CVPilot Logo CVPilot
Sign In Sign Up

Privacy Policy

How we protect your data

Last updated: July 2025

Your Privacy Matters

At CVPilot, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your personal information when you use our AI-powered resume building service.

Information We Collect

Personal Information

  • • Name and contact information
  • • Email address for account creation
  • • Resume content and professional details
  • • Profile information you provide

Usage Data

  • • How you interact with our service
  • • Features used and time spent
  • • Device and browser information
  • • IP address and location data

AI Training Data

  • • Resume content (anonymized and aggregated)
  • • Chat conversations with AI assistants
  • • User feedback and improvement suggestions
  • • Usage patterns for feature optimization
  • • Data processed by AI providers (DeepSeek, OpenAI)

Payment Information

  • • Billing email and subscription status
  • • Payment method type (not full details)
  • • Transaction IDs and dates
  • • All payment processing via Stripe
  • • No card details stored on our servers

How We Use Your Information

Service Provision

  • • Create and maintain your user account
  • • Generate, edit, and store your resumes
  • • Provide AI-powered content suggestions via DeepSeek/OpenAI
  • • Process payments through Stripe integration
  • • Deliver customer support and assistance
  • • Export resumes in various formats (PDF, DOCX)

Service Improvement

  • • Analyze resume templates and user preferences
  • • Improve AI suggestion accuracy through feedback
  • • Develop new resume templates and features
  • • Monitor system performance and fix issues
  • • A/B test new features and improvements

Communication

  • • Send important service updates
  • • Respond to your inquiries and support requests
  • • Notify you about new features (with consent)
  • • Send security alerts if needed

Data Protection & Security

Encryption & Security

  • • HTTPS/TLS encryption for all data transmission
  • • Database encryption for stored resume data
  • • Secure API connections to AI providers
  • • Regular security monitoring and updates
  • • Secure session management

Access Controls

  • • Password-protected user accounts
  • • Limited team access to user data
  • • Secure development practices
  • • Regular access reviews and audits

Infrastructure

  • • Cloud hosting with enterprise-grade security
  • • Automated backups and disaster recovery
  • • Network monitoring and intrusion detection
  • • Compliance with industry standards

Privacy by Design

  • • Data minimization principles
  • • Purpose limitation
  • • Retention limits
  • • User control and transparency

Information Sharing

✅ We Never Share

  • • Your personal resume content
  • • Contact information with marketers
  • • Individual usage patterns
  • • Personal data for profit

⚠️ Limited Sharing

  • • AI service providers (DeepSeek, OpenAI) for content generation
  • • Payment processor (Stripe) for billing
  • • Cloud hosting providers for infrastructure
  • • Analytics services (anonymized data only)
  • • Legal compliance when required by law

Your Privacy Rights

Access & Control

  • • View all personal data we hold
  • • Download your resume data
  • • Update or correct information
  • • Delete your account and data

Communication Preferences

  • • Opt out of marketing emails
  • • Control notification settings
  • • Manage cookie preferences
  • • Withdraw consent anytime

Cookies & Tracking

Essential Cookies

  • • Login and session management
  • • Security features
  • • Form data preservation
  • • Required for service function

Analytics Cookies

  • • Usage statistics
  • • Performance monitoring
  • • Feature usage tracking
  • • Can be disabled

Preference Cookies

  • • Theme and language settings
  • • Layout preferences
  • • Personalization features
  • • Enhance user experience

Data Retention

Active Accounts

  • • Resume data kept while account is active
  • • Regular backups for data safety
  • • Data synchronized across devices

Account Deletion

  • • Data deleted within 30 days
  • • Anonymized data may be retained
  • • Legal obligations may require longer retention

International Data Transfers

Your data may be processed by our AI partners and cloud providers in various countries. We ensure adequate protection through:

  • • Secure API connections to AI providers
  • • Data processing agreements with all partners
  • • Compliance with privacy regulations (GDPR, CCPA)
  • • Regular security assessments of third-party services
  • • Your explicit consent for AI processing

Children's Privacy

Age Restrictions

Our service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.

Contact Information

For questions about this Privacy Policy or your data:

Privacy: privacy@cvpilot.dev
Support: support@cvpilot.dev

Policy Updates

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. We'll notify you of significant changes via email and prominent notice in our service. Your continued use constitutes acceptance of the updated policy.