LegendCVHome →
🤖 AI Transparency

AI & Data Processing

How LegendCV uses AI — responsibly.

A clear breakdown of how your data flows through LegendCV's AI features, what gets stored, what doesn't, and the controls you have.

Last updated 20 June 2026Contact privacy team

This page describes how LegendCV processes personal and resume data when you use our AI-powered features. It complements the Privacy Policy and the Terms of Service.

AI providers do not use your content to train third-party models.
Content sent to AI models is processed under contractual data-processing terms, solely to generate the output you requested.

1. Overview

LegendCV uses AI to power features such as resume rewriting, ATS scoring, cover-letter generation, job match analysis, LinkedIn optimisation, interview prep, salary intelligence and career path recommendations. We route AI requests through the Lovable AI Gateway to enterprise-grade model providers.

2. How AI Works on LegendCV

1. You trigger a feature
For example, click "Rewrite with AI" on a resume bullet or "Generate cover letter" on a job.
2. We build a prompt
We assemble only the data needed — the selected content, your target role, and instructions for the model.
3. AI returns a result
The model responds. We save the output against your account so you can review, edit and reuse it.

3. What Data Is Sent to AI Providers

  • The specific resume bullets, sections or text you ask AI to work on.
  • The job description you provide for a Job Match or Cover Letter task.
  • Your stated preferences (tone, length, language) for the requested output.
  • Model-side system prompts maintained by LegendCV (these are not your data).

We do not send entire account exports, payment data, or unrelated personal data to AI providers.

4. What Is Stored

  • Generated outputs (resume rewrites, cover letters, interview answers, scores) saved to your account.
  • Usage metadata (which feature was triggered, timestamp, success/failure) for support and abuse prevention.
  • Aggregated, non-identifying metrics to improve product performance.

5. What Is NOT Stored or Used

No third-party model training
AI providers do not use your prompts or outputs to train third-party foundation models.
No advertising profiles
We do not build advertising profiles from your resume, AI inputs or AI outputs.
No human reviewers by default
AI requests are processed automatically. Engineers only access content for explicit support or abuse investigations with appropriate controls.
No payment data sent
Payment card data is handled directly by Stripe and is never included in AI prompts.

6. Subprocessors

  • Lovable AI Gateway — routing requests to model providers.
  • Supabase — primary database and file storage (EU region).
  • Stripe — billing and payments.
  • Cloudflare — CDN, DNS, WAF and bot protection.
  • Zoho Mail — transactional and support email.
  • Google — OAuth sign-in (only if you choose Google login).

7. International Data Transfers

Some subprocessors operate outside the UK/EEA. Transfers are protected by Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or equivalent safeguards.

8. Your Controls

Review every output
All AI outputs are saved against your account so you can review and edit before using.
Export your data
Export your resumes and account data as JSON, PDF or DOCX at any time.
Delete your data
Close your account — resumes and personal data are deleted within 30 days.

9. Changes

We may update this page as our AI architecture evolves. Material changes are notified by email or in-app notice. The "Last updated" date above always reflects the latest version.

10. Contact

Questions about AI or data processing? Email privacy@legendcv.com.

Why professionals trust LegendCV

Built with privacy, security and AI transparency in mind.

  • UK GDPR Aligned
    Processed under UK GDPR and the Data Protection Act 2018.
  • Secure Authentication
    Email/password with hashing, plus Google OAuth.
  • Encrypted Storage
    TLS in transit, encryption at rest at infrastructure providers.
  • Stripe Payments
    Card details handled by Stripe — never reach our servers.
  • AI Transparency
    AI providers do not train third-party models on your content.
  • User Data Control
    Access, export and delete your data from your account.
Privacy Policy
How we collect, use and protect your data.
Terms of Service
The rules for using LegendCV.
Cookie Policy
Cookies and similar technologies we use.
Acceptable Use
What's allowed — and what's not.