Privacy, security, and trust.
We treat your data the way we'd want ours treated. Every legal document, every commitment we make, lives here.
Your data stays yours
We never sell your data, never share it for advertising, never use it to train AI models.
Production-grade security
TLS encryption, strict CSP headers, rate limiting, audit logs, and Sentry error monitoring.
GDPR + DPDP compliant
Full rights for EU and Indian users including data export, correction, and deletion.
All policies
Legal documents
Privacy Policy
PrivacyWhat data we collect, how we use it, and your rights under GDPR and DPDP.
Terms of Service
AgreementThe rules for using ResumeAI. Account terms, payments, dispute resolution.
Refund Policy
Billing7-day no-questions refund on unused credits. How to request a refund.
Cookie Policy
PrivacyWhat cookies we use (only essential ones — no tracking, no ads).
Acceptable Use Policy
AgreementWhat you can and cannot do on ResumeAI. Anti-abuse rules.
Data Processing Addendum
BusinessGDPR Article 28 contract for business users. Most individuals don't need this.
Transparency
Sub-processors
These are the only companies that touch your data, and only to help us run the service.
Clerk
Authentication
Supabase
Database hosting
Groq
AI inference (does not retain or train on your data)
Stripe
Payment processing
Vercel
Application hosting
Upstash
Rate limiting
Sentry
Error monitoring
See Privacy Policy §5 for details on each provider.
Get in touch
Privacy & security contacts
Privacy requests
Data access, correction, or deletion under GDPR / DPDP.
privacy@resumeai.blog
Security disclosures
Report a vulnerability. 48-hour acknowledgement.
security@resumeai.blog
India Grievance Officer
Required contact under India's DPDP Act 2023.
grievance@resumeai.blog
Refunds
Request a refund on unused credits.
refunds@resumeai.blog