logoResumex

Resumex Privacy Policy

Effective Date: May 30, 2025

1. Introduction

Welcome to Resumex ("App," "we," "us," or "our"), developed by Hygor Dias ("Developer"). We are committed to protecting your privacy and handling your personal information with care and respect. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and services (collectively, "Services").

By using our Services, you agree to the collection and use of information in accordance with this policy. If you have any questions or concerns about our policy or our practices with regards to your personal information, please contact us atsupport@resumex.co.

2. Information We Collect

We collect information that you provide directly to us, information we collect automatically when you use our Services, and information from third parties.

2.1. Information You Provide Directly:

Account Creation:

When you create an account, we collect your display name, email address, and a hashed password. You may optionally provide your pronouns.

Profile Information:

You may choose to provide additional information for your profile, such as your current job position, location, a short bio, phone number, professional links (e.g., LinkedIn, GitHub, Portfolio), languages spoken, and proficiency levels.

User Stories & Experience Details:

We collect the content you create as "User Stories," which may include descriptions of your achievements, projects, tasks, skills demonstrated, and personal anecdotes related to your work, education, or projects. While this data is personal and can be detailed, you control what you input.

Job Post Data:

We store the job descriptions and related details you input when targeting specific job applications.

Generated Content:

We store the resumes and cover letters generated by our AI based on your inputs.

Communications:

If you contact us directly (e.g., via support@resumex.co or our Discord channel), we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

2.2. Information Collected Automatically:

Usage Data:

We collect information about your interactions with our Services, such as features used, pages visited, time spent on the app, clicks, and interactions with our AI tools. This is collected via our internal analytics for service improvement.

Device Information:

We may collect information about the device you use to access our Services, including IP address, browser type, operating system, and device identifiers.

Cookies and Similar Technologies:

We use cookies and similar tracking technologies (like localStorage or sessionStorage) primarily for essential functions such as user authentication, remembering your preferences, and ensuring the security of our Services. We do not use them extensively for tracking for marketing purposes.

2.3. Information from Third Parties:

Payment Information:

We use Stripe for payment processing. We do not directly collect or store your credit card details. Stripe handles all payment information. We only store your subscription status (e.g., active, expired) and basic transaction information provided by Stripe necessary for managing your account.

3. How We Use Your Information

We use the information we collect for various purposes, including:

  • To provide, operate, and maintain our Services, including creating and managing your account, storing your User Stories, and generating resumes and cover letters.
  • To personalize your experience and tailor content and features.
  • To process your subscriptions and manage billing through Stripe.
  • To communicate with you, including sending service-related announcements, updates, security alerts, responding to your inquiries, providing customer support (e.g., via Discord), and sending password reset emails.
  • AI Processing: Your User Stories, profile information, and job descriptions are processed by our AI models (which may utilize services from OpenAI, Google, Anthropic via the Vercel AI SDK) to analyze your data, score relevance, extract key information, and generate tailored content like resumes, cover letters, and summaries. This data is used solely for providing the Services to you and is not used to train the third-party AI models.
  • To understand and analyze how you use our Services, identify bugs, and improve the user experience and functionality of our App (using our internal analytics). We do not use your personal data for broader AI model training or unrelated development.
  • To enforce our terms and conditions, protect our rights and property, and ensure the security of our Services.
  • For compliance with legal obligations.

4. How We Share Your Information

We do not sell your personal information. We may share your information with third-party service providers who perform services for us or on our behalf, and require access to such information to do that work. These include:

  • AI Providers: We send relevant data (such as your User Stories, profile information, and job descriptions you provide) to AI service providers (e.g., OpenAI, Google, Anthropic, via the Vercel AI SDK) for processing to enable the AI-powered features of our Services.
  • Payment Processors: We share necessary information (e.g., user ID, name, email) with Stripe to process your payments and manage subscriptions.
  • Hosting and Database Providers: Our application and database are hosted on Vercel and Supabase (PostgreSQL).
  • Email Services: For transactional emails (e.g., password resets, important account notifications), we may use email delivery services such as Microsoft 365.
  • Customer Support Platforms: If you interact with us via Discord for support, Discord's privacy policy will apply to your interactions on their platform.
  • Analytics: Our internal analytics system processes usage data to help us improve our services. This data is not shared with external parties for their independent use.

We may also disclose your information:

  • As Required by Law: If we are required to do so by law or in response to valid requests by public authorities.
  • To Protect Our Rights: To enforce our policies, or protect our rights, property, or safety.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal information may be transferred as part of that transaction.

5. Data Retention and Deletion

We retain your personal information for as long as your account is active or as needed to provide you with our Services.

If you choose to delete your account:

  • We will promptly delete your personal information, including your profile, User Stories, generated resumes and cover letters, and other associated data from our active databases.
  • This deletion will typically occur immediately or within a very short operational window.
  • We may retain certain data for a limited period (e.g., up to 3 days in backups, or longer if required for legal reasons such as compliance with tax laws or fraud prevention), after which it will be securely deleted or anonymized.

Data sent to AI providers for processing (e.g., generating a resume) is used "in runtime" for that specific request. We rely on the AI providers' commitments regarding data retention for such processing.

6. Data Security

We implement reasonable technical and organizational security measures designed to protect the security of any personal information we process. This includes:

  • Encryption in transit (HTTPS)
  • Encryption at rest for data stored in our Supabase database
  • Access controls, including Supabase Row Level Security (RLS), to ensure users can only interact with their own data
  • Password hashing
  • Regularly reviewing our information collection, storage, and processing practices

However, please remember that no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

7. Your Data Rights

Depending on your location, you may have certain rights regarding your personal information. These rights include:

  • The right to access: You can request copies of your personal information
  • The right to rectification: You can request that we correct any information you believe is inaccurate
  • The right to erasure (right to be forgotten): You can request that we erase your personal information, under certain conditions
  • The right to restrict processing: You can request that we restrict the processing of your personal information
  • The right to object to processing: You can object to our processing of your personal information
  • The right to data portability: You can request that we transfer the data to another organization or directly to you
  • The right to withdraw consent: If we are relying on your consent, you have the right to withdraw it at any time

You can exercise most of these rights directly through your account settings within the Resumex application. For other requests or if you need assistance, please contact us at support@resumex.co.

8. Children's Privacy

Resumex is not intended for or directed at individuals under the age of 16 (or the relevant age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us atsupport@resumex.co.

9. Cookies and Tracking Technologies

We use cookies and similar technologies (such as localStorage) for essential website functions, primarily for user authentication and to remember your session and preferences. We do not use cookies for extensive tracking for third-party advertising purposes. Our internal analytics may collect usage data to improve the app, but this is not tied to third-party advertising networks.

10. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. Our primary data storage and processing occur via Supabase and Vercel, which may utilize servers in various locations, including the United States. Our AI processing partners may also process data in different locations. We take steps to ensure that your data is treated securely and in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. We may also notify you via email or through an in-app notification of significant changes. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Region-Specific Disclosures

12.1. For California Residents (CCPA/CPRA):

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). These include:

  • The right to know what personal information is being collected about you
  • The right to delete personal information held by us, subject to certain exceptions
  • The right to opt-out of the sale or sharing of personal information (Resumex does not sell your personal information)
  • The right to correct inaccurate personal information
  • The right to limit use and disclosure of sensitive personal information
  • The right to non-discrimination for exercising your CCPA/CPRA rights

To exercise these rights, please contact us at support@resumex.coor through your account settings.

12.2. For Brazilian Residents (LGPD):

If you are a resident of Brazil, you have rights under the Lei Geral de Proteção de Dados (LGPD), including:

  • Confirmation of the existence of processing
  • Access to your data
  • Correction of incomplete, inaccurate, or outdated data
  • Anonymization, blocking, or deletion of unnecessary or excessive data
  • Portability of your data to another service or product provider
  • Deletion of personal data processed with your consent
  • Information about public and private entities with which we have shared data
  • Revocation of consent

To exercise these rights, please contact us at support@resumex.co. Our Data Protection Officer (DPO) for LGPD purposes is Hygor Dias, reachable at support@resumex.co.

12.3. For Canadian Residents (PIPEDA):

If you are a resident of Canada, your personal information is protected by the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to:

  • Access your personal information held by us
  • Request correction of your personal information if it is inaccurate or incomplete
  • Challenge our compliance with PIPEDA

To exercise these rights or make inquiries, please contact us atsupport@resumex.co.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Developer: Hygor Dias

Email: support@resumex.co