Privacy Policy

Effective Date: May 29, 2025

1. Introduction

Welcome to Tlntly. We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information. By using our service, you agree to the terms of this policy.

For any privacy-related questions, please contact: r.broek@futurevisuals.nl

2. What We Collect

  • Account Information: Collected via OAuth (Google/LinkedIn), including name and email.

  • Uploaded Content: CVs, vacancies, and candidate data uploaded by users.

  • Billing Information: Collected through Stripe (e.g., company name, VAT ID, address).

  • Analytics: Non-identifiable usage data via Plausible Analytics (no cookies).

  • Email Interactions: Sent via Resend for transactional and promotional emails. Promotional emails are sent only with explicit opt-in consent.

3. Purpose of Processing

We process your data to:

  • Deliver core functionality (e.g., CV parsing and editing)

  • Improve the service

  • Handle payments and billing

  • Send transactional and opt-in promotional emails

  • Understand platform usage (non-identifiably)

4. AI Processing

Tlntly uses Google Gemini API to parse and structure uploaded CVs. Parsing means converting a CV into editable structured fields (like job title, skills, dates, etc.) to enable faster redaction and presentation.

As a paid Gemini API customer, your data is not used to train Google's models. By uploading CVs, you accept that content will be processed by this service.

Note: AI processing is core to Tlntly. If you do not agree with automated processing, do not use the platform.

5. User Responsibility

You are responsible for obtaining consent from any data subjects (e.g., job candidates) before uploading CVs or other personal data. Tlntly is not liable for the content, legality, or accuracy of uploaded data.

6. Data Storage & Security

  • Storage Locations: AWS S3 (eu-west-1), Neon (Frankfurt), Vercel (EU).

  • Security Measures: Data is transmitted over HTTPS and stored using secure, encrypted services.

7. Data Retention & Deletion

  • Uploaded content is retained until manually deleted by the user.

  • Account deletion must be requested via email.

  • Deletion is permanent from our systems and cannot be reversed. However, you may request confirmation of deletion or logs associated with your request.

8. Third-Party Services and Subprocessors

We use the following subprocessors to help deliver our services:

  • Google (Gemini API) – CV parsing

  • Stripe – Payment processing

  • Plausible Analytics – Privacy-focused analytics

  • Resend – Transactional and promotional emails (may include anonymized open and click tracking)

All subprocessors are contractually bound to GDPR-compliant data protection obligations. We do not sell or share personal data for marketing purposes.

9. Legal Basis for Processing

We process your data based on the following legal grounds:

  • Account creation and billing: Contractual necessity

  • CV parsing and editing: Legitimate interest

  • Marketing emails: Consent (you may unsubscribe anytime)

  • Analytics (Plausible): Legitimate interest, with no personal data used

10. International Data Transfers

Some data may be processed outside the EEA. We ensure that our providers (Google, Stripe, Resend) apply appropriate safeguards for such transfers, including the use of Standard Contractual Clauses (SCCs) approved by the European Commission, and where applicable, supplementary technical and organizational measures to protect your data.

11. Data Processing Agreement

The use of Tlntly is governed by a data processing addendum under GDPR Article 28.

12. Your Rights (GDPR)

As a data subject, you have the right to:

  • Access your personal data

  • Request rectification of inaccurate data

  • Request erasure of your data

  • Object to processing (by ceasing use)

  • Request data portability (when applicable)

  • File a complaint with a supervisory authority

Note: We do not support full data export functionality but will comply with valid requests. Data deletion is permanent and irreversible once processed.

13. Data Breach Notification

In the event of a personal data breach, we will notify affected users without undue delay as required under applicable law.

14. Age Restrictions

Tlntly is not intended for users under the age of 16. If we become aware that a minor has registered, we will delete their data promptly.

15. Policy Updates

We may revise this Privacy Policy at any time. Substantial changes will be communicated by email or in-app.

Contact

For all privacy inquiries: