Privacy Policy | Syntheve

Last updated: February 2026

ROQ CX - FZCO("we") respects your privacy. This policy describes how we collect, use, and protect your information when you use Syntheve.

1. Who we are (controller) and how to contact us

The data controller for Syntheve is ROQ CX - FZCO. If you have questions or requests about your personal data, you can contact us or email us at support@syntheve.com.

2. Information we collect

Account and identifiers: email address and authentication/session identifiers.
Profile and resume content: information you enter into the builder such as your name, headline, work experience, education, skills, and any optional contact details you choose to include.
Job descriptions: text you provide for matching/scoring features. When you use the free ATS scorer at /ats-score without an account, we store the job description text and the resulting score to improve product quality and understand market demand. We do not store the contents of any resume you upload — those are processed in memory only.
Support messages: details you send us via the contact form.
Usage and device data: limited technical data (for example IP-derived signals and diagnostics) for security and abuse prevention.

3. How we use your information and our legal bases

Provide the service (contract): create and manage your workspace, build and export your documents.
AI-assisted features (contract; and legitimate interests for improving reliability): run extraction, scoring, and drafting features you request.
Payments and billing (contract; legal obligation): process subscriptions and maintain billing records.
Security and abuse prevention (legitimate interests): rate limiting, fraud detection, and protecting the service.
Analytics (consent): measure traffic and improve the site, only when you opt in to analytics cookies.

4. Cookies and analytics

We use essential cookies that are required for the service to work (for example authentication and security features). We also use optional analytics cookies. Analytics cookies are only enabled if you consent. You can read more and manage your preferences on our Cookies page.

5. Third-party service providers (processors)

We use vendors to operate the service. Depending on how you use Syntheve, these providers may process personal data on our behalf:

Supabase (authentication, database, storage).
OpenAI (AI processing for features you invoke).
Stripe (payments and subscriptions).
Resend (transactional email delivery).
AWS (hosting and PDF rendering infrastructure).

6. International transfers

Some of our service providers may process data outside the UK/EEA. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses and the UK addendum) to enable those transfers.

7. Data retention

We retain personal data only as long as needed to provide the service and for legitimate business and legal purposes. You can delete your account in settings, which deletes your data from our systems subject to legal retention requirements (for example certain billing records held by our payment processor).

8. Your rights (GDPR/UK GDPR)

If you are in the UK/EEA, you may have rights to access, rectify, erase, restrict, object to processing, and data portability. You can manage many of these directly in your account settings. For requests that require assistance, contact us and we will respond in line with applicable law.

9. Security

We implement reasonable technical and organizational measures to protect personal data. No method of transmission or storage is 100% secure, but we work to reduce risk through access controls, encryption in transit, and abuse prevention mechanisms.

10. Changes to this policy

We may update this policy from time to time. The “Last updated” date reflects the latest revision.