Privacy Policy

CVGlow is a company registered in the State of New Mexico, United States, and acts as the data controller for personal information collected on this site.

For any privacy question, write to hello@cvglow.co.

Google sign-in: name, email address, Google account identifier, and profile picture.

Account profile: onboarding preferences (target contract type, field, education level) and your chosen interface locale.

Uploaded content: resumes you upload, job postings you paste, and resumes generated by the service on your behalf.

Billing: active plan, status, billing period, and the Dodopayments customer and subscription identifiers tied to your account.

Sessions: essential cookies that secure your sign-in session and the Google OAuth flow.

Essential cookies are used for authentication, session continuity, and OAuth security checks.

We use PostHog with anonymized tracking — no analytics cookies, no session recording, no autocapture, and no IP address collection.

Because the analytics configuration is limited to aggregated audience measurement and does not identify visitors, we do not show a cookie banner. EU visitors may still object to processing at any time via hello@cvglow.co.

Events we explicitly track: sign-up, sign-in, resume upload, tailoring started, tailoring completed or failed, PDF download, checkout opened, purchase completed, upgrade clicks, and application-status changes.

To create and maintain your CVGlow account when you sign in with Google.

To deliver the service: resume tailoring, PDF generation, and job application tracking.

To process payments and manage your billing through Dodopayments.

To keep a secure, active session while you use the dashboard.

Google: OAuth authentication.

Anthropic (Claude): AI-based resume tailoring. Your data is not used to train the underlying models.

Dodopayments: payment processing and subscription billing.

Supabase: encrypted Postgres database hosting in the European Union.

PostHog: cookie-less, anonymized product analytics.

Sentry: production error monitoring.

Account data is retained while the service needs it, unless you ask us to delete it.

Sessions are retained for the duration set by the application and can be revoked at any time by signing out.

Billing records are retained as required by accounting and tax obligations.

After account deletion, your resumes, applications, and related data are removed within 30 days, except where retention is required by law.

You may request access to your account data, correction of inaccurate data, deletion of your account, and a copy of your data in a portable format at any time via hello@cvglow.co.

California residents have additional rights under the CCPA, including the right to know, the right to delete, and the right to non-discrimination for exercising these rights. We do not sell personal information.

Residents of the European Economic Area, the United Kingdom, and Switzerland have additional rights under the GDPR and equivalent laws, including the right to object to processing, the right to restrict processing, and the right to data portability. Where processing is based on consent, you may withdraw consent at any time without affecting prior processing.

You may also lodge a complaint with your local data protection authority (in France, the CNIL — cnil.fr) if you believe your rights have not been respected.

CVGlow is operated from the United States and stores its database in the European Union. Some service providers (Google, Anthropic, PostHog, Sentry) may process data in the United States.

For users in the European Economic Area, the United Kingdom, and Switzerland, transfers to the United States are made under the EU Standard Contractual Clauses or equivalent safeguards provided by each subprocessor.

Data is stored encrypted at rest in European servers.

Access is limited to authorized personnel and is logged in an internal audit trail.

Sessions are protected against CSRF, XSS, and cookie-hijacking attacks.

We may update this policy as the service evolves or as required by law. The "last updated" date at the top of this page reflects the most recent revision.

Material changes will be communicated by email to account holders before they take effect.

For any privacy question, write to hello@cvglow.co.