Privacy Policy

Last Updated: May 23, 2026

At CVDrop.app, your privacy is critically important to us. This Privacy Policy outlines what information we collect, how we use it, and the strict limits we place on data sharing.

1. Information We Collect

  • Uploaded Files: When you use our service, we temporarily or permanently store the PDF document you upload on our secure cloud infrastructure.
  • Analytics Data: When someone clicks your generated link, we collect the following data strictly to provide you with view analytics: the timestamp of the view, the viewer's approximate country (derived from Cloudflare network headers), time spent on each page of the document, and an anonymised SHA-256 hash of the viewer's IP address (used solely to count unique views - the raw IP address is never stored).
  • Account Data: If you register via Google Authentication, we receive your email address, name, and profile picture.
  • Payment Data: If you upgrade to a Pro plan, payments are processed securely by Dodo Payments. We do not process or store your credit card information on our servers.

2. Viewer Data & Third-Party Privacy

Viewers of your CVDrop link - such as recruiters or hiring managers - are third parties who have not created a CVDrop account. When they open your link, we automatically collect the data described in Section 1 to provide you with view analytics.

Specifically, we collect and store:

  • A one-way SHA-256 hash of the viewer's IP address (cannot be reversed to the original IP)
  • The viewer's country, derived from network headers
  • Timestamps of each page view
  • Time spent on each page of the document

We do not collect or store: raw IP addresses, device type, browser version, operating system, screen resolution, or any form of device fingerprint.

Viewer analytics data is retained for a maximum of 90 days, after which it is permanently deleted. This data is never sold, never used for advertising, and is associated only with the specific document link. Viewers may contact us at the email in Section 8 to request deletion of data associated with their session.

3. How We Use Your Information

We use the information we collect solely to:

  • Host your document and serve it to the individuals you share your link with.
  • Provide you with accurate tracking analytics regarding who opened your link.
  • Authenticate you into your dashboard.
  • Prevent abuse, spam, and illegal activities on our platform.

4. Data Sharing and Disclosure

We do not sell your personal information or your uploaded documents to anyone.We only share data with trusted third-party service providers (such as Cloudflare for secure cloud hosting, and Dodo Payments for payments) strictly necessary to operate the service. We may also disclose data if required by law or to protect our legal rights.

5. Public Link Visibility

The core feature of CVDrop.app is generating a unique URL for your file. While these URLs are cryptographically random and unguessable, the URLs are fundamentally public. Anyone who obtains the URL will be able to view and download your resume. You are responsible for ensuring the link is only shared with trusted parties.

6. Data Retention and Auto-Deletion

If you do not create an account, your uploaded document and its associated data are automatically and permanently deleted from our servers after 36 hours. If you create an account and "claim" the file, it will remain stored until you explicitly delete it from your dashboard or delete your account.

7. Security Limitations

While we use industry-standard security measures (such as TLS/SSL encryption and secure cloud buckets) to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security and are not liable for unauthorized access or data breaches.

8. Contact Us

If you have any questions regarding this Privacy Policy or wish to request the deletion of your account and associated data, please contact us at privacy@cvdrop.app.