Effective Date: April 17, 2026 • Last Updated: April 17, 2026
This Privacy Policy explains what data DAIVAD Digital, LLC (“we,” “us,” or “our”) collects, how it is stored, and how it is used. We built DAIVAD with a privacy-first architecture; your data stays on your device.
1. Scope of this Policy
This policy covers personal data collected by DAIVAD Digital, LLC through our website and our sales, marketing, and support activities.
This policy does not apply to data used with the DAIVAD desktop software application. All data the DAIVAD application creates or processes is stored locally on your device in a sandboxed application directory. We do not operate a cloud server, maintain a user database, or collect your personal data from the desktop application. See Appendix A for more information on the data processed by the desktop application.
2. What Data We Collect
6. Payment Processing
DAIVAD uses Paddle as our Merchant of Record. When you purchase a DAIVAD license, Paddle processes your payment, handles sales tax, and manages billing. We do not receive or store your credit card number, bank account details, or billing address. Paddle’s privacy policy governs payment data handling. You can review it at paddle.com/legal/privacy.
7. Website Data
Our website (daivad.com) collects limited information directly from you only through voluntary forms:
- Waitlist Signup: Name, email address, and intended use case [Identifiers]
- Beta Application: Name, email address, professional background, and intended use case [Identifiers, professional or employment-related information]
This information is stored in Cloudflare KV (a key-value store) and is used solely to manage the waitlist and beta program. We do not share this information with third parties. We do not use tracking cookies, analytics scripts, or advertising pixels on our website.
3. Your Privacy Rights
You may have rights under applicable law to receive a copy of the information we have collected about you, to correct inaccurate information, or to deletion of your information. To exercise any of these rights, submit your request via our support page. We will delete your entry within 30 business days.
4. Data Retention
DAIVAD Digital, LLC retains data only as long as necessary for the purpose it was collected.
Data stored on your device by the DAIVAD desktop application remains on your device indefinitely until you delete it using the application's built-in reset function or by manually removing the application data directory. We have no access to this data and no ability to delete it on your behalf.
Website form submissions (waitlist and beta applications) are stored in Cloudflare KV until you request deletion. To request deletion of your submission, contact us through our support page. We will delete your entry within 30 business days of receiving a verified request.
Support ticket records are retained for up to 24 months for quality assurance and legal purposes, then deleted. You may request earlier deletion by contacting us through our support page.
5. Third-Party Services
DAIVAD uses a Bring Your Own Key model. You create and manage your own accounts with third-party AI and search providers. The following providers may receive data when you use DAIVAD features that require them:
OpenRouter: Your configured AI provider for features such as resume tailoring, cover letter generation, and job description analysis. Requests include relevant text you have submitted to the application. OpenRouter's privacy policy governs their handling of this data.
Exa, Brave Search, Tavily, SerpApi: Search providers used to find job listings. Requests include job-related keywords and preferences derived from your skills profile. Your personal information is not included in search queries.
DAIVAD does not share your personal information with any of these providers. The only data transmitted to a provider is what is necessary to fulfill the specific request you initiated, sent using your own API key under your own account with that provider. We have no visibility into what data they receive or how they use it.
You can disable any provider at any time through DAIVAD Settings. Disabling a provider stops all data transmission to that provider.
6. Payment Processing
DAIVAD is sold through Paddle, who acts as our Merchant of Record. When you purchase a DAIVAD license, Paddle processes your payment, handles sales tax compliance, and manages billing and refund requests on our behalf.
Paddle collects the information necessary to process your transaction, including your name, email address, billing address, and payment method details. We do not receive or store your credit card number, bank account details, or full billing address. We receive only order confirmation data (transaction ID, product purchased, email address).
Your payment data is governed by Paddle's Privacy Policy, which you can review at paddle.com/legal/privacy. By purchasing DAIVAD, you also agree to Paddle's Buyer Terms and Conditions.
7. Website Analytics
Our website (daivad.com) uses Cloudflare Web Analytics, a privacy-friendly analytics service provided by Cloudflare, Inc. Cloudflare Web Analytics does not use cookies, does not track you across websites, and does not build individual user profiles.
The following aggregate data is collected when you visit our website:
- Page views and visit counts
- Referring sources (the website or search engine that brought you to ours)
- Country-level geographic location (derived from your IP address; individual IP addresses are not stored)
- Browser and operating system type
This data is used solely to understand general traffic patterns and improve our website. It is aggregated and cannot be used to identify individual visitors. No personal data is shared with advertising networks or third-party analytics platforms.
8. Security
We take reasonable steps to protect the data we hold. All data collected through our website is stored in Cloudflare KV, which is encrypted at rest and in transit. Access to stored data requires authentication.
The DAIVAD desktop application is designed with a local-first, privacy-first architecture. Your job search data, resume content, and API credentials never leave your device except when you explicitly initiate a request to a configured provider. API credentials are encrypted using your operating system's secure credential storage as the primary method, with AES-256-GCM encryption as a fallback.
Our website uses HTTPS exclusively. No personal data is transmitted over unencrypted connections.
Despite these measures, no method of data storage or transmission is completely secure. We cannot guarantee absolute security, but we are committed to following industry-standard practices and addressing vulnerabilities promptly.
9. How to Exercise Your Privacy Rights
Depending on your jurisdiction, you may have rights regarding your personal data, including the right to access, correct, or delete information we hold about you. The following applies to data collected through our website (waitlist submissions, beta applications, and support tickets):
Access: You may request a copy of any personal data we hold about you. Submit your request through our support page with the email address you used when submitting your information.
Correction: If any information we hold about you is inaccurate, contact us through our support page and we will correct it.
Deletion: You may request deletion of your personal data at any time. We will delete your entry within 30 business days of receiving a verified request.
Unsubscribe: All marketing emails sent by DAIVAD Digital, LLC include an unsubscribe link. You may use it at any time to stop receiving marketing communications from us.
We do not sell personal data. We do not use personal data collected through our website for advertising or profiling purposes.
For data processed entirely on your device by the DAIVAD desktop application, we have no access to that data and cannot fulfill access, correction, or deletion requests on your behalf. You retain full control over that data through the application's built-in reset function.
10. Age Requirement and Children’s Privacy
DAIVAD is intended for users who are 18 years of age or older. You must be at least 18 years old to purchase or use the software. We do not knowingly collect data from individuals under the age of 18. If you believe a person under 18 has provided information through our website forms or software, contact us via our support page and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy as DAIVAD evolves. Changes will be posted on our website and noted with an updated “Last Updated” date. Continued use of DAIVAD after changes constitutes acceptance of the revised policy.
12. Contact
If you have questions about this Privacy Policy or your data:
Support: daivad.com/support
Mail: DAIVAD Digital, LLC, 201 West Lake St PMB #40516, Chicago, IL 60606
Appendix A: Desktop Application
1. Data Processed by the Application
The following data is stored locally by the application:
- Your name, email address, and professional profile (extracted from your uploaded resume)
- Your resume file (PDF, DOCX, or TXT)
- Work history, skills, and career preferences you provide during setup
- Job search results, saved listings, and application tracking data
- Generated cover letters and tailored resumes
- Application configuration and preferences
- API usage logs (for your own budget tracking)
- Encrypted API credentials (see Section 3)
2. Data DAIVAD Does Not Collect
- We do not track your usage patterns, job search behavior, or application activity
- We do not collect or store your payment information (payments are handled entirely by Paddle; see Section 6)
- We do not have access to your API keys, budget settings, or usage data
- We do not sell, share, or transfer any user data to third parties
3. API Credentials and Encryption
DAIVAD uses a Bring Your Own Key model. You create and manage your own accounts with third-party AI and search providers (such as OpenRouter and Exa). Your API keys are:
- Encrypted at rest using your operating system’s secure credential storage (macOS Keychain, Windows Data Protection API, or Linux libsecret) as the primary method
- Protected by AES-256-GCM encryption with per-credential derived keys as a fallback when operating system credential storage is unavailable
- Never transmitted to DAIVAD or any party other than the API provider you configured
- Recoverable only via a recovery key that you download during initial setup
We cannot access, recover, or reset your API keys. If you lose your recovery key and your operating system credential storage becomes unavailable, you will need to generate new API keys from your providers.
4. Data That Leaves Your Device
DAIVAD sends data to third-party services only when you initiate an action that requires it, and only to the providers you have configured. Specifically:
AI Provider (such as OpenRouter): When you use features like resume tailoring, cover letter generation, or job description analysis, the relevant text is sent to your configured AI provider for processing. The AI provider’s own privacy policy governs their handling of this data.
Search Provider (such as Exa, Brave Search, Tavily): When DAIVAD searches for job listings, search queries are sent to your configured search provider. These queries contain job-related keywords and preferences; not your personal information.
Job Board Websites: DAIVAD may access public job listing pages from boards such as We Work Remotely, Jobicy, Himalayas, Remotive, and USAJOBS to retrieve listing data.
License Validation: DAIVAD periodically verifies your license status. This check transmits only your license key and a device identifier; no personal data, resume content, or job search information is included.
DAIVAD does not send data to any service you have not explicitly configured. You can disable any search source or provider at any time through Settings.
5. Data Ownership
You own all data generated by DAIVAD, including tailored resumes, cover letters, job search results, and research reports. DAIVAD claims no intellectual property rights over content generated using the software. Your data remains on your device and under your control at all times.
8. Backups
DAIVAD creates automatic daily backups of your application data, stored locally on your device. Backups are retained for 14 days by default and are automatically deleted after expiration. Backup files are stored in your application data directory alongside your regular data. You can restore from any backup or adjust the retention period in Settings.
9. Data Deletion
Because all data is stored locally on your device, you have full control over deletion:
- Use DAIVAD’s built-in “Reset All Data” function to delete all application data
- Manually delete the DAIVAD application data directory from your file system
- Uninstalling DAIVAD removes the application but may leave the data directory intact; use the reset function first if you want a complete removal