How does ZhaiCV AI tailor my resume?

Our AI analyzes the job description to identify key requirements, skills, and terminology. It then rewrites your resume to naturally incorporate these keywords while keeping all your actual experience and achievements intact.

Will ZhaiCV make up fake experience on my resume?

Never. The AI only works with information already in your resume. It rephrases, reorders, and optimizes — but never fabricates. Your tailored resume is 100% truthful.

What is ATS and why does it matter for my resume?

ATS (Applicant Tracking System) is software that companies use to filter resumes before a human ever sees them. Up to 75% of resumes get automatically rejected because they don't contain the right keywords.

Is ZhaiCV free to use?

Yes! ZhaiCV offers a free tier with 3 resume tailors per month, plus unlimited access to our free ATS Scanner and Resume Quality Score tools.

How is ZhaiCV different from ChatGPT for resume writing?

ZhaiCV is purpose-built for resume tailoring with specialized ATS knowledge and keyword extraction. One click, no prompt engineering — optimized output tailored to each specific job posting.

Privacy Policy

Last updated: March 2, 2026

1. Introduction

ZhaiCV (“we”, “our”, or “us”) operates the website zhaicv.space and provides AI-powered resume optimization services. This Privacy Policy describes how we collect, use, and protect your personal information in compliance with the Law of the Republic of Kazakhstan on Personal Data and Their Protection (No. 94-V) and the EU General Data Protection Regulation (GDPR) where applicable.

2. Information We Collect

We collect the following types of information:

Account Information: Email address, name, and profile picture when you sign up (directly or via Google OAuth).
Resume Data: Resume text, job descriptions, and tailored outputs that you create using our service.
Usage Data: Information about how you use our service, including features used, timestamps, and ATS scores generated.
Technical Data: Browser type, device information, IP address, and cookies for analytics and service improvement.
Consent Records: Timestamps of when you accepted the Terms of Service, Privacy Policy, and Public Offer Agreement.

3. How We Use Your Information

To provide and improve our resume optimization service
To save your resumes and tailoring history for your convenience
To send you important service updates (not marketing emails)
To analyze usage patterns and improve our AI models
To prevent abuse and ensure platform security

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Contractual Necessity: Account data, resume data, and usage data — required to provide the service you signed up for.
Consent: Analytics cookies (Google Analytics) — only loaded after you explicitly accept cookies via our consent banner.
Legitimate Interest: Security logging, fraud prevention, and service improvement — necessary to protect our platform and users.
Legal Obligation: Retaining transaction records and consent timestamps as required by law.

For users in the European Economic Area (EEA), these correspond to GDPR Article 6(1) bases (b), (a), (f), and (c) respectively.

5. AI Processing

Your resume and job description data is processed by third-party AI providers via OpenRouter (including models from Google, Anthropic, and others) to generate tailored resumes. This data is sent securely via API and is not used to train AI models. We do not store AI provider API logs beyond what is necessary to deliver the service.

6. Data Storage and Security

Your data is stored securely on Supabase (hosted on AWS) with encryption at rest and in transit. We implement industry-standard security measures including:

Row-Level Security (RLS) ensuring users can only access their own data
HTTPS encryption for all data in transit
Secure authentication via Supabase Auth with PKCE flow
No plain-text password storage

7. Data Sharing and Sub-processors

We do not sell your personal data. We share data only with:

OpenRouter (AI processing) — resume and job description text (personal identifiers are not sent)
Google Analytics — anonymous usage statistics (only with your consent via the cookie banner)
Vercel — hosting and deployment infrastructure
Supabase — database and authentication infrastructure (hosted on AWS)

All sub-processors are bound by their respective data processing agreements and privacy policies.

8. Your Rights

You have the right to:

Access — request a copy of your personal data stored in our system
Rectification — request correction of inaccurate personal data
Deletion — delete your account and all associated data (available in your Profile settings)
Data Portability — export your resume data in a machine-readable format (JSON)
Restriction of Processing — request that we limit how we process your data
Objection — object to processing based on legitimate interest
Withdraw Consent — withdraw cookie consent at any time by clearing your browser cookies or declining via the cookie banner

To exercise any of these rights, contact us at torebekbekbolatovic@gmail.com. We will respond within 30 days.

If you are in the EEA, you also have the right to lodge a complaint with your local data protection supervisory authority.

9. Cookies

We use the following types of cookies:

Essential cookies (always active): Supabase authentication session cookies required for the service to function. These cannot be disabled.
Analytics cookies (consent required): Google Analytics (_ga, _ga_*) — used to understand how our service is used. These are only loaded after you click “Accept” on the cookie consent banner. Duration: up to 2 years.
Preference cookies: zhaicv-cookie-consent — stores your cookie consent choice in localStorage. Duration: persistent until cleared.

You can manage cookies in your browser settings or revoke consent by clearing site data.

10. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data and resumes are permanently removed within 30 days. Anonymous, aggregated analytics data may be retained indefinitely.

11. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

Notify the authorized body of the Republic of Kazakhstan (Ministry of Digital Development) within 1 business day of discovering the breach, as required by Law No. 94-V
Notify the relevant EU supervisory authority within 72 hours if the breach affects EEA residents (per GDPR Article 33)
Notify affected users without undue delay if the breach is likely to result in high risk to their rights and freedoms

To report a suspected data breach, contact us immediately at torebekbekbolatovic@gmail.com.

12. Age Restriction

Our service is intended for users aged 18 and older. ZhaiCV is a professional career tool, and we do not knowingly collect data from individuals under 18 years of age. If we learn that we have collected personal data from a person under 18, we will delete that data promptly.

13. International Data Transfers

Your data may be transferred to and processed in countries outside of Kazakhstan and the EEA, including the United States (where our infrastructure providers are located). We ensure appropriate safeguards are in place through our sub-processors' data processing agreements and standard contractual clauses where applicable.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email at least 14 days before they take effect. Continued use of the service after changes constitutes acceptance of the updated policy.

15. Data Controller

ZhaiCV is operated by Aisulu Anaralieva (Individual Entrepreneur).

IIN: 030907000077
Address: Imanbayeva 29/2, Republic of Kazakhstan
Email: torebekbekbolatovic@gmail.com
Phone: +7 776 547 1051

16. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at: torebekbekbolatovic@gmail.com

← Back to home