Effective Date: 25 September 2024
At AICVScreen, we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we, as an individual operator, collect, use, and protect your personal data when you use this app.
The data controller and Data Protection Officer (DPO) responsible for your personal data is:
Site Owner (Individual)
Contact: contact@aicvscreen.com
Personal Data in CVs: As part of our core service, we collect and analyze personal data submitted in the form of CVs (resumes). The AI-powered screening tool processes CVs to score candidates based on skills, experience, and their match against a job description. This data is used solely for the purpose of screening CVs against job applications and is not used for any other purpose. Once the analysis is completed, the CV is deleted from our system, ensuring that we do not store or retain your personal data beyond this point.
AI-Driven Processing: All CV screenings are performed by our AI technology, with no human intervention involved. The AI generates results based on the data provided, and no manual reviews or decisions are made by individuals.
Purpose Limitation: We ensure that the personal data collected through CVs is used only for the specific purpose of screening against the job descriptions you provide. This use aligns with user expectations and adheres to the principle of Purpose Limitation under GDPR.
Data Minimization: We are committed to the principle of Data Minimization, which means we only process the personal data necessary for the screening service and do not store or share CVs, or the data contained in them, beyond the immediate analysis.
Transparency: We are committed to transparency about how your personal data is used. This privacy policy provides clear information on how CVs are processed and deleted after screening, fulfilling GDPR’s requirement for transparency.
Security Measures: We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, alteration, or disclosure. This includes ensuring that any temporary data processing during screening is secure.
Consent: By using our service, you consent to the processing of your CV data as described in this privacy policy. We ensure that we have a legitimate reason to process your data, specifically for the purpose of CV screening.
User Rights: Under the GDPR, you have specific rights regarding your personal data. For detailed information on these rights and how to exercise them, please refer to Section 8: [Your Rights].
Essential Cookies: We only use essential functional cookies that are necessary for the website to function properly. These cookies do not collect personal information and are used for purposes such as:
These cookies are strictly necessary for both subscribed and unsubscribed users and do not require consent under GDPR and UK GDPR. We do not use any non-essential cookies for marketing or tracking purposes.
For subscribed users, we collect the following minimal personal data required for managing your subscription and providing our services:
For safety reasons, we rely on a globally recognized and trusted provider like Stripe to handle and securely process your card information. We do not store your card details directly on our servers. Stripe’s privacy policy can be viewed at https://stripe.com/gb/privacy.
We use your personal data only for the following purposes:
While this privacy policy has been designed to comply with the requirements of the UK GDPR and EU GDPR, we recognize that our website is accessible worldwide. Therefore, we aim to meet global privacy standards, including the California Consumer Privacy Act (CCPA) for users from California. If you are a resident of California or other regions with specific data privacy laws, please contact us to exercise your rights as applicable under your local regulations.
We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, alteration, or disclosure. Sensitive data such as your password is encrypted, and card details are processed by Stripe using industry-standard security measures.
Under the GDPR, you have the following rights concerning your personal data:
To exercise any of these rights, please contact us at contact@aicvscreen.com. We will respond to your request in accordance with applicable data protection regulations.
To exercise your rights under data protection laws, including requesting access to, correction of, or deletion of your personal data, or to object to or restrict the processing of your data, please contact us at contact@aicvscreen.com. We will respond to your request in accordance with applicable data protection regulations.
In the event of a data breach, we are committed to addressing the issue promptly and transparently. Our procedures for handling data breaches are as follows:
1. Detection and Reporting: We have implemented robust security measures to prevent data breaches. If a breach occurs, it will be detected through our monitoring systems and reported to our designated Data Protection Officer (DPO) or Privacy Officer.
2. Assessment: Upon detection, we will assess the breach to determine its nature, the scope of the data affected, and the potential impact on individuals. This assessment will include identifying the type of personal data involved, assessing the potential harm or risk to affected individuals, and determining the cause and extent of the breach.
3. Notification: If the breach poses a risk to the rights and freedoms of individuals, we will notify the relevant data protection authority within 72 hours of becoming aware of the breach, as required by GDPR. This notification will include a description of the nature of the breach, the categories and approximate number of data subjects affected, the categories and approximate number of personal data records affected, the likely consequences of the breach, and the measures taken or proposed to address the breach.
4. Communication with Affected Individuals: If the breach is likely to result in a high risk to the rights and freedoms of individuals, we will notify affected individuals without undue delay. This communication will include a description of the nature of the breach, the likely consequences, the measures taken or proposed to address the breach, and advice on how individuals can protect themselves from potential adverse effects.
5. Record-Keeping: We will maintain a record of any data breaches, including the facts relating to the breach, its effects, and the remedial action taken. This record will be kept for a minimum of 6 years or as required by applicable laws.
6. Review and Improvement: Following a data breach, we will review our procedures and policies to identify any weaknesses and take corrective actions to prevent similar breaches in the future. This review will be documented and used to improve our data protection practices.
7. Contact Information: For any questions or concerns regarding data breaches or our procedures, please contact our Data Protection Officer at contact@aicvscreen.com.
We use third-party service providers, such as Stripe, to handle specific aspects of our service (e.g., payment processing). These third parties are responsible for ensuring that your data is handled in compliance with GDPR. We recommend reviewing their privacy policies:
We may update this privacy policy from time to time. Any significant changes will be communicated via email or a notice on our website. We encourage you to review this policy periodically to stay informed of any updates.
If you have any questions or concerns regarding your privacy or this policy, please contact us at:
contact@aicvscreen.com