Back to Fursa
ف
Fursa فرصة

Privacy Policy

Last Updated: May 2026 · Effective: May 2026

01

Who We Are

Fursa CV (fursacv.com) is a product of GHS Consulting LLC, a Florida-registered limited liability company. References to "we", "us", or "our" mean GHS Consulting LLC. Contact: support@ghsconsulting.io
02

What We Collect

  • CV and Job Description text — submitted by you to use the Service. Processed in real-time and not retained on our servers after your session ends.
  • Email address — collected when you create an account or request results via email.
  • Payment information — handled entirely by Stripe. We never see, store, or process your card details.
  • Authentication data — a hashed session token stored by Supabase to keep you signed in.
  • Usage data — aggregate, anonymized analytics (page views, feature usage). No personal identifiers are stored in analytics.
  • Cookies — session cookies for authentication and a single consent preference cookie. See Section 08.
03

How We Use Your Data

  • To deliver your CV optimization results and other requested features.
  • To send transactional emails (welcome, password reset, billing notifications).
  • To maintain your account and subscription status.
  • To improve the Service using aggregate, anonymized data only.
  • We never sell your data. We never share your CV content with third parties.
04

Legal Basis for Processing (GDPR)

  • Contract performance — processing necessary to deliver the service you requested.
  • Legitimate interests — maintaining security, preventing fraud, improving the service.
  • Consent — marketing emails (you may withdraw consent at any time).
  • Legal obligation — retaining billing records as required by law.
05

Third-Party Services

  • Anthropic API — CV and job description content is sent to Anthropic's API to generate results. Subject to Anthropic's Privacy Policy. We do not send identifying information (name, email) alongside CV content.
  • Stripe — Subscription and payment processing. Subject to Stripe's Privacy Policy. Stripe may store your card details and billing address.
  • Supabase — Authentication and database hosting. Data stored in EU (Frankfurt) region. Subject to Supabase's Privacy Policy.
  • Resend — Transactional email delivery. Email content is processed to deliver your messages. Subject to Resend's Privacy Policy.
06

Data Retention

  • CV and job description content: not retained after your session ends.
  • Account data (email, subscription status): retained while your account is active.
  • Payment/billing records: retained for 7 years as required by law.
  • Deleted accounts: all personal data is purged within 30 days of account deletion.
07

Your Rights

Under GDPR, CCPA, and applicable privacy laws, you have the right to:
  • Access — request a copy of the data we hold about you.
  • Rectification — correct inaccurate personal data.
  • Erasure — request deletion of your account and personal data.
  • Portability — receive your data in a machine-readable format.
  • Objection — object to processing based on legitimate interests.
  • Withdraw consent — unsubscribe from marketing emails at any time.

To exercise any right, email support@ghsconsulting.io or use the Delete my account button in your dashboard. We will respond within 30 days. Verified requests will be processed free of charge.
08

Cookies

  • Session cookie — keeps you signed in. Expires when you sign out or after 30 days.
  • Cookie consent preference — remembers your consent choice. Stored in localStorage, not transmitted to our servers.
  • We do not use advertising, tracking, or third-party analytics cookies.
  • You may decline non-essential cookies via our cookie banner. Declining does not affect core functionality.
09

Data Security

We use industry-standard security measures: TLS 1.3 for all data in transit, AES-256 encryption at rest in Supabase, and strict access controls. No system is 100% secure. In the event of a data breach affecting your personal data, we will notify you within 72 hours as required by GDPR.
10

International Transfers

Our services operate from the United States and the EU. If you use the Service from outside these regions, your data may be transferred to and processed in the US. Such transfers are covered by Standard Contractual Clauses where required by GDPR.
11

Children's Privacy

The Service is not directed to children under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us and we will delete it promptly.
12

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by email (if you have an account) at least 14 days before changes take effect. The "Last Updated" date at the top reflects the most recent revision.
13

Contact & Complaints

GHS Consulting LLC · fursacv.com
Email: support@ghsconsulting.io

If you believe your privacy rights have been violated, you have the right to lodge a complaint with your local data protection authority (e.g. ICO in the UK, CNIL in France, or your EU member state's DPA).