GDPR Compliance

Last updated: March 11, 2026

1. Data Controller

Resume Mapper acts as a data processor on behalf of our customers, who are the data controllers for candidate data processed through our service.

2. Legal Basis for Processing

We process personal data on the basis of contractual necessity (to deliver the service), legitimate interest (to improve and secure the platform), and compliance with legal obligations.

3. Data Subject Rights

Individuals whose data is processed through our service may exercise their rights (access, rectification, erasure, portability, restriction, objection) by contacting the data controller (our customer) or us directly at privacy@resumemapper.io.

4. Data Transfers

Where data is transferred outside the European Economic Area, we rely on Standard Contractual Clauses or equivalent safeguards as approved by the European Commission.

5. Data Retention

CV files are deleted immediately after parsing. Account data is retained for the duration of the subscription plus a 90-day grace period. Anonymised usage statistics may be retained indefinitely.

6. Contact the DPO

For GDPR-related inquiries, please contact our Data Protection Officer at privacy@resumemapper.io.