Privacy Policy

Last updated: April 6, 2026

This privacy policy describes how Fileify collects, uses and protects the personal information you provide when using the platform available at https://fileify.app.

1. Data Controller

The data controller is Fileify, a sole proprietorship (auto-entrepreneur) registered under French law.

Contact: contact@fileify.app

2. Data Collected

We collect the following categories of data:

  • Registration data: name, email address, password (hashed), referral source.
  • OAuth authentication data: identifier and email provided by Google or LinkedIn when you choose to sign in via those services.
  • Uploaded documents: CVs, diplomas, photos and other files you submit for document generation.
  • Generated data: HTML/PDF documents created by the AI from your information.
  • Payment data: processed exclusively by Stripe. We do not store any credit card numbers.
  • Technical data: IP address, browser type, pages visited, timestamps.

3. Purposes of Processing

Your data is used to:

  • Create and manage your user account.
  • Generate professional documents via our AI pipeline.
  • Process payments and manage your credits.
  • Improve service quality and fix bugs.
  • Send transactional emails (registration confirmation, password reset) and, with your consent, marketing communications.

4. Cookies

Fileify uses strictly necessary cookies for the service to function (authentication session). No third-party advertising or tracking cookies are used.

5. Sub-processors and Third Parties

We share your data with the following providers, strictly within the scope of the purposes described above:

  • Stripe — payment processing (Stripe, Inc., United States, certified Privacy Shield / SCC).
  • Resend — transactional email delivery.
  • Langfuse — AI interaction observability and monitoring (self-hosted on our infrastructure).
  • Cloudflare — CDN, anti-DDoS protection and DNS.
  • Google / LinkedIn — OAuth authentication (if you choose this sign-in method).
  • AI model providers (OpenAI, Anthropic, Google) — content generation. Data transmitted is used solely to produce the response and is not retained by these providers beyond processing.

6. Data Retention

  • Active account: your data is retained as long as your account is active.
  • After account deletion: your personal data is deleted within 30 days, unless a legal retention obligation applies.
  • Generated documents: retained as long as your account exists. You can delete them individually at any time.

7. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access: obtain a copy of your personal data.
  • Right to rectification: correct inaccurate or incomplete data.
  • Right to erasure: request deletion of your data.
  • Right to data portability: receive your data in a structured, machine-readable format.
  • Right to object: object to the processing of your data for direct marketing purposes.
  • Right to restriction: restrict the processing of your data in certain cases.

To exercise your rights, contact us at contact@fileify.app. We will respond within 30 days.

You may also file a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertes): www.cnil.fr.

8. Security

We implement appropriate technical and organizational measures to protect your data: encryption in transit (TLS), password hashing (bcrypt), restricted access to production data, encrypted backups.

9. Changes

We reserve the right to modify this policy. In case of a substantial change, we will inform you by email or via a notification on the platform.

10. Contact

For any questions regarding the protection of your data: contact@fileify.app