Privacy Policy
Last updated: 1 March 2025
Protecting your personal data is our priority. This policy explains what data we collect, how we use it and what rights you have.
1. Data controller
The controller of your personal data is CV-Editor s.r.o., based in Prague, Czech Republic. If you have questions about the processing of your personal data, contact us at: gdpr@cv-editor.com.
2. What personal data we process
We process the following categories: (a) Registration data: name, email, password (hashed); (b) CV data: information voluntarily provided; (c) Payment data: processed by Global Payments — we do not store card numbers; (d) Technical data: IP address, browser, access logs.
3. Purpose and legal basis for processing
We process on the basis of: (a) Performance of contract (Art. 6/1/b GDPR) — service provision; (b) Legitimate interests (Art. 6/1/f GDPR) — security, fraud prevention; (c) Consent (Art. 6/1/a GDPR) — marketing (only with your consent).
4. Retention periods
We retain personal data for the duration of the active account and 3 years after closure. Payment records for 5 years under accounting regulations. Marketing until consent is withdrawn.
5. Recipients of personal data
We share with: (a) Global Payments — payment gateway; (b) Anthropic PBC — AI processing; (c) Vercel Inc. — hosting; (d) Public authorities in cases required by law.
6. Your rights
You have the right to: access, rectification, erasure, restriction of processing, data portability, objection, withdrawal of consent, lodging a complaint with the supervisory authority. Contact: gdpr@cv-editor.com.
7. Cookies
We use necessary cookies (session, authentication) and analytical cookies (anonymised statistics). We minimise third-party cookies. You can adjust browser settings as you see fit.
8. Security
Communications are TLS-encrypted. Passwords are bcrypt-hashed. Regular security audits. We notify of security incidents in accordance with GDPR.