Legal
Privacy Policy
Last updated: July 15, 2026
This Privacy Policy describes how Climb (“Climb,” “we,” “us,” or “our”) collects, uses, stores, and shares information when you use the Climb iOS application and related services (the “Service”), including this website.
Climb is a job-search organization app. You can use core features with data stored on your device. Optional features—such as Sign in with Apple, cloud sync, email connection, and subscriptions—may process additional information as described below.
Some features described here may be rolling out gradually. Where a capability is not yet available in your version of the app, the related processing does not apply until that feature is enabled for you.
Operator: [LEGAL ENTITY NAME]
Contact: support@climbapp.co
Postal address: [YOUR ADDRESS]
Information We Collect
Information you provide
Depending on how you use Climb, this may include:
- Job-search content you enter: company names, job titles, application status, dates, locations, work type, salary notes, recruiter names, job descriptions, notes, timeline events, and reminders.
- Onboarding preferences: answers about your job-search stage, application volume, sources, frustrations, tracking habits, weekly goals, and reminder preferences (stored on device).
- Account information (optional): if you Sign in with Apple, we receive an Apple-provided user identifier and, when you choose to share it, your name and/or email (or Apple’s private relay email).
- Support communications: if you email us, we receive the content of that correspondence.
Information from optional email connection
If you choose to connect an email account (such as Gmail when available), we request access needed to identify recruiting- related messages. We may store structured fields such as sender display/address, subject line, a short snippet, classification metadata, and hashed message identifiers for deduplication.
We do not store full email bodies as part of normal Climb processing. OAuth tokens are stored encrypted on our servers and are not exposed to the mobile client.
Information created by AI processing
When email scanning or AI features are enabled, limited message metadata (such as subject/snippet) and related context (such as your application list) may be sent to our server-side language- model provider to help classify recruiting-related mail or generate suggestions. Model outputs can be incorrect; you control whether suggested updates are applied.
Device and usage information
- Local app preferences and notification settings
- Push notification permission state (if you enable reminders)
- Basic technical diagnostics you or Apple may surface when reporting crashes. We do not currently operate a separate third-party analytics SDK in Climb unless listed in a future update to this Policy.
Website information
If you visit climbapp.co, standard server logs and hosting providers (such as Vercel) may process technical data such as IP address, browser type, and request metadata needed to deliver and secure the site. We do not currently run advertising or behavioral analytics pixels on this website unless disclosed in a future update.
How We Use Information
We use information to:
- Provide, maintain, and improve Climb (pipeline tracking, reminders, sync, and optional email-assisted suggestions)
- Authenticate you and secure accounts
- Process and display subscription status
- Send local/push notifications you enable (for example, follow-up or interview reminders)
- Troubleshoot, prevent abuse, and enforce our Terms
- Comply with law and respond to lawful requests
We do not sell your personal information. We do not use email content to build advertising profiles or to contact your employers on your behalf.
Subscriptions
If you subscribe to Climb Pro (or similar), purchases are processed by Apple. We use RevenueCat to validate entitlements and restore purchases. We may receive subscription status, product identifiers, and anonymous/app user identifiers—not your full payment card details (Apple handles payment).
Manage, cancel, or request refunds through Apple’s subscription and support processes.
Third Party Services
We share information only as needed with service providers who help us operate Climb. Your use of those services may also be governed by their own terms and privacy policies.
We do not share your job-application notes or email snippets with other Climb users.
RevenueCat
RevenueCat helps us manage subscription entitlements and restore purchases. It may process app user identifiers, product identifiers, and subscription status. Payment card details are handled by Apple, not by Climb or RevenueCat as your card processor.
Supabase
Supabase hosts optional authentication, database, and Edge Functions used for cloud sync and email-related features when you enable them. Synced content and related records may be stored in our hosted database with access controls intended to isolate users.
OpenAI
When AI classification or suggestion features are enabled, we may send limited metadata (such as email subject/snippet and related application context) to OpenAI or a successor language-model provider to generate classifications or suggestions. Do not treat AI output as complete or error-free.
Brandfetch
When you search for or display company information, Climb may request logo/brand metadata from Brandfetch (or a similar provider) using a public client identifier. Queries may include company names or domains you enter.
Data Retention
- On-device data remains until you delete it, uninstall the app, or clear app data.
- Cloud account data is retained while your account is active. If you delete your account in-app, we delete associated cloud user data subject to short backup/technical residual periods and any legal retention requirements.
- Email connection: disconnecting email revokes/stops use of tokens; you may choose to purge related email-event records where that option is available.
- Subscriptions: Apple and RevenueCat retain purchase records as needed for billing, tax, and fraud prevention.
Security
- On-device data: applications and related content can live in local storage on your device even without an account.
- Cloud data (optional): if you sign in, synced content may be stored with access controls intended to isolate users.
- Tokens: email OAuth tokens are encrypted at rest on the server when email features are enabled.
- Transmission: we use HTTPS/TLS for network calls to our backends and major providers.
No method of transmission or storage is 100% secure. You are responsible for controlling physical access to your device and your Apple ID.
Your Rights
Depending on your location, you may have rights to access, correct, delete, export, or restrict certain personal data, and to object to or withdraw consent for certain processing.
In Climb you can typically:
- Edit or delete applications and related records on device
- Export applications (JSON) from Settings where available
- Disconnect email and optionally delete email-derived events
- Sign out or delete your cloud account (Settings)
- Disable notifications in iOS Settings or in-app reminder toggles
- Manage or cancel subscriptions in Apple’s subscription settings
To exercise privacy rights or ask questions, contact support@climbapp.co. We may need to verify your request. You may also lodge a complaint with your local data protection authority.
California residents: We do not “sell” or “share” personal information as those terms are commonly defined for targeted advertising. You may request know/delete rights via the contact above.
Climb is not directed to children under 13 (or under 16 where that is the applicable digital consent age). We do not knowingly collect personal information from children.
Contact
Questions about privacy:
support@climbapp.co
[LEGAL ENTITY NAME]
[YOUR ADDRESS]
We may update this Policy from time to time. We will revise the “Last updated” date and, when changes are material, provide additional notice in the app or by other reasonable means.