Skip to content
Laxu Resume
Tailor my resume

Privacy Policy

What we keep, what we don’t, and why.

Last updated: May 6, 2026

The short version

We store your resume content and tailoring history so the product works. We don’t sell anything to advertisers. We don’t train models on your resume. We use a small set of standard services (Supabase for storage, Stripe for payments, PostHog for anonymous product analytics, Sentry for crash reports with PII scrubbed). You can delete your account and data at any time.

What we collect

  • Account info — your email and (if you sign in with Google) your Google account ID, name, and avatar URL.
  • Resume content — the resumes you upload, the parsed JSON we extract from them, and the tailoring outputs we generate. Stored encrypted at rest by Supabase.
  • Job descriptions you paste, and the structured fields we extract from them.
  • Tracker data — the jobs you save, statuses, follow-up dates, contacts you add.
  • Payment records — when you pay, Stripe holds the card data; we hold a customer ID, the plan you bought, and the receipt.
  • Anonymous product analytics — page views, button clicks, conversion events. Sent to PostHog with no resume content.
  • Crash reports — if the app errors, Sentry receives a stack trace with the resume text scrubbed before send.

What we don’t do

  • We don’t sell your data to advertisers or data brokers.
  • We don’t use your resume content to train AI models. The providers we use (Anthropic, OpenAI) operate under their standard API terms, which prohibit training on customer data by default.
  • We don’t share your resume with employers or recruiters unless you explicitly export it and send it to them yourself.
  • We don’t log resume content into Sentry or any other third-party error tool.

Where your data lives

  • Supabase (Postgres + Auth) — primary storage, US region.
  • Vercel — hosts the app and runs server functions; tailoring happens in serverless functions on Vercel’s US edge.
  • Stripe — payment processing.
  • Anthropic and OpenAI — AI providers; resume + JD text is sent to them at tailoring time and not retained beyond the request under their API terms.
  • Resend — transactional email (follow-up reminders, account email).
  • PostHog — product analytics; configured with PII scrubbing.
  • Sentry — error monitoring; configured with PII scrubbing on resume content.

Cookies and tracking

We use a session cookie to keep you logged in (set by Supabase Auth) and a small set of anonymous PostHog cookies for product analytics. We don’t use third-party advertising trackers.

Your rights

You can request a copy of your data, correct anything that’s wrong, or delete your account at any time. From the app, go to Settings → Account → Delete account. Email hello@laxuresume.com if you’d rather we handle it manually. EU/UK users have GDPR rights; California users have CCPA rights — both are honored on request.

Children

Laxu Resume is intended for users 16 and older. We don’t knowingly collect data from anyone under 16. If we learn that we have, we’ll delete it.

Changes to this policy

If we change anything material, we’ll update the “Last updated” date at the top and email logged-in users when the change matters. Minor wording fixes won’t trigger a notice.

Contact

Questions? Email hello@laxuresume.com.

    Privacy Policy — Laxu Resume — Laxu Resume