Legal
Effective Date: July 13, 2026
JobsU, Inc. ("JobsU," "we," "our," or "us") is committed to protecting the security of your personal information and the integrity of the JobsU platform. This Cybersecurity Policy describes the security measures we implement, how we respond to security incidents, and how you can help protect your account. This policy should be read in conjunction with our Privacy Policy and Terms of Service.
This policy applies to all systems, applications, and infrastructure operated by or on behalf of JobsU, Inc. in connection with the JobsU platform, including:
JobsU implements commercially reasonable technical, administrative, and organizational safeguards designed to protect the confidentiality, integrity, and availability of user data.
All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security). Sensitive data stored in our database infrastructure is encrypted at rest using AES-256 or equivalent encryption standards provided by our infrastructure partners.
Access to user data is restricted on a need-to-know basis. JobsU personnel who require access to production systems or user data are subject to role-based access controls and are required to use multi-factor authentication (MFA). Administrative access is logged and subject to periodic review.
User accounts are protected by password-based authentication and, where supported, multi-factor authentication. Passwords are hashed using industry-standard algorithms and are never stored in plaintext. Session tokens are time-limited and revocable.
We conduct regular reviews of our security posture, including dependency audits, code review practices, and monitoring of our infrastructure for known vulnerabilities. As the platform scales, we will expand our assessment program to include third-party penetration testing and formal security audits.
We maintain security logs for authentication events, administrative actions, and system access. These logs are monitored for anomalous activity and retained in accordance with our data retention practices described in the Privacy Policy.
JobsU maintains an incident response process to identify, contain, and remediate security incidents that may affect user data or platform integrity.
Upon identification of a suspected security incident, JobsU will take immediate steps to contain the incident, assess its scope and impact, and preserve evidence for investigation.
In the event of a confirmed data breach affecting your personal information, JobsU will notify affected users in accordance with applicable law, including the New York SHIELD Act, Massachusetts data breach notification law (M.G.L. ch. 93H), and any other applicable state or federal breach notification requirements. Notifications will include:
Following any confirmed incident, JobsU will conduct a root cause analysis, implement corrective measures to prevent recurrence, and update security procedures as appropriate.
We value the work of independent security researchers and welcome responsible reports of potential vulnerabilities in the JobsU platform. If you believe you have found a security vulnerability, please report it to us at security@jobsu.app.
When reporting a vulnerability, please provide:
We will acknowledge receipt of your report within 5 business days and provide a timeline for resolution. We will not pursue legal action against individuals who report vulnerabilities in good faith, in compliance with this policy, and who do not access, modify, or delete user data beyond what is necessary to demonstrate the vulnerability. We ask that reporters refrain from publicly disclosing a vulnerability until we have had a reasonable opportunity to investigate and address it.
The following are not within scope for this responsible disclosure policy: social engineering attacks (including phishing) against JobsU employees or users, denial-of-service testing, physical security testing, and any testing that degrades, disrupts, or damages the platform or user data.
Users play an important role in maintaining the security of the platform. We encourage all users to:
JobsU relies on established third-party service providers for critical platform functions. These providers maintain their own security certifications and compliance programs:
JobsU selects third-party providers that meet our security standards and enters into data processing agreements where required. However, JobsU does not control and is not responsible for the security practices of third-party providers.
For comprehensive information about how we collect, use, retain, and protect your personal information, please refer to our Privacy Policy. For information about your rights regarding your personal data — including rights of access, correction, deletion, and portability — see Section 7 of the Privacy Policy.
We may update this Cybersecurity Policy from time to time to reflect changes in our security practices, technology, or legal requirements. When we make material changes, we will post the updated policy on the platform with a new effective date and, where practicable, notify users through email or in-app notification.
If you have any questions about this Cybersecurity Policy, our security practices, or wish to report a security concern, please contact us:
JobsU, Inc. — Attn: Security
2 Clifford Street, Norwalk, CT 06853
Security reports: security@jobsu.app
General inquiries: support@jobsu.app
Website: jobsu.app