Privacy Policy

Last Updated in April 2024

This Policy, also referred to as the Privacy Policy, outlines how Resumaker S.L, a Spanish company with the registration number B56750292, known as "Resumaker," "Company," "we," "us," or "our," gathers, utilizes, and shares information related to the functioning of our Website, our services, and all associated websites and software applications (collectively termed as the "Services" or "Website").

Please carefully review this Privacy Policy to gain insight into our information-handling practices. By utilizing the Website, you acknowledge that you have read and comprehended the terms outlined in this Privacy Policy, as well as our distinct Terms and Conditions. If you disagree with our practices, we advise against using or accessing the Website. Terms capitalized herein, but not defined, carry the same meaning ascribed to them in the Terms and Conditions.

For any queries, kindly reach out to us at

Personal Identifiable Information” or “PII” as used in this Privacy Policy, means any PII that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular user or, to the extent required under applicable privacy laws, a household. We collect PII that you voluntarily provide to us when you express an interest in obtaining information about our products and Services, when you participate in activities on the Website, or when you contact us.

This Privacy Policy applies to all persons who use our Website or who access information on our Website (“Users”). Certain portions of this Privacy Policy also apply to “Subscribers.” A Subscriber is a User who has subscribed to use our Services via our Website and who has paid all applicable fees. The act of subscription and payment shall constitute entering into a “Customer Agreement.”

In this Privacy Policy, “Processing” means any operation or set of operations performed upon PIIor sets of PII, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

In addition, “Controller” means the natural or legal person who determines the purposes and means of the processing of PII and is responsible for making decisions about why and how the PII is processed.  “Processor” means the natural or legal person that processes PII on behalf of the Controller, acting under the authority of the Controller and being tasked with carrying out specific processing activities as instructed by the Controller.


Our Processing of PII is governed by applicable data protection laws which may include the GDPR, UK GDPR, and various US State and federal privacy laws pertaining to PII that we Process on behalf of our Subscribers (“Applicable Privacy Laws”).

Other than as expressly stipulated within a statement of work or a separate data protection agreement attached, we collect and Process information under the sole direction of our Subscribers. This means that unless we specifically agree or are designated as such under Applicable Privacy Laws, we will not be considered a “Controller” or similar designation, but rather a “Processor”) At all times You are in control of Your information, and You can withdraw Your consent to provide Your information to the Company.


To utilize our Services, we require Users to provide us with certain Personally Identifiable Information (PII). Over the preceding twelve (12) months, we have gathered the following PII.

Generally, we collect PII that is voluntarily submitted by you through the Website and/or Services, primarily during account registration or resume creation. This may include certain PII that is collected via the use of Cookies or similar tracking technologies.

PII that we collect includes but is not limited to Users’ full name, email address, telephone number(s), address, profile picture, driver’s license type, LinkedIn profile URL, and URLs of any websites incorporated into your resume.

Due to the nature of our Services, Users may also be required to furnish details about their:

  • Nationality, gender, date of birth, place of birth, and marital status, some of which may be afforded special protections as protected class information under Applicable Data Privacy Laws.
  • Education and Employment Information: Information about your educational background, employment, employment history, and salary is collected.
  • Transaction and Payment Information: When you order Services or engage in a transaction, payment details are collected. Third-party payment processors handle payments, and while your details are directly provided to them, certain information may be shared with Us for payment confirmation.

Other information that may be collected via the Website includes:

  • Content that Users Make Public: Voluntarily posted or uploaded content for public display on the Website and/or Services, known as "Public Information," is collected. Once submitted, neither you nor Resumaker can control its subsequent copying, sharing, or usage by third parties.
  • Device/Internet Connection Information: When using the Website, information is automatically collected from your web browser, internet service provider, and device. This includes your IP address, device details, operating system, date and time of access, and login attempts.
  • Internet Activity Information: Data on browsing and search history, as well as interactions with websites, applications, or advertisements, including our Website, may be collected. This encompasses information about websites visited before and after using the Website.
  • Geolocation Information: Details about your general and specific location at the time of Website access, such as mailing address or IP address-derived approximate location, may be collected.
  • Inference Information: Resumaker may create new information by deriving inferences from the aforementioned categories, forming a profile that reflects your preferences, characteristics, predispositions, and behavior.

Please be aware that consent will always be sought before collecting additional information, and that we will not proceed without your permission.

Privacy Rights

Upon request, we will inform Subscribers whether we possess or Process any of their PII or handle it on behalf of a third party. To make such inquiries, please reach out to us at Subscribers can modify their information by editing their profile within the Website. For requests to have PII returned or removed, please also email at the above address. We aim to address access, modification, or removal requests within thirty (30) days.

Upon receiving a removal request from a Subscriber, we will respond within thirty (30) days. We retain PII for the duration required to offer Services, comply with legal obligations, settle disputes, and uphold agreements.

For Subscribers or individuals providing PII during their use of our Website or Services, we will delete the information upon request. However, despite the request, data may be retained as long as you maintain an account or as necessary to provide Services, meet legal obligations, resolve disputes, and enforce agreements.


  • We typically retain the PII provided by Users who are not Subscribers but who have completed steps 1-2 of the online Website subscription form for one (1) month or as otherwise permitted under applicable data retention laws, following which we delete or anonymize the PII, unless otherwise described above.
  • If a User becomes a Subscriber, we retain their PII for as long as needed for the purposes of the Processing or as otherwise permitted under Applicable Privacy Laws.
  • We undertake not to retain information of other Users for longer than required for the purposes of the Processing.

Where deletion or anonymization of PII is not practicable, for example, because a User’s PII has been stored in backup archives, then we will securely store their PII and isolate it from any further Processing until deletion or anonymization is reasonably determined by us to be possible.



We undertake various technical and organizational security measures to safeguard Users’ PII. These measures include the use of SSL technology for encrypting the transmission of sensitive data, such as account passwords and payment-related information. Additionally, all PII undergoes encryption, and we restrict access to personnel who require it in the context of providing Services.


Despite these precautions, no system can guarantee absolute security. While we take measures to protect your information, we cannot assure, and it is unreasonable to expect, that your PII or other information that you communicate to us via the Website will always remain protected.


The security of your PII and other information is also influenced by your actions. Refrain from sharing your password with others, and promptly alert us at if you suspect any compromise to your account security.


The Company inspects, from time to time, the data security of the Service and perform modifications and upgrades accordingly to keep the Service’s security.




PII Transfer


We provide our Services on a global basis, resulting in the collection and transfer of PII on an international scale. Consequently, Users’ PII may be transmitted to locations outside their residing country. Notwithstanding, all Users shall be deemed to have approved the Processing of their PII within the European Economic Area (EEA) unless otherwise prohibited by Applicable Privacy Laws.


When transferring PII that is subject to the GDPR beyond the EEA, we promote compliance with legal requirements to safeguard and maintain its protection and adhere to the following specific transfer rules, which may include:


  • Transferring PII to a jurisdiction approved by the European Commission, recognized for offering an adequate level of protection for PII based on an Adequacy Decision
  • Establishing contractual arrangements with recipients, incorporating provisions aligned with "model contractual clauses" approved by the European Commission, imposing obligations for the protection of Users PII
  • Other measures that are specifically approved by the European Commission.
  • Subscribers can obtain additional information regarding the protection measures applied to their PII during such transfers outside the EEA, including a copy of the standard data protection clauses agreed upon with recipients, by contacting us at

Use of Information

We use Users’ PII for the following purposes:

  • Improving and enriching existing services and content;
  • Modifying and/or removing existing services and content;
  • Performing research and providing statistical information to third parties (following anonymization or pseudonymization);
  • Enforcing Our legal or contractual rights or complying with applicable laws;
  • Collecting payments;
  • Any other purpose detailed in the terms of use and this Privacy Policy.

Users recognize that the Company has either a contractual, legal, or a legitimate business interest in Processing their PII. This enables the Company to send Users relevant and personalized content designed to improve their use of the Service.

Users who do not wish to receive marketing information have the right to object to such a receipt by contacting the Company via email at or by clicking a button provided in the marketing communication. Please note that if you object, this may affect the Company’s ability to send personalized content to You.

Some of the PII that Users are requested to provide is necessary for their use of and our ability to provide the Services. Accordingly, your refusal to provide us with that PII may render it impossible to provide you the Services. 

Transferring PII to Third Parties

We may share Users’ PII with third parties under the following circumstances:

  • The User has explicitly consented to the sharing of such PII;
  • When we share PII with service providers that we use to provide hosting for and maintenance of our Website, application development, backup, storage, payment processing, analytics and other services or as otherwise reasonably necessary by Us in order to perform or enhance the Services;
  • When we seek to enforce our legal or contractual rights or suspect that a User is using our Services in a manner that violates the Terms of Use or this Privacy Policy or that we suspect may result in a potential threat to the physical safety of another person (and as otherwise required by law or regulatory authorities).
  • In the context of debt collection, to a debt collector or law office that is responsible for managing debt collection activities)
  • To the extent permitted under Applicable Privacy Laws, in connection with a substantial corporate transaction, such as the sale of the Company' business, a divestiture, merger, consolidation, or asset sale, or in the event of insolvency; and
  • To vendors such as legal advisors, technical consultants or other professionals who are bound by either contractual or ethical duties of confidentiality.
  • situations involving potential threats to the physical safety of any person, violations of our Customer Agreement, or as otherwise required by law


From time to time, we may post testimonials on the Website that may contain PII. We obtain your consent to post your name along with your testimonial. If you wish to update or delete your testimonial, you can contact us at

We do not “Sell” PII unless specifically permitted by Applicable Privacy Laws (e.g., the CPRA in California).

Use of Third-Party Websites


Credit Card Processing

A third-party intermediary may be used to manage credit card processing. This intermediary is not permitted to store, retain, or use your billing information for any purpose except for credit card processing on our behalf.

Cookies and Other Data Collection Technologies

We may employ cookies and similar technologies for various purposes, potentially yielding PII, details about devices and networks used to access our Website, and insights into interactions with our platform.


Cookies, small data files containing an anonymous unique identifier, are sent to your browser from a website and stored on your device. Additional tracking technologies, like beacons, tags, and scripts, may also be used to gather and analyze information, enhancing the functionality and performance of our Service. Adjusting your browser settings allows you to refuse all cookies or receive notifications when a cookie is sent. However, declining cookies may limit access to certain parts of our Service.

Examples of cookies that we use include:

  • Session Cookies: Operating our Service effectively.
  • Preference Cookies: Remembering your preferences and settings.
  • Security Cookies: Enhancing security measures.

When you interact with our Website, we collect and log information, including IP addresses, browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, search queries, locale and language preferences, device identification numbers, mobile carrier, and system configuration. On occasion, we may associate PII with log file data to enhance our platform, treating the combined information in line with this Privacy Policy.

Additionally, we may gather geolocation data and Internet or electronic network activity information, such as browsing and search history, related to individuals interacting with our Service or Website.

Analytics information is collected during your use of the Website and Services to facilitate ongoing improvements.

For more information on cookies, please see our cookie notice.

Company does not warrant that its services will be totally immune to any breaches of security and/or unauthorized access, including access to the data stored in the Service, although the Company will contact You upon a breach of Your data security with accordance to any applicable law.


We do not intentionally gather or request information from individuals under the age of eighteen (18) nor do we knowingly permit minors to utilize the Service or any of Our Services. If we discover that we have obtained information from a minor without the consent of their parent or guardian, we will promptly delete such gathered information and restrict their access to the Service and/or any of Our Services.

Email Updates

The Company may offer to all its users to receive email messages and/or newsletters about marketing, updates, improvements, and other user notifications regarding the Company’s activity, including via emails and SMS (“Mailings”). Certain Mailings are designated as commercial messages, and for these, will have the ability to opt out of receiving the relevant Mailings by contacting the Company and/or by clicking on the ‘unsubscribe’ link available on those Mailings.


Changes to This Privacy Policy

If there are any material changes to this Privacy Policy, you will be notified by our posting of a prominent notice on the Website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of the Website or the Services constitutes your agreement to be bound by such changes to this Privacy Policy. Your only remedy, if you do not accept the terms of this Privacy Policy, is to discontinue use of the Website and the Services.

Contact Us

We always want to hear from our customers. If you have any questions or feedback, please contact us via email:, or write to us at: Resumaker S.L, Avenida Diagonal 534, Barcelona, 08006, Spain.


Specific Provisions Applicable to Certain Subscribers


European Union (EU) and European Economic Area (EEA)

Legal Basis for Processing

For individuals from the EEA, the legal basis for collecting and utilizing PII defined as “personal data” under the GDPR depends on the context and nature of the information (“Personal Data”). We typically collect Personal Data when: (a) we have your consent; (b) it is necessary to fulfill obligations under a contract or valid contract or similar arrangement for Service delivery; or (c) processing serves our or a third party’s legitimate interests (not overriding your data protection interests or fundamental rights).

In certain instances, we may have a legal obligation to collect Personal Data or require it to protect vital interests. If processing relies on your consent, you can withdraw it anytime without affecting the lawfulness of prior processing.

When we request Personal Data to comply with a legal requirement or execute a contract, we will clarify whether it is mandatory and the potential consequences of non-provision. Similarly, if we rely on legitimate interests not mentioned herein, we will inform you of these interests.

For inquiries about the legal basis for collecting and using your PII, contact us at

International Transfer of Personal Data

As we extend Services globally, Personal Data may be collected and transferred worldwide. If transferring Personal Data outside the EEA, we ensure protection and compliance with legal requirements. This may involve:

  • Sending data to a country approved by the European Commission as offering adequate protection
  • Establishing contracts with recipients based on "model contractual clauses" approved by the European Commission.
  • Other European Commission-approved mechanisms allowing PII transfer outside the EEA

For details on protection during international transfers, including standard data protection clauses, contact us at

Additional Rights under the General Data Protection Regulation (GDPR)

Residents of certain territories, including the EEA, may have additional rights under applicable laws, such as:

  • Right of erasure
  • Right to object to processing
  • Right to restrict processing
  • Right to data portability

To exercise these rights, contact us at the provided contact details. We may verify your identity before fulfilling requests.

You also have the right to lodge a complaint with a data protection authority. For EU data protection authorities, visit

US State Privacy Laws

Requests for Information

The California Consumer Privacy Act of 2018 (CCPA) came into effect on January 1, 2020, with subsequent amendments in November 2020. Similar privacy laws were enacted in various states like Virginia, Colorado, Connecticut, and Utah.


We emphasize transparency in collecting, using, disclosing, sharing, and selling PII and are committed to updating processes and disclosures to comply with evolving laws.

Categories of PII

We process various categories of PII, including name and contact data, credentials, demographic data, payment data, interactions, content, and feedback and ratings.

We process those categories of PII for the following reasons:

Name and contact data

  • Sources: Provided by Users
  • Purposes: Provide Services, respond to inquiries, enforce rights
  • Recipients: Service providers; otherwise, as directed by User


  • Sources: Obtained from Users or generated by our Website
  • Purposes: Provide Services; authentication and account access; troubleshooting
  • Recipients: Service providers; otherwise, as directed by User

Demographic data

  • Sources: Obtained from Users
  • Purposes: Provide Services; develop products; marketing; troubleshooting help, secure, and troubleshoot; and marketing
  • Recipients: Service providers; otherwise, as directed by User

Payment data

  • Sources: Obtained from Users; credit card processing
  • Purposes: Process transactions related to Services; troubleshoot; detect and prevent fraud
  • Recipients: Service providers; otherwise, as directed by User

Interactions and Feedback

  • Sources: Interactions with Users
  • Purposes: Provide and personalize Services; improve Services; marketing and help; troubleshooting
  • Recipients: Recipients: Service providers; otherwise, as directed by User

Categories of Sensitive Data

We may collect sensitive data, such as account log-in details, precise geo-location information, racial or ethnic origin, religious or philosophical beliefs, union membership, medical or mental health information, sex life, and sexual orientation, as well as contents of communications, which we use in order to enforce our legal or contractual rights

We typically collect this sensitive data as follows:

Account Information

  • Data Collected: Login information and credentials
  • Sources: Users or automatically generated
  • Processing Purposes: Providing Services and processing payments
  • Recipients: Service providers and payment processing providers.

Precise Geo-location Information

  • Data Collected: Precise geo-location information.
  • Sources: Users or Website interaction
  • Processing Purposes: Providing Services
  • Recipients: Users and service providers

Racial or Ethnic Origin, Religious or Philosophical Beliefs, Union Membership, Education, Sexual Orientation, and Medical Data

  • Data Collected: As stated above
  • Sources: Users
  • Processing Purposes: Providing Services
  • Recipients: Service providers and Users

Opt-Out of "Sale" or "Sharing"

We do not sell personal information and Users may opt-out of sharing PII for personalized advertising on third-party sites by contacting us at In addition, we do not sell Users’ PII.


Users have the right to know, correct, receive a copy of, and delete their PII.


Right to Limit Use of Sensitive Personal Information:

Users can limit the use or disclosure of sensitive data for specific activities, subject to privacy settings, consent, and applicable laws.

Recent Changes

Changes to the CCPA effective January 1, 2023, including the right to correct and opt-out of "sharing" for personalized advertising, are noted. We do not sell personal information and do not use or disclose sensitive data without consent or as permitted by law.

“Do Not Track” Signals under the California Online Protection Act (CalOPPA)

We do not support Do Not Track. Adjust browser preferences to enable or disable Do Not Track.

For questions and requests related to:

  • This Privacy Policy
  • Our privacy practices
  • Complaints
  • Removing PII
  • Unsubscribing from marketing communications