CV2Apply

Privacy Policy

Last updated: 2025-10-11

1. Who We Are

CV2Apply (the “Service”) helps you generate tailored CVs and cover letters using AI and manage your job applications. We are the controller for your personal data when you use the Service. Contact: support@cv2apply.com.

2. Definitions

  • Controller: the entity that determines purposes and means of processing personal data (CV2Apply for this Service).
  • Processor: a service provider processing personal data on our behalf under our instructions.
  • Personal data: information relating to an identified or identifiable person.
  • EEA: the European Economic Area.

3. Categories of Personal Data

  • Account and Authentication: email, authentication/session data.
  • Profile & Content: profile details you provide (e.g., experience snippets), job descriptions you paste, and Outputs we generate.
  • Billing: subscription/credit info and purchase metadata (processed by payment providers such as Polar and their processors).
  • Technical & Usage: IP address, device/browser info, and logs/events for reliability, security, and rate limiting.
  • Communications: messages to support or feedback you provide.

4. Purposes and Legal Bases (GDPR/UK GDPR)

  • Provide and operate the Service: perform our contract with you (Art. 6(1)(b)).
  • Security, fraud/abuse prevention, and reliability: our legitimate interests (Art. 6(1)(f)).
  • Payments and accounting: compliance with legal obligations (Art. 6(1)(c)).
  • Product improvement and support communications: legitimate interests (Art. 6(1)(f)).
  • Optional communications (e.g., marketing): your consent where required (Art. 6(1)(a)), which you may withdraw at any time.

5. Where We Process and Store Data

Hosting is primarily located in the EU. Some processing may occur in other regions depending on provider configuration and availability. Where data is transferred outside the EEA/UK, we use appropriate safeguards such as Standard Contractual Clauses or rely on adequacy decisions, as applicable.

6. Processors and Recipients

  • Authentication and data services providers.
  • Payments processing providers (e.g., Polar and their processors).
  • Hosting, edge/network, and content delivery providers.
  • AI model and gateway providers for text generation and analysis.
  • Analytics, logging, email, and customer support providers.

7. Retention

  • Account data: retained while your account is active. If you delete your account, we delete or anonymize personal data unless retention is required by law.
  • Profile, Jobs, and Outputs: retained as part of your account, and temporarily cached as needed for reliability and abuse prevention. We do not sell your data.
  • Billing records: retained for the legally required period for accounting/tax purposes.
  • Logs: retained for a reasonable period for security and troubleshooting.

8. Your Rights

  • Request access to your personal data and receive a copy.
  • Request rectification or erasure of your data.
  • Request restriction of processing or object to processing.
  • Request data portability.
  • Withdraw consent at any time, where applicable, without affecting prior processing.
  • Lodge a complaint with a supervisory authority in the EEA/UK.

9. Children

The Service is not intended for children under 16. Do not create an account or upload personal data of children.

10. Security

We implement appropriate technical and organizational measures designed to protect personal data. No system is perfectly secure.

11. Data Processing Addendum (DPA)

If you require a Data Processing Addendum (DPA) as a business customer, contact us at support@cv2apply.com. We can provide a DPA incorporating the EU Standard Contractual Clauses and, where needed, the UK Addendum.

12. Changes

We may update this policy to reflect changes to our practices or for legal reasons. We will indicate the latest update date above. If changes are material, we will provide additional notice (e.g., in‑app or email).

13. Contact

Contact support@cv2apply.com for privacy questions or to exercise your rights.