Privacy Policy

What Data We Collect

Short answer: almost nothing.

CV Tailor is a client-first application. Your career data — facts, job descriptions, CV drafts, fit reports, and compiled PDFs — is stored exclusively in your browser's IndexedDB. Our server does not persist any user data between requests.

Data stored in your browser

• Facts — your experience, achievements, skills, and career context
• Jobs — job descriptions and parsed briefs
• Iterations — CV drafts, fit scores, and interview answers
• Artifacts — compiled PDF files
• Settings — your configuration preferences (API key, model, thresholds)

You can export or delete all of this data at any time from the Settings page.

Data stored on our server

None. The server is stateless. It processes your request and returns the result without retaining any user data.

Third-Party Data Processing

OpenRouter (LLM Provider)

When you run the CV tailoring pipeline, the following data is sent to OpenRouter for AI processing:

• Your profile facts (experience sections)
• The job description text you provided
• Pipeline context (fit scores, interview answers)

This data is transmitted over HTTPS and processed by the language model you selected. We do not control how OpenRouter handles data after transmission. Please review OpenRouter's privacy policy for their data retention and processing practices.

You provide your own API key, which means requests go directly through your OpenRouter account.

Umami Analytics

We use Umami, a privacy-focused analytics tool, to understand how people use CV Tailor. Umami:

• Does not use cookies
• Does not collect personal data
• Does not track users across sites
• Collects only anonymous page view and event data

You can opt out of analytics in the Settings page.

Cookies and Local Storage

CV Tailor does not use cookies. We use browser localStorage for:

• Locale preference — your language choice (EN/RU)
• Consent flag — whether you accepted or declined this notice
• Analytics opt-out — your analytics preference

Your Rights

Under GDPR and similar regulations, you have the right to:

• Access your data — all data is visible in your browser; use the Export feature in Settings
• Delete your data — use the "Delete all data" button in Settings to permanently remove everything
• Opt out of analytics — toggle the analytics opt-out in Settings
• Portability — export your data as JSON from Settings

Since all data is stored locally in your browser, you are in full control. No request to us is needed to exercise these rights.

Data Security

• All communication with our server and OpenRouter uses HTTPS encryption
• Your API key is stored only in your browser's IndexedDB
• The server does not log request bodies or user data

Children's Privacy

CV Tailor is not directed at children under 16. We do not knowingly collect data from children.

Changes to This Policy

We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision.

Contact

If you have questions about this privacy policy, please open an issue on our GitHub repository.