SmartCVLabs are committed to protecting your privacy in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Given our minimal data storage approach, this Privacy Policy explains our limited collection, use, and handling of personal data when you use our website or services. We do not maintain databases or long-term storage beyond what’s necessary for service delivery and basic financial records. By using our services, you consent to these practices. If you do not agree, please do not provide us with your data.
1. Who We Are
We are SmartCVLabs, a UK-based service providing tailored CVs and cover letters using a hybrid AI-human approach. Our contact details: SmartCVLabs@gmail.com.
2. What Personal Data We Collect
We collect only essential data to provide our services, with no ongoing storage:
• Identifying Information: Name, email address, phone number, location (city/postcode), LinkedIn URL, nationality, and work eligibility.
• Professional Information: Work history (job titles, companies, dates, responsibilities, achievements), education (degrees, institutions, grades), skills, certifications, awards, and any additional details you provide (e.g., hobbies, references).
• Job-Specific Information: Job descriptions, links, company details, and preferences for CV formatting.
• Payment Information: Billing details (processed via secure third-party providers like Stripe; we do not store card details).
• Financial Records: For tax purposes, we may keep a simple spreadsheet with your name and payment amount (no other details).
• Technical Data: IP address, browser type, and device info (collected automatically via our website, but not stored long-term).
We do not collect sensitive data (e.g., race, health, political opinions) unless voluntarily provided and relevant.
3. How We Collect Your Data
• Directly from you: Via email, website forms, or post-payment submissions (temporarily held for processing only).
• Automatically: Through website cookies (for analytics; see Section 9) or server logs (not retained).
• From third parties: If you link to job postings or provide public URLs (e.g., LinkedIn).
4. Why We Collect and Use Your Data (Legal Basis)
We process data temporarily for:
• To Provide Services (Contract): Create and deliver tailored CVs/cover letters.
• To Process Payments (Contract): Handle transactions via secure gateways.
• Financial Record-Keeping (Legal Obligation): Maintain basic name/amount records for tax compliance.
• To Improve Services (Legitimate Interests): Anonymously analyse usage (no storage).
• Marketing (Consent): Send updates if you opt-in (withdraw anytime).
Data is deleted after service delivery, except minimal financial records.
5. Sharing Your Data
We may share necessary data temporarily with:
• AI tools (e.g., Grok by xAI) for content generation (de-identified where possible, deleted post-use).
• Service providers (e.g., email hosts like Google Workspace, payment processors like Stripe) under confidentiality.
• No data is shared for marketing without consent or sold.
All sharing complies with UK GDPR; we use UK/EU-based servers.
6. Data Storage and Security
• Storage: Minimal—data is processed via email/forms and deleted post-delivery. Financial records (name/amount) are stored securely in a password-protected spreadsheet on a local device or encrypted cloud (e.g., Google Drive).
• Security Measures: Encryption, firewalls, access controls, and audits to prevent breaches. In case of a breach, we notify you and the ICO within 72 hours if required.
• International Transfers: If data leaves the UK (e.g., to xAI), we use safeguards like Standard Contractual Clauses.
7. Data Retention
• Service data: Deleted immediately after delivery (within 24-48 hours).
• Financial records: Retained for 7 years per tax laws, then deleted.
• You can request deletion anytime (see Section 8).
8. Your Rights
Under UK GDPR, you have rights to access, rectify, erase, restrict, object to, or port your data, or withdraw consent. Email us at [your email]—we respond within 1 month (free). Complaints? Contact the ICO at ico.org.uk.
9. Cookies and Tracking
Our website uses essential cookies for functionality and analytics (e.g., Google Analytics)—no advertising. Manage via your browser. See our Cookie Policy [link if separate].
10. Children’s Privacy
Services not for under 16; no knowing collection from children.
11. Changes to This Policy
Updates posted here with date. Continued use means acceptance.
12. Contact Us
Questions: SmartCVLabs@gmail.com.
This policy reflects our low-data approach while ensuring compliance. Thank you for trusting SmartCVLabs.