Legal
Privacy Policy
Last updated: 20 April 2026 · Version v1.0
1. Who we are
The Next Job (thenextjob.app) is the data controller responsible for your personal data. If you have any questions about this policy or how we handle your data, contact us at hello@thenextjob.app.
2. What data we collect and why
We only collect data that is necessary for the service we provide (data minimisation, GDPR Art. 5(1)(c)).
| Data | Purpose | Legal basis |
|---|---|---|
| Email address | To notify you when The Next Job launches and manage your waitlist place | Pre-contractual steps at your request (Art. 6(1)(b)) |
| Marketing consent flag + timestamp | To send you product updates, launch news, and founder communications - only if you opt in | Your explicit consent (Art. 6(1)(a)) |
3. What we do not collect
- We do not use tracking cookies or advertising pixels.
- We do not collect your IP address, device fingerprint, or browsing behaviour.
- We do not share or sell your data to third parties for marketing purposes.
4. How long we keep your data
| Data | Retention period |
|---|---|
| Waitlist email | Until you unsubscribe, or until 12 months after public launch - whichever comes first |
| Marketing consent record | Retained for as long as we hold your email, as evidence of your consent |
You can request deletion of your data at any time by emailing hello@thenextjob.app. We will process your request within 30 days.
5. Your rights under GDPR
If you are based in the European Economic Area (EEA) or the United Kingdom, you have the following rights:
- Access - request a copy of the personal data we hold about you.
- Rectification - ask us to correct inaccurate data.
- Erasure - ask us to delete your data (“right to be forgotten”).
- Restriction - ask us to stop processing your data temporarily.
- Portability - receive your data in a structured, machine-readable format.
- Objection - object to processing based on legitimate interests.
- Withdraw consent - if we process your data on the basis of consent (e.g. marketing emails), you can withdraw that consent at any time by clicking unsubscribe in any email or contacting us directly. Withdrawal does not affect the lawfulness of processing before withdrawal.
To exercise any of these rights, email hello@thenextjob.app. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority (in Portugal: CNPD).
6. Third-party processors
We use the following sub-processors to deliver the service. Each has a Data Processing Agreement (DPA) in place and processes data only on our documented instructions.
| Vendor | Purpose | Data location |
|---|---|---|
| Supabase | Database - stores your email and consent record | EU (Frankfurt, AWS eu-central-1) |
| Resend | Transactional email - sends confirmation and launch emails | EU-compliant (AWS) |
| Vercel | Website hosting and serverless functions | EU Edge Network |
7. International transfers
All sub-processors listed above operate under Standard Contractual Clauses (SCCs) or equivalent mechanisms approved by the European Commission, ensuring adequate protection for any data transferred outside the EEA.
8. Security
We implement appropriate technical and organisational measures to protect your data, including encrypted connections (TLS), access controls, and row-level security on our database. No method of transmission over the internet is 100% secure; if you believe your data has been compromised, contact us immediately at hello@thenextjob.app.
9. Changes to this policy
We may update this policy as the service evolves. When we make material changes, we will notify waitlist members by email and update the version number and date at the top of this page. Continued use of the service after changes constitutes acceptance of the updated policy.
10. Contact
For any privacy-related questions or to exercise your rights:
The Next Job
Email: hello@thenextjob.app