Privacy Policy

Summary

1. Data Controller and Contact Information

Data Controller: ResuMatch GmbH

Address: Berlin, Germany

Email: privacy@resumatch.de

Phone: +49 30 1234567

Data Protection Officer

You can contact our Data Protection Officer directly at dpo@resumatch.de for any queries related to this Privacy Policy or your personal data.

2. Personal Data We Collect

Data You Provide to Us

We collect personal data that you voluntarily provide to us, including:

• Contact information: Name, email address, phone number
• Account information: Username, password (stored in encrypted form)
• Professional information: Resume/CV details, professional background, skills, education, work experience
• Communication data: Information you provide when contacting us or participating in surveys
• Waitlist submissions: Name and email when joining our waitlist

Data We Collect Automatically

When you use our website, we automatically collect:

• Technical data: IP address, browser type and version, time zone setting, operating system
• Usage data: Pages visited, time spent on pages, links clicked, navigation patterns
• Device information: Device type, screen resolution, mobile device information
• Location data: General location information derived from IP address
• Cookies and tracking data: Information collected through cookies and similar technologies

3. How We Use Your Personal Data

We use your personal data for the following purposes:

Service Provision and Contract Fulfillment

• To create and manage your account
• To provide our resume optimization services and career guidance
• To process and fulfill your requests
• To maintain our waitlist and notify you of service availability

Communication

• To respond to your inquiries and provide support
• To send administrative messages about our services
• To send you updates and news about our services (with opt-out options)
• To notify you about changes to our terms or privacy policy

Improvement and Optimization

• To analyze usage patterns and improve our website functionality
• To develop new products, services, and features
• To conduct research and analysis to enhance our services
• To personalize your experience and provide tailored content

Safety and Security

• To verify your identity and prevent fraud
• To detect and prevent security incidents
• To debug and fix errors in our systems
• To protect our rights, property, and safety

4. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases for processing your personal data:

Consent

We process certain data based on your explicit consent, such as:

• Sending marketing communications
• Using non-essential cookies and tracking technologies
• Processing special categories of personal data

You have the right to withdraw your consent at any time.

Contract Performance

We process data necessary to fulfill our contractual obligations to you, including:

• Providing our resume optimization services
• Managing your account
• Processing payments (when applicable)
• Delivering customer support

Legitimate Interests

We process data when it's in our legitimate interests to do so, including:

• Improving and optimizing our website and services
• Ensuring network and information security
• Preventing fraud and unauthorized access
• Conducting business analytics and research

We balance our interests against your rights and interests when relying on legitimate interests.

Legal Obligation

We process data to comply with legal obligations, including:

• Responding to legal requests from authorities
• Maintaining records for tax and accounting purposes
• Complying with employment and social security laws

5. Data Sharing and Recipients

We may share your personal data with the following categories of recipients:

Service Providers

We share data with service providers that help us operate our business, such as:

• Hosting and cloud infrastructure providers
• Email and communication service providers
• Analytics and performance monitoring providers
• Customer support tools
• Payment processors (when applicable)

All service providers act as data processors and are bound by data processing agreements that ensure they handle your data securely and in compliance with GDPR.

Business Partners

We may share data with business partners to provide complementary services, such as:

• Immigration specialists (with your consent)
• Career coaching providers
• Recruitment agencies (only with your explicit consent)

Legal Requirements

We may disclose your personal data if required by law or in response to valid requests from public authorities (e.g., courts or government agencies).

Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal data.

6. International Data Transfers

ResuMatch is based in Germany, and your data is primarily processed within the European Economic Area (EEA). However, some of our service providers may be located outside the EEA.

When we transfer personal data outside the EEA, we ensure that adequate safeguards are in place, such as:

• Transfers to countries with an adequacy decision from the European Commission
• Standard Contractual Clauses (SCCs) approved by the European Commission
• Binding Corporate Rules, where applicable
• Derogations for specific situations, such as with your explicit consent

You can request a copy of the specific safeguards applied to your data transfer by contacting us at privacy@resumatch.de.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements.

Retention Periods

• Account Data: We retain your account data for as long as your account is active. After account closure, we retain certain information for up to 2 years for legitimate business purposes, such as preventing fraud and addressing legal claims.
• Resume/CV Data: We retain your professional information for as long as your account is active, plus a period of 6 months after account closure to allow for easy reactivation if requested.
• Waitlist Submissions: We retain waitlist submission data until our service is launched and for a reasonable period afterward (up to 1 year) to ensure a smooth onboarding process.
• Communication Data: We retain email communications and support inquiries for 2 years to provide ongoing support and maintain service quality.
• Technical and Usage Data: We retain this data for up to 2 years to analyze trends, administer the website, and improve user experience.
• Marketing Preferences: We retain your marketing preferences until you withdraw your consent or request erasure.

Criteria for Determining Retention

In determining appropriate retention periods, we consider:

• The amount, nature, and sensitivity of the personal data
• The potential risk of harm from unauthorized use or disclosure
• The purposes for which we process the data and whether we can achieve those purposes through other means
• Applicable legal, regulatory, tax, accounting, or other requirements

Data Deletion

When personal data is no longer necessary, we either delete it securely or anonymize it so that it can no longer be associated with you.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. Our security measures include:

Technical Measures

• Encryption: We use TLS/SSL encryption for data in transit and encryption for sensitive data at rest
• Access Controls: Strict authentication mechanisms and role-based access controls
• Network Security: Firewalls, intrusion detection systems, and regular security scanning
• Backup Systems: Regular backups with secure storage
• Monitoring: Continuous monitoring for suspicious activities and potential breaches

Organizational Measures

• Staff Training: Regular data protection and security training for all staff
• Access Policies: Need-to-know access policies and confidentiality agreements
• Security Audits: Regular internal and external security audits
• Incident Response: Documented data breach response procedures
• Vendor Assessment: Thorough security assessment of service providers

While we implement safeguards, no method of transmission over the Internet or electronic storage is 100% secure. We continuously review and enhance our security measures to maintain the safety of your personal data.

9. Your Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request copies of your personal data. We may charge a small fee for this service if the request is manifestly unfounded, excessive, or repetitive.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

Right to Erasure (Right to be Forgotten)

You have the right to request that we erase your personal data, under certain conditions. This right may be limited by legal obligations or legitimate interests.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization or directly to you, under certain conditions.

Right to Object

You have the right to object to our processing of your personal data, under certain conditions, particularly for direct marketing purposes or when processing is based on legitimate interests.

Rights Related to Automated Decision Making and Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: privacy@resumatch.de
• Mail: ResuMatch GmbH, Musterstraße, 10115 Berlin, Germany
• Phone: +49 30 1234567

We will respond to all legitimate requests within one month. Occasionally, it may take us longer if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.

Complaints

If you are concerned about how we handle your personal data, please contact us first so we can address your concerns. You also have the right to lodge a complaint with a supervisory authority. In Germany, the relevant authority is:

Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Graurheindorfer Str. 153
53117 Bonn
Germany
https://www.bfdi.bund.de/

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website.

What Are Cookies?

Cookies are small text files stored on your device that help websites remember your preferences and improve your browsing experience.

Types of Cookies We Use

• Necessary Cookies: Essential for the website to function properly. These cookies don't collect personal information and cannot be disabled.
• Preference Cookies: Remember your preferences and settings to enhance your experience on return visits.
• Analytics Cookies: Help us understand how visitors interact with our website, allowing us to improve its functionality and content.
• Marketing Cookies: Track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad.

Specific Cookies We Use

Managing Your Cookie Preferences

You can manage your cookie preferences in the following ways:

• Cookie Consent Banner: Use our cookie consent banner when you first visit our website to select which types of cookies you accept.
• Browser Settings: Most web browsers allow you to control cookies through their settings. Please note that if you choose to disable cookies, some features of our website may not function properly.
• Opt-Out Tools: You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Other Tracking Technologies

In addition to cookies, we may use other tracking technologies, such as:

• Web Beacons: Small electronic files that help us analyze website traffic and user behavior.
• Local Storage: Data stored in your browser that persists after you close the browser.
• Session Storage: Similar to local storage but cleared when you close the browser.

11. Children's Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data without parental consent, please contact us at privacy@resumatch.de, and we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated version will be indicated by an updated "Last Updated" date at the top of this Privacy Policy.

If we make material changes to this Privacy Policy, we will notify you by email (if we have your email address) or by prominently posting a notice on our website prior to the changes becoming effective.

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal data.

13. Contact Us

If you have any questions, concerns, or feedback about this Privacy Policy or our data practices, please contact us at:

• Email: privacy@resumatch.de
• Address: ResuMatch GmbH, Musterstraße, 10115 Berlin, Germany
• Phone: +49 30 1234567

For data protection matters specifically, please contact our Data Protection Officer at dpo@resumatch.de.