Privacy Policy

How we collect, use, and protect your personal data.

Last updated: February 2026

Introduction

Lytramap ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our platform at lytramap.be.

We operate under the General Data Protection Regulation (GDPR) and Belgian data protection legislation. By using Lytramap, you acknowledge that you have read and understood this policy.

Information We Collect

Account Data

When you register, we collect your email address, display name, and authentication credentials via Firebase Authentication. If you subscribe to a Pro plan, we also collect billing information through Mollie.

Profile Data

You may optionally provide your skills, experience level, preferred rate, location preferences, and uploaded CV. This data is used to personalize offer recommendations and rate estimates.

Usage Data

We collect information about how you interact with Lytramap, including pages visited, search queries, offers viewed, and features used. This data is collected via server-side logging and, with your consent, via Google Analytics 4 (see Cookies & Tracking below).

Offer Interaction Data

When you use the Pimp Detector, the recruiter message text you paste is sent to our backend for AI analysis. We do not permanently store the raw message content after processing is complete.

How We Use Your Information

  • Personalization — matching you with relevant offers based on your skills and preferences.
  • Rate Estimation — calculating market rate ranges using aggregated offer data and your profile.
  • Pimp Detector — analyzing recruiter messages to identify original job sources using AI.
  • Analytics — understanding how the platform is used to improve features and performance.
  • Communication — sending transactional emails (alerts, subscription confirmations, security notices).
  • Security — detecting abuse, rate limiting, and protecting the platform from misuse.

Data Sharing & Third Parties

We share data with the following third-party services, each for a specific and necessary purpose:

  • Firebase Authentication (Google) — handles user authentication and session management.
  • Mollie — processes Pro subscription payments. We never store your credit card details directly.
  • OpenRouter — processes Pimp Detector queries using large language models. Message content is sent for analysis but not retained by OpenRouter beyond the request.
  • Meilisearch — powers our offer search engine. Offer data (not personal data) is indexed for fast search.
  • Resend — delivers transactional emails on our behalf.
  • Google Analytics / Google Tag Manager (Google) — if you consent, collects anonymised usage data to help us improve the platform. No data is sent to Google unless you opt in via our cookie consent banner.

We do not sell your personal data. We do not share your data with advertisers. We do not use your data for purposes unrelated to the Lytramap platform.

Data Retention

We retain your account and profile data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law (e.g., billing records for tax purposes, which are retained for 7 years as required by Belgian law).

Usage logs and analytics data are retained in anonymized form for up to 12 months to improve platform performance.

Your Rights Under GDPR

As a user in the European Economic Area, you have the following rights:

  • Right of Access — request a copy of the personal data we hold about you.
  • Right to Rectification — request correction of inaccurate personal data.
  • Right to Erasure — request deletion of your personal data ("right to be forgotten").
  • Right to Data Portability — receive your data in a structured, commonly used format.
  • Right to Object — object to processing of your data for specific purposes.
  • Right to Restriction — request limitation of processing in certain circumstances.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days as required by GDPR.

Cookies & Tracking

Lytramap uses cookies to provide core functionality and, with your consent, to understand how the platform is used. On your first visit you will see a cookie consent banner where you can accept or reject non-essential cookies.

Essential Cookies

These cookies are required for Lytramap to function and cannot be disabled. They include your Firebase authentication session token and a dark/light mode preference cookie.

Consent Cookie

When you make a choice in the consent banner, we store a lytramap_consent cookie (valid for 1 year) that records your analytics and marketing preferences so we do not ask you again on future visits.

Analytics Cookies (optional)

If you consent, we use Google Analytics 4 (via Google Tag Manager) to collect anonymised usage data such as pages visited, features used, and general interaction patterns. This data helps us improve the platform. These cookies are only set after you explicitly grant consent.

Marketing Cookies (optional)

If you consent, marketing cookies may be used to measure the effectiveness of campaigns that brought you to Lytramap. We do not run targeted advertising on the platform.

You can change your cookie preferences at any time via the "Manage Cookies" link in the footer.

Data Security

We implement industry-standard security measures to protect your data:

  • All data in transit is encrypted via TLS/HTTPS.
  • Database access is restricted and authenticated.
  • API endpoints are protected by rate limiting and input validation.
  • Authentication is handled by Firebase with JWT token verification.
  • Internal endpoints use separate API key authentication.

While we take reasonable precautions, no system is 100% secure. If you discover a security vulnerability, please report it to [email protected].

Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify registered users via email and update the "Last updated" date at the top of this page.

Continued use of Lytramap after changes are posted constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit).