Privacy Policy
Last updated: June 21, 2026
The short version
- No accounts, no passwords, no advertising, no tracking cookies.
- Your search history stays in your browser (in
localStorage) — we never receive or store it on a server. - When you check a job URL, that URL is relayed to third-party services to fetch the page, and is recorded in our privacy-friendly, self-hosted analytics. Avoid pasting URLs that contain private access tokens.
- We use self-hosted, cookieless analytics (Umami) to count usage — no third-party ad networks.
- This is the formal policy. It covers the website and explains your rights under the GDPR and CCPA.
1. Who we are
This website, When This Job Was Posted? (whenthisjobwasposted.com), is a free tool that estimates the real posting date of online job listings. For the purposes of the EU General Data Protection Regulation (GDPR) and similar laws, the data controller is the operator of whenthisjobwasposted.com.
We run the service as a small, independent project. There are no user accounts, and we deliberately collect as little personal data as possible. You can reach us about any privacy question using the contact method below.
2. Scope of this policy
This policy applies to the website and tool at whenthisjobwasposted.com, including the About and Connect pages.
We also operate a public REST API and an MCP server (at mcp.whenthisjobwasposted.com) for developers and AI tools. That programmatic interface is a separate surface with its own operational logging and is governed separately; this policy does not describe it in detail. This policy also does not cover third-party websites you reach by following links from here — including the job listings you choose to check, which have their own privacy policies.
3. Information we collect
We collect very little, and most of it never leaves your device. Specifically:
Job URLs you submit
When you check a listing, the URL you enter is processed to fetch and analyze the target page. To do this in a browser, the URL is sent to the third-party and self-hosted services listed in section 6, and to the job site itself. The URL you check is also recorded as a property of an anonymous analytics event (see below) so we can understand which sites people use the tool on.
Search history and preferences (stored on your device)
Your past searches are stored in your browser's localStorage so you can revisit them. This data stays on your device — it is not transmitted to or stored by us as history, and we cannot see it. Clearing it (via the "Clear History" control in the app, or by clearing your browser's site data) removes it permanently. We also store your light/dark theme preference the same way.
Anonymous usage analytics
We use a self-hosted, privacy-friendly analytics platform (Umami) running on our own infrastructure located in the United States — not Google Analytics or any advertising network. It does not use cookies and does not track you across other websites. It records aggregate, non-identifying information such as: pages viewed, referring site, the job URL/domain you checked, anonymous feature-usage events, approximate location (country/region, derived from your IP address), and general device information (browser, operating system, screen size). IP addresses are used only transiently to derive country-level location and are not stored in a form that identifies you. Because this server is in the United States, the analytics data described here is processed there (see section 7 on international transfers).
Feedback you choose to send
If you use the feedback form, we receive the message you write, the page you sent it from (and, for a failed result, the relevant domain), and — only if you choose to provide it — an email address so we can reply. This is sent to our backend and forwarded to our team chat so we can act on it.
What we do not collect
- No accounts, names, or passwords.
- No payment information (donations, if you make one, are handled entirely by Ko-fi under its own privacy policy).
- No advertising identifiers, no behavioral-advertising profiles, no cross-site tracking.
4. How we use information and our legal bases
We process the limited data above only for these purposes. Where the GDPR applies, our legal basis for each is noted:
- To provide the tool you asked for — fetching and analyzing the job URL you submit and returning a result. Legal basis: performance of a service you request, and our legitimate interest in operating the tool (Art. 6(1)(b)/(f)).
- To understand and improve the service — aggregate, cookieless analytics that tell us which features and job sites are used so we can prioritize fixes and new integrations. Legal basis: our legitimate interest in maintaining and improving a free tool, balanced against the minimal, non-identifying nature of the data (Art. 6(1)(f)).
- To respond to feedback and reports — reading and acting on what you send us. Legal basis: our legitimate interest in supporting users and fixing problems; where you provide an email for a reply, your consent (Art. 6(1)(f)/(a)).
- To keep the service secure and working — operating the infrastructure that delivers the site. Legal basis: legitimate interest (Art. 6(1)(f)).
We do not use your data for automated decision-making that produces legal or similarly significant effects, and we do not sell it.
5. Cookies and local storage
We do not set any cookies. Our analytics is cookieless, and we use no advertising or tracking cookies. Because we set no non-essential cookies, no cookie-consent banner is required.
We use your browser's localStorage only to keep your search history and theme preference on your own device, as described above. This information is never sent to us. If you load a page that includes the Ko-fi donation widget and you interact with it, Ko-fi may set its own cookies under its own policy.
6. Third parties and data recipients
We don't sell or rent your data to anyone. To make the tool work in a browser, the job URL you check is relayed through one or more of the services below, and standard infrastructure providers help deliver the site. The data shared is limited to what's needed for each function — primarily the URL you chose to check.
| Service | Purpose | What it receives |
|---|---|---|
| Our CORS proxy (self-hosted) |
Fetches the target job page so the browser can read it | The job URL you check |
| corsproxy.io | Fallback fetch proxy when ours is unavailable | The job URL you check |
| allorigins.win | Second fallback fetch proxy | The job URL you check |
| Jina Reader (r.jina.ai) | Renders JavaScript-heavy pages when simple fetching fails | The job URL you check |
| The job site / ATS | The actual listing or applicant-tracking-system API we read the date from | A request for the page/record you asked about |
| Internet Archive (Wayback Machine) | Finds the earliest archived snapshot of a listing | The job URL you check |
| Umami (self-hosted) |
Cookieless, aggregate usage analytics | Anonymous usage events (see section 3) |
| Cloudflare | Content delivery and secure tunneling for our domains | Standard request data (e.g., IP, requested URL) |
| Ko-fi | Optional "support this tool" donation widget | Only data you provide if you choose to donate |
These providers act as independent services or processors and handle data under their own privacy policies, linked above. We use them only as needed to deliver the tool.
7. International data transfers
Some of the services above operate outside the European Economic Area (EEA), including in the United States — for example, the fallback proxies, Jina Reader, the Internet Archive, Cloudflare, and Ko-fi. In addition, our own self-hosted analytics runs on infrastructure located in the United States, so the anonymous, cookieless usage data described in section 3 is processed there. For visitors in the EEA or the United Kingdom, this means that data is transferred to the United States.
Where data is transferred internationally, it is limited to the minimal information needed for the function in question — principally the URL you choose to check and the anonymous analytics events. For the third-party services, transfers are governed by each provider's own safeguards as described in their respective privacy policies. For our self-hosted analytics, we do not rely on standard contractual clauses or a certification framework; the safeguard is the deliberately minimal, aggregate, and non-identifying nature of the data we collect. The job sites you check may also be located anywhere in the world.
8. Data retention
- Search history and preferences: kept in your browser until you clear them. We hold no copy.
- Analytics: retained in aggregate, non-identifying form only for as long as it is useful to understand usage trends, and then discarded.
- Feedback: kept only as long as needed to read, act on, and (if you asked for a reply) respond to it, then deleted.
9. Your rights (GDPR / UK GDPR)
If you are in the European Economic Area or the United Kingdom, you have the right to: access your personal data; have it corrected or erased; restrict or object to its processing; data portability; and, where processing is based on consent, to withdraw that consent at any time.
Two practical notes specific to how this tool works:
- Because we keep no accounts and our analytics is not linked to your identity, in most cases we genuinely cannot connect any stored data to you. Where we cannot identify you, some rights may not be actionable on our side (GDPR Art. 11) — but this also means there is little to no personal data about you for us to hold.
- Your search history is fully under your own control: you can view and delete it directly in your browser at any time.
To make a request or ask a question, use the contact method below. You also have the right to lodge a complaint with your local data-protection supervisory authority.
10. California privacy rights (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you certain rights. For transparency:
- Categories of personal information collected: internet/network activity (pages viewed, anonymous usage events, and the job URL you check) and approximate location and device information derived from your IP address. We do not collect sensitive personal information.
- Sources: directly from your interaction with the website.
- Purpose: to provide and improve the tool, as described in section 4.
- We do not "sell" or "share" personal information (including for cross-context behavioral advertising), and have not done so in the preceding 12 months.
You have the right to know, delete, and correct personal information, the right to opt out of sale/sharing (there is nothing to opt out of, since we do none), and the right not to be discriminated against for exercising your rights. To exercise any of these, use the contact method below.
11. Children
This tool is intended for general audiences and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us and we will delete it.
12. Security
We take a data-minimization approach: the less we collect, the less is at risk. The site is served over HTTPS, we store no passwords or account credentials, and we keep no server-side database of your searches. No method of transmission or storage is ever completely secure, but minimizing what we hold is our primary safeguard.
13. Changes to this policy
We may update this policy as the tool evolves or as legal requirements change. When we do, we'll revise the "Last updated" date at the top of this page. For material changes, we'll make the update more prominent. Your continued use of the tool after a change means you accept the revised policy.
14. How to contact us
For any privacy question or to exercise your rights, use the in-app feedback form — no account is needed, and it's anonymous unless you add an email for a reply: