Privacy Policy

Last updated: 18 June 2026

This policy explains what information DesiCV collects, how we use it, and the choices you have. Contact us about any data request at privacy@desicv.com .

Your CV and uploaded files

  • Your uploaded CV is stored privately, transmitted over HTTPS only, and is deleted within 24 hours of delivery of your converted CV.
  • We never sell or share your CV. It is used solely to produce your conversion.

Information we collect

  • Details you submit on the request form (name, email, country, destination, role, notes).
  • Basic technical data needed to deliver and secure the service (e.g. anti-spam signals).
  • Your approximate location, derived from your IP address, used to set the correct pricing tier for your region.

Location detection for pricing

  • When you start a request, we detect your country from your IP address to set your pricing tier. We use a third-party lookup service (ipwho.is) for this.
  • We do not store your full IP address for marketing, and you can tell us if the detected location is wrong; we review manual changes before confirming your tier.

Advertising and cookies

  • Third-party vendors, including Google, use cookies to serve ads based on your prior visits to this and other websites.
  • Google’s use of advertising cookies is described here: How Google uses information from sites that use its services.
  • You can opt out of personalised advertising via Google Ad Settings.
  • We do not set advertising cookies before you consent. You can change or withdraw consent at any time via the cookie banner.

Payments

All payments are processed by Stripe, Inc. DesiCV does not store or handle your card number, expiry date, CVC, or any other payment card data. When you pay, you are submitting that information directly to Stripe over an encrypted connection. Stripe is a PCI DSS Level 1 certified payment processor. Their privacy policy is available at stripe.com/privacy.

To detect fraud and verify the legitimacy of transactions, Stripe may collect device information, IP address, and behavioural signals on our checkout pages. This processing is covered by Stripe's privacy policy and their legitimate interests in preventing fraud.

Service providers (processors)

We use a small set of trusted providers to operate the service:

  • Supabase: database and secure file storage
  • Resend: transactional email
  • Stripe: payment processing (card data handled entirely by Stripe — see above)
  • Google AdSense: advertising
  • ipwho.is: IP-based country detection for pricing

Your rights

Depending on where you live, you have rights under the GDPR, UK GDPR, and CCPA, including access, correction, deletion, and portability. See our GDPR notice for detail, or email us to exercise any right.