Privacy Policy

MORT (UK) is the data controller for the Job Listings API. This policy explains what we collect about our customers, what we do not do, and the rights you have. It does not describe the contents of job postings, which are addressed separately below.

What we collect about you

• Account details — your email address, used to sign in and to send service notices.
• Billing details — handled by Stripe. We never see or store full card numbers; we keep only a Stripe customer reference and your plan.
• API request metadata — including IP address, timestamps, endpoints called, and usage counts, used for rate limiting, billing, security, and debugging.

What we don't do

• We do not track end users of your application.
• We do not sell personal data, ever.
• We do not build advertising profiles or share your usage with third parties for marketing.

Job-posting data

The postings returned by the API contain only information that employers chose to publish publicly on their own applicant tracking systems. We do not collect job applicants' personal data, and we link to the original posting rather than rehosting application flows.

Sub-processors

• Stripe — payment processing and billing.
• Railway — application and database hosting.
• SendGrid — transactional email delivery.

Retention

We retain account data for as long as your account is open, and until you request deletion. Request metadata is kept for a limited period for billing and security, then aggregated or removed.

Your rights

If you are in the UK or EEA, the UK GDPR and EU GDPR give you rights to access, correct, delete, port, and restrict processing of your personal data, and to object to certain processing. To exercise any of these, or to raise a concern, contact legal@joblistingsapi.com. You also have the right to complain to your local supervisory authority.