Privacy Policy
Effective: 2026-05-30 · Last updated: 2026-05-30
snipecv is a small indie project — one person + a lot of AI. This page is the honest, plain-English answer to "what does snipecv do with my data?"
Contact: legal@snipecv.com
TL;DR
| Do we sell your data? | No. |
| Do we show ads? | No. |
| Do we run third-party trackers? | No. |
| Do we train AI models on your CV? | No. |
| Who owns your CV content? | You do. |
| Can you delete your account? | Yes, any time. |
The rest of this page just spells those answers out properly.
1. What we collect
1.1 From OAuth sign-in
When you sign in, the provider shares a small set of fields. That's everything we get — we don't ask for your contacts, social graph, or anything else.
| Provider | Fields we receive |
|---|---|
| email, name, profile picture, account ID | |
| GitHub | email, name, username, profile picture, user ID |
| email, name, headline, profile picture, account ID |
1.2 From your activity on snipecv
- The CVs you write or paste (markdown)
- Every saved version of every CV
- Job postings you save for tailoring
- AI-tailored CV variants the model produces from your inputs
1.3 When you pay
Payments are handled by Polar — they're our payment processor. We never see your card. We store:
- Your Polar order ID
- Whether the payment succeeded
- The credit pack you bought
1.4 Operational
- Standard server logs (IP, browser, pages visited)
- Anonymous usage stats (cookieless, no cross-site tracking)
2. What we don't do
- No sale of your data to anyone, ever
- No ad targeting — we don't run third-party ad tech
- No AI training on your content
- No profiling for purposes outside running this service
- No sharing with recruiters or job sites — your CVs are yours
3. Who else handles your data
We use a few specialist services to actually run snipecv. Each one only handles the piece it needs.
| Service | Role | What they see |
|---|---|---|
| Cloudflare | Hosting + database | Everything (it's where everything lives) |
| Polar | Payment processing | Your order info + email |
| OpenRouter / DeepSeek | AI tailoring | Your CV + job posting, per request |
| PostHog | Anonymous usage stats | Cookieless event data |
| Google / GitHub / LinkedIn | OAuth sign-in | Only the sign-in handshake |
No other companies get to see your data.
4. About the AI tailoring
When you click "Tailor for this job", your CV and the job posting are sent to the AI for that one request. The AI returns a rewritten CV. The conversation ends there. The AI doesn't know your name or email — just the text you asked it to work with.
⚠️ Important. AI can make things up — invented skills, wrong dates, exaggerated accomplishments. Always check the diff before using a tailored CV anywhere. That's why the diff view exists.
5. Cookies
Just one cookie, used only to keep you signed in. No ad cookies. No marketing cookies. No third-party tracking. Our usage stats run without cookies entirely.
6. How long we keep things
| Data | Kept until |
|---|---|
| Your account, CVs, all versions | You delete your account |
| Sign-in (stay logged in) | About a week, or you sign out |
| Payment records | About 5 years (tax records) |
| Server logs | About a week |
| Anonymous usage stats | About a year |
When you delete your account, we delete your CVs, versions, and OAuth identity within 30 days. Payment records may stick around in anonymized form because tax law requires it.
7. Your rights
If you're in the EU/UK (GDPR), California (CCPA), or anywhere with similar law, here's what you can do:
| Right | What you do |
|---|---|
| See what we have | Email us — we'll send you a copy |
| Correct what's wrong | Email us, or fix it in your account directly |
| Delete it all | Delete your account, or email us |
| Get a copy of your CVs | Use the export feature, or email us |
| Stop processing | Email us — we'll stop |
| Withdraw AI consent | Just stop using the Tailor button |
How to ask: Email legal@snipecv.com. We aim to respond within a week, definitely within 30 days. We may ask you to verify via your OAuth sign-in before we act.
8. Kids
snipecv isn't for users under 16. We don't knowingly collect data from minors. If a kid signed up, email us and we'll delete the account.
9. Where your data lives
Our service providers are mostly in the US. If you're elsewhere, your data crosses borders to get processed. All the providers we use have standard data-transfer agreements in place for this.
10. Security
We do the basics that matter:
- Encrypted connections everywhere
- Encrypted secrets
- OAuth-only sign-in (no passwords on our side to leak)
No system is bulletproof. If something looks off, tell us fast.
11. Changes to this policy
When this changes meaningfully, we update the date at the top and let you know on next sign-in. Continued use means you're cool with the update.
12. Contact
legal@snipecv.com for anything privacy-related — questions, deletion, complaints, weird situations.
This is written in good faith and reflects what the product actually does. It's not legal advice. If you need formal terms for a regulated use case, please talk to us first.