BSDict
DictionaryJob DecoderCareer ToolsPricing

Submit a Term

Know some corporate BS we missed? Help us expand the dictionary.

Contact Support

Need help? Open a support ticket and we'll get back to you faster than your manager replies to Slack.

Share the BS

Help others decode corporate nonsense.

DictionaryJob DecoderManifestoAbout
Privacy PolicyTerms of ServiceCookie Policy

2026 Corporate Bullshit Dictionary. No rights reserved — spread the clarity.

Privacy Policy

Last updated: February 15, 2026

BSDict ("we", "us", "our") operates the website bsdict.com (the "Service"). This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and what rights you have over your data.

We believe in plain language — no corporate BS in our privacy policy either. If something is unclear, email us at contact@bsdict.com.

1. Data We Collect

1.1 Account Data

When you create an account, we collect your email address and a hashed version of your password (we never store or see your plain-text password).

1.2 Profile Data

You may optionally provide additional information in your profile, including: name, phone number, location, LinkedIn/GitHub/portfolio URLs, job title, years of experience, target roles, salary expectations, skills, certifications, work preferences, education history, and career goals.

All profile fields are optional. You control what you share.

1.3 Content You Provide

  • Job postings — Text you paste into the Job Decoder for AI analysis. Saved to your account if you're logged in.
  • CVs/Resumes — Files you upload (PDF, DOCX, TXT) or text you paste into the CV Reviewer. We extract and store the text content.
  • Career Suite outputs — Cover letters, interview prep questions, and CV-to-job match analyses generated by AI based on your inputs.

1.4 Usage Data

  • API usage logs — We log which features you use, token counts, and AI processing costs. This helps us monitor costs and improve the service.
  • IP addresses — Used solely for rate limiting guest (non-authenticated) users. Stored temporarily (24 hours) and then automatically deleted. We do not use IP addresses for tracking or profiling.
  • Analytics — If you consent via our cookie banner, we use Vercel Analytics to collect anonymized page view and performance data. No analytics data is collected without your consent.

1.5 Referral Data

If you use a referral code when signing up, we link your account to the referring user for the purpose of awarding both parties a free CV review credit. The referring user can see that a referral was completed but cannot see your email or personal details.

2. How We Use Your Data

  • Provide the Service — Authenticate your account, save your decoded jobs and CVs, generate AI analyses, track your usage credits.
  • AI Analysis — Your job posting text and CV content are sent to OpenAI's API for analysis. See Section 3 for details.
  • Transactional Emails — We send you a welcome email after sign-up and referral reward notifications. These are service-related, not marketing.
  • Rate Limiting — We use IP-based rate limiting for guest users and account-based limits for registered users to prevent abuse.
  • Cost Monitoring — We track AI API usage costs to manage our operating expenses. This data is aggregated and used internally.
  • Service Improvement — Anonymized, aggregated analytics data (with your consent) helps us understand which features are used and improve performance.

3. Third-Party Service Providers

We share your data with the following third-party providers, solely for the purposes described:

OpenAI

What: Job posting text and CV content are sent to OpenAI's API for AI analysis.
Why: Powers the Job Decoder, CV Reviewer, and Career Suite features.
Retention: OpenAI may retain API inputs for up to 30 days for abuse monitoring. We do not opt in to having your data used for model training.

Supabase

What: All account data, profile data, and content you save.
Why: Database hosting and user authentication.
Security: Row-Level Security ensures users can only access their own data.

Resend

What: Your email address and name (if provided).
Why: Delivers transactional emails (welcome, referral rewards).
Retention: Subject to Resend's data processing policies.

Vercel

What: Website hosting and anonymized analytics (with your consent).
Why: Hosts the application and provides performance monitoring.
Analytics: Only active if you accept analytics cookies via our consent banner.

Upstash

What: IP addresses of guest users (not logged-in).
Why: Rate limiting to prevent abuse.
Retention: Automatically deleted after 24 hours.

Cloudflare

What: DNS resolution and network-level data.
Why: Domain management and CDN performance.

4. Data Retention

  • Account and profile data — Retained until you delete your account.
  • CVs, decoded jobs, and Career Suite content — Retained until you delete them individually or delete your account.
  • API usage logs — Retained for cost tracking and service monitoring. When you delete your account, logs are anonymized (your user ID is removed).
  • Rate limiting data (IP addresses) — Automatically deleted after 24 hours.
  • Analytics data — Subject to Vercel's retention policies (typically up to 6 months). This data is anonymized.

5. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to Access — You can export all your data at any time from your profile settings.
  • Right to Rectification — You can update your profile information at any time.
  • Right to Erasure — You can delete your account and all associated data from your profile settings. This action is permanent and cannot be undone.
  • Right to Data Portability — The data export feature provides your data in a standard JSON format.
  • Right to Object — You can reject non-essential cookies via our consent banner. To object to other processing, contact us.
  • Right to Withdraw Consent — You can change your cookie preferences at any time via our Cookie Policy page.

To exercise any of these rights, use the self-service tools in your profile or contact us at contact@bsdict.com. We will respond within 30 days.

6. Cookies and Local Storage

For detailed information about cookies and similar technologies we use, please see our Cookie Policy.

In summary: we use strictly necessary cookies for authentication (no consent required) and analytics cookies only with your explicit consent.

7. Data Security

We implement appropriate security measures to protect your data:

  • All data is transmitted over HTTPS (TLS encryption in transit)
  • Passwords are hashed and salted — we never store or see your password
  • Database-level Row-Level Security prevents cross-user data access
  • Admin operations use separate, restricted credentials
  • Rate limiting protects against brute-force and abuse

No system is 100% secure. If you discover a security vulnerability, please report it to contact@bsdict.com.

8. Children's Privacy

BSDict is not intended for users under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.

9. International Data Transfers

Your data may be processed in countries other than your own, including the United States (where our third-party providers operate). We rely on our providers' compliance frameworks (including Standard Contractual Clauses where applicable) to ensure adequate protection of your data.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by email or by displaying a prominent notice on the Service. The "Last updated" date at the top of this page indicates the most recent revision.

11. Contact Us

If you have questions about this Privacy Policy or want to exercise your rights, contact us at:

contact@bsdict.com