our product and support.

Legal Basis

These communications are based on our legitimate interests in improving our services (GDPR Art. 6(1)(f)). You can object to this processing at any time (see “Your Data Rights”).

Opt-Out

You can opt out of product feedback emails at any time by using the unsubscribe link in our emails or by updating your notification preferences in your account. Opting out will not affect essential account or transactional messages.

Marketing vs. Product Feedback

Promotional and marketing communications are sent only with your consent. Product feedback and satisfaction surveys are distinct from marketing and may be sent without consent under legitimate interests, subject to your right to object.

This Privacy Policy is effective as of January 6, 2026