Introduction
This Privacy Policy explains how GetResumeAI ("GetResumeAI," "we," "us," or "our") processes personal data when you visit getresumeai.org, create an account, generate AI-assisted resumes, subscribe to Pro, or otherwise use our software-as-a-service platform (the "Service").
We are committed to transparency and to handling personal data in line with applicable privacy laws, including the EU General Data Protection Regulation ("GDPR") where it applies to you.
Who we are (data controller)
For the purposes of the GDPR, GetResumeAI is the data controller responsible for your personal data processed through the Service, unless we state otherwise in writing.
Contact: support@getresumeai.org
Data we collect
Depending on how you use the Service, we may process the following categories of personal data:
- Account data: email address, optional display name, authentication credentials (stored as a salted password hash—we do not store plaintext passwords), subscription status, usage quotas, and account timestamps.
- Resume input data: information you submit to generate a resume, such as your name, target role, skills, and work experience notes. You choose what to provide; please avoid including special categories of data (e.g. health, religion) unless necessary and lawful for you to share.
- AI output data: professional summaries, rewritten experience sections, and skills content produced by our AI pipeline in response to your inputs.
- Payment-related data: billing identifiers and subscription metadata managed through our secure payment processor (e.g. customer ID, payment status). We do not store full payment card numbers on our servers.
- Technical & usage data: IP address, browser type, device information, request logs, error diagnostics, and similar data generated when you access the Service.
- Cookie and analytics data:as described in the Cookies & analytics section below.
Generated resume content is primarily held in your browser session for editing and PDF export. We do not operate a separate "resume library" database table for long-term storage of full resume drafts unless we introduce that feature and update this policy.
How we use your data
We use personal data to:
- Provide, operate, and maintain the Service;
- Create and manage your user account and authenticate sessions;
- Generate AI-assisted resume content from the information you submit;
- Enforce free-tier and Pro subscription limits;
- Process payments, manage subscriptions, and provide billing support through our secure payment processor;
- Respond to support requests and communicate service-related notices;
- Monitor performance, troubleshoot errors, and protect against abuse or fraud;
- Comply with legal obligations and enforce our terms.
We do not sell your personal data.
Legal bases for processing (GDPR)
Where the GDPR applies, we rely on one or more of the following legal bases:
- Contract (Art. 6(1)(b)): processing necessary to provide the Service you request, including account creation, resume generation, and subscription features.
- Legitimate interests (Art. 6(1)(f)): securing the Service, preventing fraud, improving reliability, and limited analytics, balanced against your rights.
- Legal obligation (Art. 6(1)(c)): where we must retain or disclose data to comply with law.
- Consent (Art. 6(1)(a)): where required for non-essential cookies or similar technologies; you may withdraw consent at any time without affecting lawfulness of processing before withdrawal.
AI-generated resumes
GetResumeAI uses third-party AI infrastructure (currently via OpenRouter and underlying model providers) to transform your resume inputs into structured resume content. When you click generate:
- Your submitted fields (e.g. name, target job, skills, experience) are transmitted to our servers and forwarded to the AI provider for processing;
- The model returns AI-generated text (summary, experience bullets, skills sections) that you can review, edit in the UI, and export to PDF locally in your browser;
- AI output may be inaccurate or incomplete. You are responsible for reviewing content before sharing it with employers or third parties.
AI providers process data as subprocessors under their own terms and privacy policies. We configure API access on a server-to-server basis; your API keys (if any, in self-hosted setups) are not exposed to other users.
Payments
Paid subscriptions and checkout are handled by Paddle or our secure payment processor. When you purchase Pro, our payment processor collects payment method details and processes transactions according to Paddle's Privacy Policy.
We receive limited billing data from our payment processor (such as customer ID, subscription status, and payment outcome) to activate your plan, reconcile webhooks, and support account billing inquiries. We do not store full card numbers on our servers.
Service providers (processors)
We use trusted vendors who process data on our instructions, including:
- Hosting & infrastructure (e.g. Vercel) — application delivery and logs;
- Database (e.g. Supabase/PostgreSQL) — account and subscription records;
- AI inference (OpenRouter and model providers) — resume text generation;
- Payments (Paddle / secure payment processor) — checkout, customer portal, and webhooks.
We require processors to protect personal data through contractual safeguards appropriate to the nature of the service (e.g. data processing agreements where applicable).
International transfers
Our providers may process data in the United States and other countries outside your residence. Where required by GDPR, we implement appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms offered by our vendors, unless an adequacy decision applies.
Data retention
We retain personal data only as long as necessary for the purposes described in this policy:
- Account data: for the life of your account and a reasonable period thereafter for backups, disputes, or legal compliance;
- Resume inputs/outputs: typically for the duration of the generation request and associated server logs; not retained as a permanent resume archive unless we state otherwise;
- Billing records:as required by tax and accounting laws and our payment processor's retention practices.
You may request deletion of your account by contacting us. Some data may persist in encrypted backups or logs for a limited period before automatic purging.
Your rights (GDPR & similar laws)
If you are in the EEA, UK, or another region with comparable rights, you may have the right to:
- Access a copy of your personal data;
- Rectify inaccurate data;
- Erase data ("right to be forgotten") in certain circumstances;
- Restrict or object to processing;
- Data portability for data processed by automated means based on consent or contract;
- Withdraw consent where processing is consent-based;
- Lodge a complaint with your local supervisory authority (e.g. in your EU member state). We encourage you to contact us first so we can address your concern.
To exercise your rights, email support@getresumeai.org. We may need to verify your identity before responding. We aim to reply within one month, subject to lawful extensions for complex requests.
Security
We implement technical and organizational measures appropriate to a SaaS product, including encryption in transit (HTTPS), hashed passwords, access controls, and vendor security practices. No method of transmission or storage is 100% secure; you use the Service at your own risk and should protect your account credentials.
Children
The Service is not directed to individuals under 16 (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided data, contact us to request deletion.
Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest revision. Material changes will be posted on this page; where required by law, we will provide additional notice (e.g. email or in-product message).
Contact us
Questions about this Privacy Policy or our data practices? Contact us at support@getresumeai.org.
GetResumeAI — AI resume generation at getresumeai.org