What we do with your data.

When you sign up: your email and a password hash. We do not store the plaintext of your password.

When you use the product: your log entries (body and optional impact), the competency framework you paste in, and the matches between them. We also store light account preferences like your timezone, fiscal year, and email nudge schedule.

We do not track you across the web. We don't use Google Analytics, Facebook pixels, or third-party advertising tags.

On a Postgres database running on a server we operate, in the United States. Connections are TLS encrypted. The database itself is currently stored as ordinary rows — meaning if someone got root access to the server, or if we pulled a database backup, log entries would be readable as plain text. Column-level encryption of log bodies is on the roadmap and will be enabled by default once shipped.

Daily backups are encrypted and kept for 14 days, then deleted.

Two things use OpenAI's API:

• Matching. When you log an entry, we send the entry text and your competency list so the model can suggest matches. The text leaves our server, hits OpenAI, comes back.
• Review drafting. When you click Generate, we send all of your logged entries in the chosen date range, plus your framework, so the model can draft your review.

OpenAI's API policy says they do not train their models on data sent through the API. They retain API content for up to 30 days for abuse monitoring, then delete it. We do not have a zero-retention agreement with them.

If you don't want any content sent to OpenAI, an “AI off” toggle in settings is on the roadmap. Tag matches manually, write your own draft. Tell us if you need this sooner — we'll prioritize it.

We use Resend to send the weekly nudge email and to receive replies you send back. If you reply to a nudge, the text of that reply hits Resend on its way into our database. Resend's policy is to process email in transit and not retain content beyond what's needed for delivery.

If you never reply to nudges and never enable email logging, no entry content touches Resend.

You. The operators of YearCase (currently one person) have technical root access to the production database, the same way any small SaaS does. We don't read your entries. We have no internal dashboard for browsing user content, and we never will. If we need to debug something tied to your account, we'll ask first.

We will never sell your data, share it with employers, share it with recruiters, or share it with anyone. There is no business model here that benefits from doing so.

If we receive a valid legal demand for your data, we will comply with it, and we will notify you unless legally prohibited from doing so. We have not received any such requests to date. If that changes, we'll say so on this page.

You can export everything (JSON, CSV, or Word) from Settings at any time. The same Settings page has a Delete Account button that hard-deletes your user row, framework, all log entries, and all matches from the live database. Backups age out within 14 days. If you'd rather we handle it, email hello@yearcase.com from the address on your account.

If we change anything material — what we send to OpenAI, who processes your data, how long we keep it — we'll update the date at the top of this page and email everyone with an active account before the change takes effect.

Real ones get a real answer. hello@yearcase.com.