← Back to ResuMatch

Privacy Policy

Last updated: March 7, 2026

1. Overview

ResuMatch ("we", "our", "us") is an AI-powered resume optimizer operated by Surya Kanagaraj. This policy explains what data we collect, how we use it, and your rights regarding it. By using ResuMatch you agree to this policy.

2. Data We Collect

  • Account data: Email address and hashed password when you sign up.
  • Resume content: The resume text and job description you submit for analysis. Sensitive fields (phone numbers, personal email addresses) are masked before being sent to any AI model.
  • Usage data: Number of analyses, chat messages, and exports — used to enforce plan limits and display your dashboard.
  • Analytics: Page views and interaction events via Google Analytics (anonymous, aggregated).
  • IP address: Used for guest trial rate limiting. Not stored beyond the 24-hour TTL window.

3. How We Use Your Data

  • Provide and improve the resume optimization service.
  • Send transactional emails (email verification, password reset) via Amazon SES.
  • Enforce plan usage limits.
  • Prevent abuse and ensure platform integrity.
  • Understand aggregate usage patterns (via Google Analytics) to improve the product.

We do not sell your data, use it for advertising, or share it with third parties beyond what is listed in Section 4.

4. Third-Party Services

  • Amazon Web Services (AWS): Infrastructure hosting (Lambda, DynamoDB, S3, CloudFront, SES). Data is stored in the us-east-1 region.
  • Anthropic (Claude AI): Your resume text (with sensitive fields masked) and job description are sent to Anthropic's API for AI analysis. Anthropic's data retention policies apply to API usage — see anthropic.com/privacy.
  • Google Analytics: Anonymous page-level analytics. You can opt out via the Google Analytics opt-out browser add-on.

5. Data Retention

  • Account data is retained until you delete your account.
  • Resume history entries are stored to power your history page. You can clear them from your account settings.
  • Guest trial records (IP-based) expire automatically after 24 hours.
  • Email verification tokens expire after 24 hours.

6. Security

Passwords are hashed using bcrypt and never stored in plain text. All data is transmitted over HTTPS. Access to production infrastructure is restricted to authorized personnel only. Despite these measures, no system is 100% secure — use a unique password for your account.

7. Your Rights

You may request at any time:

  • A copy of the personal data we hold about you.
  • Deletion of your account and associated data.
  • Correction of inaccurate account information.

To exercise these rights, email us at support@suryakanagaraj.com. We will respond within 30 days.

8. Children

ResuMatch is not directed at children under 13. We do not knowingly collect data from children.

9. Changes to This Policy

We may update this policy occasionally. The "Last updated" date at the top will reflect any changes. Continued use of ResuMatch after changes constitutes acceptance of the updated policy.

10. Contact

Questions or concerns? Email us at support@suryakanagaraj.com.

Terms of ServiceHome