Privacy Policy

Who we are

MiraeCV ("we", "us", "our") operates the MiraeCV service (miraecv.com and related apps), an AI-powered resume and cover letter builder, resume rewrite workspace, job listings, and career tools.

Data we collect

• Account data. When you register, we collect email and name through Supabase Auth and our users database. If you sign in with LinkedIn, we receive the basic profile and email information authorized through LinkedIn OIDC. If you separately authorize or provide LinkedIn profile import data, we may store the imported profile data and a formatted profile summary to personalize your resume workflow.
• Resume and content. We store the information you provide to create, edit, upload, or rewrite resumes: profile text, contact details included in a resume, job descriptions, company or job-posting URLs, generated resumes and cover letters, uploaded resume content, parsed resume structure, resume HTML, template selections, exports, and optional profile photos. This is stored to deliver the service and, when logged in, to show your saved resumes and history.
• Usage, credits, and payments. We track usage, AI credit balances, free and paid credits, purchase events, Stripe checkout session metadata, and related billing identifiers so we can enforce limits, grant credits, and reconcile payments. Card details are handled by Stripe; we do not store full card numbers.
• Technical data and logs. We use an anonymous identifier cookie (anon_id) with a 90-day lifetime where the app needs to recognize returning anonymous visitors. Our servers log API requests (method, path, status, response time, IP address, user-agent, and when applicable user id) for security and operations. We may log resume/rewrite actions in audit logs, and for AI-generated content we may store prompts, AI responses, token usage, request ids, timing, and error details for debugging, quality, cost tracking, and abuse prevention.
• Browser storage. We use your browser’s local and session storage for authentication tokens, cached results, language preference, and job filters. This data stays on your device; we do not read it for tracking beyond providing the service.

How we use data

We use the data above to provide, secure, and improve MiraeCV; to enforce usage limits; and for debugging and analytics. We do not sell your personal information or your resume content to third parties for marketing or advertising.

AI processing

Resume generation, rewrite, parsing, suggestions, ATS scoring, and related AI features are primarily powered by DeepSeek. Some deployments may use Moonshot/Kimi as a fallback if DeepSeek fails. Scanned PDF uploads may use vision OCR through Replicate or a configured self-hosted OCR endpoint. The content you submit and the generated output may be processed by these providers in accordance with their own terms and privacy policies. For more information, see DeepSeek’s privacy policy.

Third parties

We rely on: Supabase (authentication, database, and storage), LinkedIn (sign-in and optional profile import), DeepSeek and, when configured, Moonshot/Kimi (AI), Replicate or a self-hosted endpoint (vision OCR for scanned PDFs), and Stripe (checkout and payment processing). We may also fetch job-posting or company webpages you provide so we can extract job context. Data may be stored or processed in the United States or other regions where these providers operate. Their respective privacy policies apply to their handling of data.

Retention

We retain your account and associated content for as long as your account exists or as long as needed to provide the service. API logs, audit logs, prompt logs, billing records, and operational records may be kept for a limited period or as long as needed for security, debugging, financial reconciliation, legal compliance, and abuse prevention. The anonymous identifier cookie, when used, expires after 90 days. After you delete your account or request deletion, we delete or anonymize personal data in line with this policy and our systems' capabilities, while retaining records we are required or permitted to keep.

Your rights

You may request access to, correction of, or deletion of your personal data, and where applicable export of your data. If you are in the European Economic Area or the UK, you may have additional rights under GDPR (e.g. object, restrict, lodge a complaint with a supervisory authority). If you are in California, you may have rights under the CCPA. We will respond to valid requests in accordance with applicable law.

Security

We use reasonable technical and organizational measures to protect your data. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

Children

MiraeCV is not intended for users under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it.

Cookies and local storage

We use cookies and browser storage to operate the service, support authentication, keep you signed in, cache results, and store preferences. Supabase Auth may store session information in browser storage. You can disable or clear cookies and local storage in your browser; some features may not work correctly if you do.

Changes

We may update this Privacy Policy from time to time. We will post the updated version on this page and indicate the last updated date. Continued use of MiraeCV after changes constitutes acceptance of the revised policy. For material changes, we may provide additional notice (e.g. by email or in-app).

Contact

For privacy-related requests or questions, email us at support@miraecv.com.