Privacy Policy
Last updated: March 20, 2026
Fillio ("we", "us", "our") operates the Fillio Chrome extension and API backend at fillio.co. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service.
1. Information We Collect
When you use Fillio, we collect the following categories of data:
- Profile information: name, email address, phone number, and mailing address
- Professional information: work history, education, and skills
- Resume: PDF file you upload for parsing and auto-attachment
- Screening question answers: your responses to job application questions, stored so Fillio can reuse them on similar questions
- Application history: records of jobs you have applied to (company, role, date, ATS type)
- Account credentials: email and password, managed by our authentication provider Clerk
2. How We Use Your Data
Your data is used solely to provide and improve the Fillio service:
- Parsing your resume to extract structured profile data
- Auto-filling job application forms on your behalf
- Generating intelligent answers to screening questions using AI
- Remembering your previous screening answers for future applications
- Tracking your application history
- Processing payments for paid plans
- Diagnosing errors and improving reliability
We do not use your data for advertising, and we do not sell your data to third parties.
3. Third-Party Services
We use the following third-party services to operate Fillio. Each receives only the minimum data necessary to perform its function:
| Service | Purpose | Data Shared |
|---|---|---|
| Anthropic (Claude API) | AI form analysis and answer generation | Resume text, form fields, screening questions. Data sent to Claude is not used for model training. |
| Supabase | Database and file storage | All user profile data, resume PDFs (encrypted at rest), application history |
| Clerk | Authentication | Email address and password |
| Stripe | Payment processing | Email and billing info. We never store your credit card number — Stripe handles all card data directly. |
| Sentry | Error tracking | Error reports and stack traces only. No usage analytics or behavioral tracking. |
We do not use any third-party advertising or tracking services.
4. Chrome Extension Permissions
The Fillio Chrome extension requests the following permissions:
- storage: to store your settings and cached profile data locally in the browser
- activeTab: to read and fill form fields on the current job application page
- sidePanel: to display the Fillio interface alongside the application form
- scripting: to inject the form-filling logic into job application pages
- host_permissions: limited to known ATS domains (e.g., Greenhouse, Lever, Workday) so Fillio can detect and interact with application forms
The extension only activates on job application pages. It does not run on other websites, does not read your browsing history, and does not collect any data outside of the job application context.
5. Data Storage and Security
- Resume PDFs are stored in Supabase Storage with encryption at rest.
- All data is transmitted over HTTPS/TLS.
- Authentication is handled by Clerk with industry-standard security practices.
- Payment card data is handled entirely by Stripe and never touches our servers.
6. Data Retention
We retain your data for as long as your account is active. When you delete your account, all associated data — including your profile, resume, screening answers, and application history — is permanently deleted from our systems.
7. Your Rights
You have the following rights regarding your data:
- Access and export: You can export all of your data in JSON format at any time from your account settings.
- Deletion: You can delete your account and all associated data at any time.
- Correction: You can update your profile information at any time through the extension.
8. GDPR Compliance (EEA Users)
If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):
- Right to access, rectify, or erase your personal data
- Right to restrict or object to processing
- Right to data portability (JSON export)
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
Our lawful basis for processing your data is contractual necessity (providing the service you signed up for) and legitimate interest (improving the service and fixing errors).
9. CCPA Compliance (California Users)
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information we collect and how it is used
- Right to delete your personal information
- Right to opt out of the sale of personal information — we do not sell your data
- Right to non-discrimination for exercising your CCPA rights
10. Children's Privacy
Fillio is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the extension. The "last updated" date at the top of this page reflects the most recent revision.
12. Contact Us
If you have questions about this Privacy Policy or want to exercise your data rights, contact us at: