Privacy Policy

(1) This Privacy Policy explains how DoviLearn Global Education Ltd, a company incorporated in England and Wales with company number 15697688 ("we", "us", "our", or "CVSense"), collects, uses, and protects your personal information when you use our website at cvsense.co.uk and related services.

(2) This policy applies to all users ("you" or "your") of the CVSense platform, browser extension, SmartMatch, and Apply Assist services.

(A) CVSense is an online platform that enables users to create personalised CVs using intelligent technology.

(B) CVSense provides multiple services including a browser extension for creating personalised job applications, SmartMatch for tailoring CVs to specific jobs with instant feedback, and Apply Assist for job application support.

(C) The provision of these services requires the Data Controller to collect, process, and store personal data of users.

(D) The Data Controller may transfer or have personal data handled by partners located in high-risk countries, with appropriate data processing agreements in place.

(E) This privacy policy governs the collection, processing, storage, and transfer of personal data in accordance with the UK General Data Protection Regulation and Data Protection Act 2018.

(F) We are committed to protecting your privacy rights and ensuring transparent data processing practices.

1.1. Apply Assist means the CVSense service that assists users in applying for jobs or provides tools for job applications.

1.2. Browser Extension means the CVSense browser extension software that helps users create personalised job applications online.

1.3. Data Controller means DoviLearn Global Education Ltd in its capacity as the entity determining the purposes and means of processing Personal Data.

1.4. Data Processing Agreement means any agreement entered into between the Data Controller and third parties governing the processing of Personal Data.

1.5. Data Subject means any identified or identifiable natural person whose Personal Data is processed under this agreement.

1.6. High-Risk Countries means countries that do not provide an adequate level of data protection as determined by UK data protection law.

1.7. Personal Data means any information relating to an identified or identifiable natural person as defined under UK GDPR.

1.8. Platform means the CVSense online platform and all associated websites, applications, and services.

1.9. Services means collectively the Platform, Browser Extension, SmartMatch, and Apply Assist services provided by the Data Controller.

1.10. SmartMatch means the CVSense service that tailors user CVs to specific job opportunities and provides instant feedback.

1.11. CVSense means the suite of CV creation and job application services operated by the Data Controller.

1.12. UK GDPR means the UK General Data Protection Regulation and the Data Protection Act 2018.

2.2. For the provision of core Services including CV creation, SmartMatch, and Apply Assist, the Data Controller relies on contract as the legal basis for processing Personal Data necessary to deliver these services.

2.3. For the Browser Extension functionality, website analytics, service improvement, and security measures, the Data Controller relies on legitimate interests as the legal basis, having conducted balancing tests to ensure Data Subject rights are not overridden.

2.4. For marketing communications, non-essential cookies, and optional features, the Data Controller obtains explicit consent from Data Subjects, which may be withdrawn at any time.

2.5. Where Personal Data reveals special categories of information as defined in Article 9 of the UK GDPR, the Data Controller will obtain explicit consent or rely on other lawful grounds specified in Article 9.

2.6. The Data Controller will clearly inform Data Subjects of the specific legal basis being relied upon for each processing activity at the point of data collection.

4.1. We process your Personal Data to provide the Services, including creating and maintaining your personalised CV through our Platform's intelligent technology.

4.2. We use your Personal Data to operate the Browser Extension, enabling you to create personalised job applications across various online platforms and career websites.

4.3. We process your Personal Data through SmartMatch to analyse and tailor your CV content to specific job opportunities and provide instant feedback on compatibility and improvements.

4.4. We use your Personal Data for Apply Assist services to support your job applications, including automated application submissions and application tracking on your behalf.

4.5. We process your Personal Data to train, improve, and enhance our intelligent technology algorithms and machine learning models used across all Services.

4.7. We process your Personal Data to comply with legal obligations, including data protection laws, employment regulations, and anti-money laundering requirements.

4.8. We use your Personal Data for security purposes, including detecting and preventing fraud, unauthorised access, and other harmful activities.

4.9. We process your Personal Data to analyse usage patterns and improve the functionality, performance, and user experience of our Services.

4.10. Where you have provided consent, we may use your Personal Data for marketing communications about our Services and related offerings.

4.11. We may process your Personal Data through our partners in High-Risk Countries in accordance with appropriate Data Processing Agreements to deliver certain aspects of the Services.

6.1. The Data Controller may transfer your Personal Data to countries outside the United Kingdom, including to High-Risk Countries, where such transfers are necessary for the provision of the Services.

6.5. You have the right to obtain information about the specific safeguards applied to international transfers of your Personal Data by contacting the Data Controller using the details provided in this privacy policy.

6.6. You may object to the transfer of your Personal Data to High-Risk Countries, though this may limit the Data Controller's ability to provide certain Services.

7.1. The Data Controller shall retain Personal Data only for as long as necessary to fulfil the purposes for which it was collected or as required by applicable law.

7.2. Account Data: Personal Data associated with user accounts shall be retained for the duration of the account's active status and for a period of three (3) years following account closure or deletion.

7.3. CV and Application Data: CV content, job preferences, and application materials created through the Platform shall be retained for five (5) years from the date of last user activity on the relevant data.

7.4. Usage and Analytics Data: Technical data, including usage patterns, SmartMatch results, and Browser Extension activity logs, shall be retained for two (2) years from the date of collection.

7.5. Communication Records: Customer support communications and correspondence shall be retained for three (3) years from the date of the last communication.

7.7. Upon expiry of the applicable retention period, Personal Data shall be securely deleted or anonymised unless retention is required under clause 7.6.

7.8. Data Subjects may request early deletion of their Personal Data in accordance with their rights under the UK GDPR, subject to the Data Controller's legal obligations and legitimate interests.

8.1. You may request deletion of your personal data at any time by contacting us using the details provided in this privacy policy.

8.3. We will process deletion requests within 30 days of receipt, subject to our legal obligations and legitimate interests.

8.4. Some data may be retained where required by law, for the establishment of legal claims, or for legitimate business purposes as outlined in our retention policy.

8.5. Upon successful deletion, we will confirm the action via email, though some data may remain in backup systems for up to 90 days before permanent removal.

8.6. Personal Data processed by partners in High-Risk Countries shall be subject to equivalent retention periods as specified in relevant Data Processing Agreements.

9.1. You have the right to request access to your Personal Data and receive information about how the Data Controller processes it, including the purposes, categories of data, recipients, and retention periods.

9.2. You have the right to request rectification of inaccurate Personal Data and completion of incomplete Personal Data without undue delay.

9.4. You have the right to request restriction of processing where you contest the accuracy of Personal Data, processing is unlawful but you oppose erasure, the Data Controller no longer needs the data but you require it for legal claims, or you have objected to processing pending verification of overriding legitimate grounds.

9.5. You have the right to receive your Personal Data in a structured, commonly used, and machine-readable format and to transmit such data to another controller where processing is based on consent or contract and carried out by automated means.

9.6. You have the right to object to processing of Personal Data based on legitimate interests, including profiling, unless the Data Controller demonstrates compelling legitimate grounds that override your interests, rights, and freedoms.

9.7. You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you, except where such processing is necessary for contract performance, authorised by law, or based on explicit consent.

9.8. Where processing is based on consent, you have the right to withdraw such consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

9.9. To exercise any of these rights, you may contact the Data Controller using the details provided in this agreement.

9.10. You have the right to lodge a complaint with the Information Commissioner's Office if you believe your Personal Data has been processed unlawfully.

10.1. The Data Controller uses cookies and similar tracking technologies on the Platform and through the Browser Extension to enhance user experience and provide the Services effectively.

10.2. Cookies are small text files stored on your device that help the Platform remember information about your visit and preferences.

10.5. Third-party cookies may be placed by service providers and partners who assist in delivering the Services, including those located in High-Risk Countries.

10.6. You can manage cookie preferences through your browser settings, though disabling certain cookies may limit Platform functionality.

10.7. Disabling essential cookies will prevent access to core features of CVSense including CV creation and SmartMatch services.

10.8. The Data Controller will obtain your consent for non-essential cookies in accordance with UK GDPR requirements.

11.1. The Data Controller implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing Personal Data.

11.4. All third-party service providers and partners are required to implement equivalent security measures through contractual obligations, including those in High-Risk Countries covered by Data Processing Agreements.

11.5. The Data Controller maintains incident response procedures to detect, investigate, and respond to potential data breaches in accordance with UK GDPR requirements.

11.6. Data Subjects will be notified of any data breach that is likely to result in a high risk to their rights and freedoms within 72 hours of the Data Controller becoming aware of the breach.

11.7. While the Data Controller implements robust security measures, no system can guarantee absolute security, and Data Subjects acknowledge that internet transmission of data carries inherent risks.