Privacy Policy
Last updated: February 2026. This Privacy Policy explains how Bossr ("we", "us", "our") collects, uses, stores, and protects your personal information in compliance with the Israeli Privacy Protection Law (1981) and the EU General Data Protection Regulation (GDPR).
We use TikTok API to allow users to showcase their video content and authenticate their identity.
Data Controller
Bossr is the data controller responsible for your personal data. For any privacy-related inquiries, contact us at: bossrmatch@gmail.com
Information we collect
We collect the following categories of personal data: • Account information: Email address, name, password (hashed) • Profile information: Job title, headline, location, skills, work preferences • Employment data: Salary expectations, work experience, education history, availability, preferred work model • Media files: Profile photos (up to 6 images), profile videos • Employer data (for hiring managers): Company name, industry, team size, salary offerings, benefits • Technical data: IP address, device type, browser information • Usage data: Swipe actions, matches, chat messages
Legal basis for processing
We process your personal data based on: • Contract performance: To provide the job matching service you signed up for • Legitimate interests: To improve our service, prevent fraud, and ensure security • Consent: For optional features like push notifications and marketing communications You may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.
Google Sign-In
If you choose to sign in with Google, we receive your email address and basic profile information (name, profile picture) to create and authenticate your account. We do not request access to any other Google user data such as contacts, calendar, or drive files.
How we use your information
We use your personal data to: • Create and manage your account • Display your profile to relevant job seekers or employers • Match you with suitable opportunities based on your preferences • Facilitate communication between matched users • Send service-related notifications • Improve and personalize the service • Comply with legal obligations
Data sharing and processors
We share your data with the following third-party service providers (data processors): • Supabase Inc. (USA): Database hosting, authentication, and file storage. Your photos, videos, and profile data are stored on Supabase servers. • Resend (USA): Email delivery service for login codes and notifications. • Vercel Inc. (USA): Application hosting. These providers are contractually bound to protect your data and process it only on our instructions. We do not sell your personal information to third parties.
Data location and transfers
Your personal data is stored on servers located in the United States. By using Bossr, you consent to the transfer of your data to the US. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.
Data retention
We retain your personal data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, accounting, or reporting purposes. Anonymized or aggregated data may be retained indefinitely for analytics.
Cookies and similar technologies
We use essential cookies for: • Authentication and session management • Security and fraud prevention • Remembering your preferences We do not use tracking cookies, advertising cookies, or third-party analytics that track you across websites.
Your rights
Under applicable data protection laws, you have the right to: • Access: Request a copy of your personal data • Rectification: Correct inaccurate or incomplete data • Erasure: Request deletion of your account and data • Restriction: Limit how we process your data • Portability: Receive your data in a structured format • Object: Object to certain processing activities • Withdraw consent: Where processing is based on consent To exercise these rights, contact us at bossrmatch@gmail.com or use the "Delete Account" option in your profile settings. We will respond within 30 days.
Data security
We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (HTTPS/TLS), secure authentication, and access controls. However, no method of transmission over the internet is 100% secure.
Children's privacy
Bossr is not intended for users under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.
Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the app. Your continued use of Bossr after changes constitutes acceptance of the updated policy.
Contact us
For questions, concerns, or to exercise your privacy rights, contact us at: bossrmatch@gmail.com You also have the right to lodge a complaint with the Israeli Privacy Protection Authority or your local data protection authority.