Your privacy

CVWiser is operated from Belgium and acts as the data controller for personal data processed through cvwiser.com. For privacy requests, contact support@cvwiser.com.

This Privacy Policy explains how we process personal data when you create an account, build a profile, generate CVs and cover letters, export documents, track applications, or contact support. It applies to visitors and registered users in the European Economic Area (EEA) and elsewhere, with additional rights for EEA residents under the GDPR.

Depending on how you use CVWiser, we may process:

• Account data — email address, authentication identifiers, and account settings.
• Profile & CV content — name, contact details, work history, education, skills, links, profile photo (if uploaded), and other information you enter.
• Application documents — job descriptions you paste, generated CV and cover letter content, template choices, ATS analysis results, and export history.
• Application tracking — company names, job titles, application status, notes, and follow-up dates.
• Billing data — plan status, Stripe customer id, subscription period, generation credits, and payment-related metadata. We do not store full card numbers.
• Technical & usage data — IP address, browser type, device information, pages visited, and analytics events (see our Cookie Policy).
• Support communications — messages you send via contact forms or email.

We process personal data only where a lawful basis applies under Article 6 GDPR:

• Contract — to provide the service you signed up for (account, profile storage, document generation, exports, and application tracking).
• Legitimate interests — to secure the platform, prevent abuse, improve reliability, and understand aggregated product usage, balanced against your rights.
• Consent — where required for non-essential cookies and analytics (see Cookie Policy). You may withdraw consent at any time.
• Legal obligation — to comply with tax, accounting, or regulatory requirements where applicable.

We use personal data to:

• create and maintain your account and profile;
• generate and store tailored CVs, cover letters, and related analysis;
• enable exports, editing, and application tracking;
• process subscriptions and one-time purchases;
• send service emails (e.g. welcome, billing receipts, follow-up reminders if enabled);
• respond to support requests;
• monitor security, debug issues, and improve the product.

We do not sell your personal data or share it with third parties for their own marketing.

To tailor documents, we send relevant profile fields and job descriptions to AI providers for processing. Outputs are stored in your account. Do not submit special category data (e.g. health, religion, trade union membership) unless you choose to include it in your CV content — you control what you enter.

We use trusted providers who process data on our instructions under data processing agreements where required:

• Supabase — authentication, database, and file storage.
• Stripe — payment processing.
• Google — Analytics (GA4) and AI document generation services.
• Vercel — website hosting and delivery.
• Email providers — transactional and reminder emails.

Some providers may process data outside the EEA (for example in the United States). Where this occurs, we rely on appropriate safeguards such as the EU Standard Contractual Clauses or equivalent mechanisms, and provider commitments under their data protection terms.

We keep personal data for as long as your account is active or as needed to provide the service. If you delete your account or request erasure, we delete or anonymise data within a reasonable period, except where we must retain records for legal, security, fraud-prevention, or billing purposes (typically up to seven years for financial records where required by law).

If you are in the EEA, you have the right to:

• access your personal data;
• rectify inaccurate data;
• erase data ("right to be forgotten") in certain cases;
• restrict or object to processing in certain cases;
• data portability for data you provided, where applicable;
• withdraw consent where processing is based on consent;
• lodge a complaint with a supervisory authority.

To exercise these rights, email support@cvwiser.com. We respond within one month as required by GDPR, or inform you if an extension applies.

We use authentication, access controls, encryption in transit (HTTPS), and industry-standard hosting practices. No method of transmission or storage is 100% secure; please keep your login credentials confidential.

We use essential cookies for login sessions and, with your consent where required, analytics cookies (Google Analytics 4) to understand site usage. Details, legal bases, and how to opt out are in our Cookie Policy.

We may update this policy from time to time. Material changes will be posted on this page with an updated "Last updated" date. Where appropriate, we may notify you by email or in-app notice.

Privacy questions: support@cvwiser.com or our contact page.

EEA residents may lodge a complaint with their local supervisory authority. In Belgium, this is the Data Protection Authority (APD/GBA).