How we collect, use, and protect your information.
Last updated: May 15, 2026
StoreJobs.dev is operated by ShibuyaLabs, based in Warsaw, Mazowieckie, Poland. For any privacy-related inquiries, data rights requests, or feedback, please contact us at [ENABLE JS TO SEE EMAIL].
The data we collect depends on how you interact with the Service. We process your data under the following legal bases allowed by the General Data Protection Regulation (GDPR):
Job Seekers (Anonymous Visitors): We do not require account creation to browse job listings. We collect standard, aggregated product analytics via PostHog. IP addresses are used momentarily to derive approximate geographic location (country/region level) and are immediately anonymized at ingestion; full IP addresses are never stored in our database.
Legal Basis: Legitimate Interests (to maintain, secure, and optimize our platform).
Employer Accounts: When you register, we collect your email address and password (securely hashed and managed by Supabase). We also store the employer profile details you provide, including company name, logo, description, and application URLs.
Legal Basis: Performance of a Contract.
Newsletter Subscribers: If you opt-in to our newsletter, we collect your email address. You can unsubscribe at any time via the link in any email.
Legal Basis: Consent.
Paid Job Postings: Payment details (credit card numbers, billing addresses) are handled entirely by our third-party processor, Stripe.ShibuyaLabs never views or stores your raw financial details; we receive only a secure transaction token and the last four digits of the card.
Legal Basis: Performance of a Contract.
We use the collected information strictly to:
— Operate, maintain, and secure the Service.
— Process employer listings, manage accounts, and handle billing.
— Deliver weekly job alerts and newsletter updates to subscribers.
— Analyze aggregate usage patterns to improve user experience (via PostHog EU).
— Handle support requests and content removal inquiries.
We do not sell, rent, or trade your personal data to third parties for marketing or advertising purposes.
We rely on trusted infrastructure partners to provide the Service. All partners are vetted for GDPR compliance:
Supabase — Authentication and primary database hosting.
Stripe — Secure payment processing and billing.
PostHog (EU Cloud) — Privacy-conscious product analytics hosted in Frankfurt, Germany.
Resend — Transactional and newsletter email delivery.
We keep tracking to an absolute minimum:
Essential Cookies: Supabase uses strictly necessary session tokens to keep employers securely logged into their accounts.
Analytics: We use PostHog in a privacy-first configuration. By discarding IP data and using aggregate session tracking, we avoid the use of intrusive tracking pixels. We do not use advertising cookies (e.g., Meta Pixel or Google Ads).
As we are based in the European Union, you have full rights regarding your data:
Right of Access — Request a copy of the personal data we hold about you.
Right to Rectification — Update or correct inaccurate profile details.
Right to Erasure — Request that we permanently delete your account or email subscription.
Right to Data Portability — Request an export of your data in a machine-readable format.
Right to Withdraw Consent — Withdraw consent for communications at any time.
To exercise these rights, email [ENABLE JS TO SEE EMAIL]. You also have the right to lodge a complaint with the Polish data protection authority: Urząd Ochrony Danych Osobowych (UODO), uodo.gov.pl.
Employer Profiles: Retained as long as the account is active.
Job Listings: Active listings are kept for their relevant period and may be archived historically.
Subscriber Data: Newsletter emails are retained until you unsubscribe, at which point they are purged.
Analytics Data: Anonymous aggregate data is retained in accordance with PostHog's data retention policies.
While we use PostHog EU to keep analytics data within the EEA, some sub-processors (Stripe, Supabase) may utilize global infrastructure. Where data is transferred outside the EEA, we ensure our providers utilize Standard Contractual Clauses (SCCs) to guarantee a high level of protection.
The Service is intended for professional web engineers and employers; it is not directed at individuals under the age of 16. We do not knowingly collect personal information from minors.
We may update this policy periodically. Changes will be posted on this page with an updated "Last updated" date.
For any privacy-focused questions or to invoke your data rights, please contact us at [ENABLE JS TO SEE EMAIL].