Privacy Policy - DeadSimpleTools

Last updated: January 26, 2026

                Your privacy is dead simple here. We collect almost nothing,
                delete everything fast, and use your data only to make the tools work.
            

1. Data We Handle 2. Why We Can Process Your Data 3. Data Deletion 4. Third Parties 5. Security 6. International Transfers 7. Your Rights (GDPR) 8. Children 9. Policy Updates

1. Data We Handle

Our tools collect only what is necessary to work:

Resume Tailor: We process your uploaded PDF resume and job description in memory only. Nothing is stored to disk. Once you download your result, the data is gone.
Usage Data: We collect hashed IP addresses to prevent abuse and manage rate limits (free tier: 2 credits/day).
Payments: Lemon Squeezy handles all payment data—we never see or store your card details.
Analytics: Google Analytics helps us understand usage and improve the tools (only with your consent via cookie banner).
Cookie: One essential cookie (user_token) identifies your session for credit tracking. No login required.

What data goes where:

AI Providers: Your resume text and job description are sent to Google AI (free tier) or OpenRouter (paid tier) for processing. No IP addresses, no payment data.
Lemon Squeezy: Receives payment information only. No resume data.
Google Analytics: Receives anonymous usage data only (page views, button clicks) with your consent.

2. Why We Can Process Your Data (GDPR)

Under GDPR, we process your data based on:

Legitimate Interest: Providing the resume tailoring service you requested when you upload a file.
Consent: For analytics cookies and any marketing (you can opt out anytime).
Legal Obligation: Keeping transaction records for 7 years to comply with EU tax laws.

3. Data Deletion

We believe in minimal retention:

Resume Data: Processed in RAM only—never stored to disk. Data is gone the moment you leave the page.
Session Tokens: Anonymous user IDs for credit tracking are deleted after 7 days of inactivity.
IP Rate Limits: Hashed IP records reset daily.
Transaction Records: Payment receipts via Lemon Squeezy are kept for 7 years for tax compliance (required by law).

4. Third Parties

We use trusted partners to provide our services:

Google AI / OpenRouter: For AI-powered resume tailoring. Free tier uses Google AI; paid tier uses OpenRouter (processes resume text only).
Lemon Squeezy: For secure payment processing (PCI-DSS compliant).
Google Analytics: For anonymous usage insights (only with your consent).

Since some partners (Google, OpenRouter, Stripe) are based in the US, your data may be transferred internationally. We ensure this is done safely using Standard Contractual Clauses approved by the EU Commission.

5. How We Protect Your Data

We take security seriously:

Encryption: All data transfers use HTTPS (TLS encryption).
Secure Storage: Files are stored temporarily on secure servers with access controls.
Automatic Deletion: Files are purged automatically—no manual process required.
Rate Limiting: IP-based limits prevent abuse and unauthorized scraping.

However, no system is 100% secure. While we use industry-standard protections, use our service at your own discretion.

6. International Transfers

Our AI and payment partners operate globally, including in the United States. To protect your data when it crosses borders, we rely on:

Standard Contractual Clauses (SCCs) approved by the EU
Partners' compliance with GDPR-equivalent standards (e.g., Privacy Shield successors)
Encryption in transit and at rest

7. Your Rights (GDPR)

Under GDPR, you have the right to:

Access: Request a copy of any data we hold about you (though we store very little).
Rectification: Correct inaccurate data.
Erasure: Request deletion of your data (we auto-delete most data within 48 hours anyway).
Object: Object to processing based on legitimate interest.
Data Portability: Receive your data in a portable format.
Lodge a Complaint: File a complaint with your national data protection authority (e.g., Garante Privacy in Italy).

How to exercise these rights:

Email us at support@deadsimpletools.com

We'll respond within 30 days as required by GDPR.

8. Age Requirement

Our service is not intended for users under 16 years old. We do not knowingly collect data from children. If you're under 16, please don't use our tools.

9. Policy Updates

We may update this policy from time to time. When we make significant changes, we'll post a notice on our homepage. Continued use of DeadSimpleTools after changes means you accept the updated policy.

Questions? Reach out anytime: support@deadsimpletools.com