Privacy Policy
Last updated: April 20, 2026
1. Overview
ResuSculpt ("we", "us", or "our") operates resusculpt.com (the "Service"). This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. By using the Service you agree to this policy.
2. Information We Collect
Account information
When you register we collect your name and email address. If you sign in with Google, we receive your name and email from Google.
Resume and job description content
To provide the tailoring service, we store the resume text you upload or paste and the job descriptions you submit. This content may include personal career information such as work history, education, and skills.
Billing information
Payments are processed by Stripe. We do not store credit card numbers. We receive and store your Stripe customer ID and subscription status.
Usage data
We log the number of tailoring jobs you run per month in order to enforce free-tier limits. We also collect standard server logs (IP address, request timestamps) for security and debugging.
3. How We Use Your Information
- To provide and improve the AI resume tailoring service.
- To send transactional emails — email verification and password reset links only. We do not send marketing emails.
- To process payments and manage your subscription via Stripe.
- To enforce usage limits and prevent abuse.
- To respond to support requests.
4. AI Processing — OpenAI
Your resume content and job descriptions are sent to OpenAI's API to generate tailored output. OpenAI processes this data under their API data usage policy. API data is not used to train OpenAI models by default. Do not submit resumes containing sensitive personal information (e.g. Social Security numbers, passport numbers, or financial account numbers).
5. Third-Party Services
We use the following third-party providers:
- OpenAI — AI text generation (resume + job description content)
- Stripe — Payment processing and subscription management
- Amazon Web Services — Cloud infrastructure (hosting, database, file storage, and email delivery via SES)
- Google — Optional sign-in via Google OAuth
6. Data Retention
We retain your account data and resume content for as long as your account is active. When you delete your account (Settings → Danger Zone), your account is soft-deleted and permanently purged after 30 days. Tailoring job results are retained until you delete them or your account is purged.
7. Cookies and Local Storage
We use browser localStorage to persist your login session (refresh token). We do not use third-party tracking cookies or advertising cookies.
8. Your Rights
You have the right to:
- Access the data we hold about you by contacting us.
- Correct inaccurate information via the Settings page.
- Delete your account and all associated data at any time via Settings.
- Export your tailored resume results using the Download button on each job.
If you are located in the EEA or UK, you may also have rights under GDPR, including the right to data portability and to lodge a complaint with your supervisory authority.
9. Data Security
All data is encrypted in transit (HTTPS/TLS 1.2+) and at rest (AES-256). Database access is restricted to private network subnets. We do not log resume content in application logs.
10. Children's Privacy
The Service is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with their information, please contact us and we will delete it.
11. Changes to This Policy
We may update this policy from time to time. We will notify registered users by email of material changes. Continued use of the Service after changes constitutes acceptance.
12. Contact
Questions about this policy? support@resusculpt.com