Terms and Conditions

Effective date: 4 September 2025
Last updated: 4 September 2025

These Terms & Conditions (“Terms”) govern access to and use of the Resumaro services, websites, APIs, and related software (collectively, the “Service”) provided by Nafite B.V., a company registered in the Netherlands, with registered office at Standaardruiter 9, 3905 PT Veenendaal, The Netherlands, Chamber of Commerce (KvK) number 76060217, VAT NL860493222B01 (“Resumaro”, “we”, “us”, “our”).

By creating an account, clicking “I agree”, or using the Service, you agree to these Terms on behalf of yourself or the entity you represent (“Customer”, “you”, “your”). If you are accepting on behalf of an organization, you represent that you have authority to bind that organization.

This is a B2B service. Consumer rights do not apply.

1. The Service

Resumaro is a SaaS platform that enables companies to create, import, edit, enhance (via AI), translate, share, and export CVs/résumés; manage templates and teams; and connect with supported ATS/HR systems. Features include a CV editor, Textkernel-based parsing, version history, candidate edit links, API/webhooks (where available), analytics, and email templates with dynamic placeholders.

We may release Beta/Preview features that can change or be discontinued at any time and are provided as is.

2. Accounts & Eligibility

  • Provide accurate company and user information and keep it current.
  • You are responsible for activities under your accounts and for safeguarding credentials/tokens.
  • You must have a lawful basis to process candidate data (including sending edit links).

3. Plans, Fees & Billing

3.1 Subscriptions

  • Free: Up to 3 CVs, 1 user, 100 AI credits/month, 3 default + 1 custom template slot, limited sharing, email support.
  • Freelancer: Unlimited CVs, 2,000 AI credits/month, 5 default + 2 custom slots, unlimited shares, priority email support.
  • Company: Up to 10 users, 5,000 AI credits/month, 5 default + 3 custom slots, advanced analytics, team features, priority email support.

(Exact inclusions/limits may change; see the pricing page.)

3.2 Prices & Taxes

  • Prices are in EUR and exclude VAT and other taxes.
  • Subscriptions renew automatically unless cancelled before the end of the current term.
  • If payment fails, we may suspend or terminate access.
  • We may change fees with 30 days’ notice for the next term.

3.3 Credits & Usage

  • AI features consume credits. Credits reset monthly and don’t roll over.
  • Attempts to bypass credit accounting or excessive/abusive usage may lead to suspension.

3.4 Refunds

  • Subscription fees are non-refundable for the current term.
  • One-time Custom Template setup fees (€99) are non-refundable once work starts.

4. Custom Templates

If you request a custom template:

  • You grant us a limited license to use your materials solely to build/maintain the template(s).
  • You retain ownership of your brand assets; we retain ownership of platform code, mapping, and generic components.
  • We may decline technically infeasible or non-compliant requests.

5. Acceptable Use

You and your Users must not:

  • Upload illegal, infringing, discriminatory, or malicious content.
  • Reverse engineer, interfere with, or overload the Service.
  • Process special categories of data unless legally permitted and necessary with a valid lawful basis.
  • Process minors’ data without required consents.
  • Share access tokens or candidate links without safeguards.
  • Misrepresent identity or affiliation.

We may reasonably audit usage to ensure compliance.

6. Customer Data & Ownership

  • Customer Data” means CVs, candidate information, templates, tags, emails, and any data you input.
  • You own Customer Data. You grant us a worldwide, non-exclusive license to host, process, transmit, display, and create technical derivatives solely to provide and improve the Service.
  • You are responsible for obtaining all required rights/consents to process Customer Data.

7. AI Features & Output

We use third-party AI services (e.g., OpenAI) to generate/improve text and translations.

  • No accuracy warranty: AI output may be inaccurate or biased; you must review it before use.
  • You are responsible for how you use AI output.
  • Don’t submit sensitive data unless lawful and necessary.
  • We may log prompts/metadata for safety, billing, and improvement.

8. Third-Party Services & Sub-processors

We rely on reputable providers such as Textkernel (parsing), OpenAI (content), Stripe (payments), Google Cloud/Firebase (hosting, auth, storage, analytics), and SendGrid/equivalent (email).
Third-party services are subject to their own terms and privacy policies. Our sub-processors list may change.

9. Security, Availability & Support

  • We implement reasonable technical and organizational measures (encryption in transit/at rest, role-based access, audit logs).
  • We strive for high availability but don’t guarantee uninterrupted service.
  • Support: hello@resumaro.com (business days). Priority support for paid plans.

Report security concerns to hello@resumaro.com (subject: “Security”).

10. Data Protection (GDPR)

When Customer is Controller and Resumaro is Processor, the parties agree to a Data Processing Addendum (DPA) incorporated by reference. The DPA covers processing instructions, confidentiality, sub-processors, international transfers, security, and data subject requests.

  • We’ll assist with data subject requests as reasonably required.
  • Upon termination, Customer may export data (see Section 13). We will delete or anonymize after retention periods unless law requires otherwise.

Privacy contact: hello@resumaro.com.

11. APIs & Integrations

Using our APIs/webhooks:

  • We may set rate limits/quotas.
  • Keep API keys confidential.
  • Use is limited to your internal business processes unless we give prior written consent.
  • We may modify or discontinue APIs with reasonable notice.

12. Changes to the Service

We may modify features, release updates, or discontinue components. If a material change significantly reduces core functionality of a paid plan, we’ll provide reasonable notice.

13. Term; Suspension; Termination

  • These Terms remain in effect while you use the Service or hold an active subscription.
  • You can cancel renewal anytime in the billing portal; access continues until term end.
  • We may suspend/terminate for material breach, non-payment, or misuse.
  • After termination: Access ceases. You may export Customer Data for 30 days; then we delete/anonymize per our retention schedule and DPA.

14. Confidentiality

Each party may access the other’s Confidential Information. The receiving party will protect it with reasonable care, not disclose it except to personnel/sub-processors under confidentiality obligations, and use it only to perform under these Terms. Exclusions apply for public, independently developed, or lawfully obtained information.

15. Warranties & Disclaimers

  • We warrant we’ll provide the Service in a professional and workmanlike manner.
  • Except as stated above, the Service is provided “as is”, without warranties (express or implied), including fitness for a particular purpose, accuracy, or non-infringement.
  • We do not warrant that AI output or parsing will be accurate or that exports meet any specific formatting requirements beyond provided templates.

16. Limitation of Liability

To the maximum extent permitted by law:

  • No indirect damages. Neither party is liable for lost profits, lost data, or indirect, incidental, special, consequential, or punitive damages.
  • Cap. Our aggregate liability is limited to the amounts paid by Customer in the 12 months before the event giving rise to liability.
  • Exclusions: (a) your payment obligations; (b) breach of Section 14; (c) your infringement of our IP; or (d) liability that cannot be limited by law.

17. Indemnification

You will defend, indemnify, and hold harmless Nafite B.V. from claims, damages, liabilities, costs, and expenses (including reasonable legal fees) arising from: (a) your Customer Data; (b) your unlawful use of the Service; or (c) your breach of third-party rights.

18. Intellectual Property

All IP in the Service, documentation, designs, software, and underlying technology is owned by Nafite B.V. or its licensors. No rights are granted except as expressly stated. We may use feedback without restriction.

19. Publicity

We may use your company name and logo in customer lists and marketing unless you opt out by emailing hello@resumaro.com.

20. Changes to Terms

We may update these Terms. Material changes will be notified via email or in-app and take effect at the start of the next subscription term or 30 days after notice (whichever is sooner). Continued use after the effective date constitutes acceptance.

21. Governing Law & Jurisdiction

These Terms are governed by the laws of the Netherlands. The courts of Amsterdam, the Netherlands have exclusive jurisdiction, and the parties consent to personal jurisdiction there.

22. Miscellaneous

  • Order of precedence: If there’s a conflict between these Terms and a signed order or DPA, the signed document prevails.
  • Assignment: You may not assign without our consent; we may assign to an affiliate or in connection with a corporate transaction.
  • Severability: If any provision is unenforceable, the remainder remains in effect.
  • No waiver: Failure to enforce a provision isn’t a waiver.
  • Notices: Legal and operational notices: hello@resumaro.com.

23. Contact

Nafite B.V. (Resumaro)
Standaardruiter 9, 3905 PT Veenendaal, The Netherlands
KvK: 76060217 — VAT: NL860493222B01
Email: hello@resumaro.com

Sign in
We use cookies for essential features and, with your consent, to personalise content/ads, provide social features, and analyse traffic. We share this data with partners. View more
Cookies settings
Accept
Privacy & Cookie policy
Privacy & Cookies policy
Cookies list
Cookie nameActive

Privacy Policy

Effective date: 4 September 2025
Last updated: 4 September 2025

This Privacy Policy explains how Nafite B.V. (“Resumaro”, “we”, “us”, “our”) collects, uses, discloses, and protects personal data when you use our websites, apps, APIs and services (collectively, the “Service”).

Controller: Nafite B.V., Standaardruiter 9, 3905 PT Veenendaal, The Netherlands.
KvK: 76060217 • VAT: NL860493222B01
Contact: hello@resumaro.com

Resumaro is a B2B service. For most candidate data that our customers manage in the Service, the customer is the Controller and Resumaro acts as Processor. For our own account, billing, security, product analytics and marketing data, Resumaro is the Controller.

1. What we process

1.1 Account & billing data (Controller)

  • Identity & contact: name, business email, role, company, address.

  • Account data: login identifiers, plan, preferences, support history.

  • Billing: payer details, invoices, payment confirmations (via Stripe; we don’t store full card numbers).

  • Product telemetry: feature usage events, timestamps, device/ browser info, IP, approximate location, crash logs.

1.2 Candidate & CV data (Processor)

  • CV content: personal details provided by you or the candidate (e.g., work history, education, skills, languages, summaries, profile photo), and files you upload.

  • Parsed data: structured fields extracted via Textkernel from PDFs/DOCX.

  • Edits & versions: change history, visibility flags, translations, AI improvements you apply.

  • Sharing: secure, time-limited candidate edit links (no login required by default).

  • Exports: generated PDF/DOCX files (including anonymized versions if you enable that option).

1.3 Integrations & API

  • Connectors: systems you choose to connect (e.g., ATS/CRM). We process and transmit data you instruct us to sync.

  • API/Webhooks: payloads you send to our endpoints and event notifications we deliver.

2. Sources

  • Directly from you and your authorized users (manual input, uploads, API calls).

  • From candidates who use secure edit links you share with them.

  • From files you upload for parsing (Textkernel).

  • From your configured integrations (ATS/CRM) and our product telemetry.

3. Purposes & legal bases

As Controller

  • Provide the Service & support (Art. 6(1)(b) GDPR – contract; Art. 6(1)(f) – legitimate interests).

  • Security & abuse prevention: authentication, logging, fraud prevention, incident response (Art. 6(1)(f)).

  • Billing & compliance: invoicing, tax and accounting records (Art. 6(1)(c) – legal obligation).

  • Product improvement & analytics: aggregated usage metrics, troubleshooting, UX research (Art. 6(1)(f)).

  • Marketing communications: with consent where required; you can opt out anytime (Art. 6(1)(a) or 6(1)(f)).

As Processor (on your documented instructions)

  • Recruitment enablement: create/import/edit CVs, AI enhancements, translations, exports, sharing, integrations to your ATS/CRM (Art. 28 GDPR).

You remain responsible for your lawful basis to process candidate data in Resumaro (e.g., consent, contract, legitimate interests).

4. AI features

We use reputable AI providers (e.g., OpenAI API) to enhance text, correct grammar, and translate content you select.

  • Content is transmitted securely to the provider and returned to your session.

  • We do not sell Customer Data. We contractually require that providers do not train public models on your Customer Data (unless you explicitly opt in with that provider).

  • AI output may be inaccurate or biased; your users must review before use.

  • We do not conduct solely automated decision-making producing legal or similarly significant effects.

5. Sharing & sub-processors

We share personal data only with:

  • Infrastructure & product: Google Cloud / Firebase (hosting, storage, auth, analytics).

  • Parsing: Textkernel B.V. (EU resume parser).

  • AI: OpenAI (text generation/correction/translation).

  • Payments: Stripe (subscription billing).

  • Email delivery: SendGrid or equivalent (transactional email).

  • Customer-configured destinations: the ATS/CRM and tools you connect (e.g., Workday, Greenhouse, Lever, SmartRecruiters, iCIMS, Bullhorn, Teamtailor, Recruitee, Salesforce, BambooHR, etc.).

  • Professional services: auditors, legal counsel (as necessary and under confidentiality).

We maintain a current list of sub-processors in our DPA or documentation and will notify you of material changes as required.

6. International transfers

Some providers are located outside the EEA/UK. Where we transfer personal data internationally, we rely on adequacy decisions (where available) or Standard Contractual Clauses (SCCs) and implement supplementary safeguards. Details are in our DPA and sub-processor list.

7. Retention

  • Account & billing records: typically 7 years (Dutch tax law).

  • Support & ticketing: up to 24 months after closure.

  • Security logs: typically 12 months (longer for investigations).

  • Backups: normally 30–90 days rolling.

  • Candidate/CV data: retained as long as your account remains active or until you delete it or instruct us to delete it.

  • Candidate edit links: time-limited by default; you control expiry and revocation.

We may retain data longer where required by law, to resolve disputes, or enforce agreements.

8. Security

We implement appropriate technical and organizational measures, including:

  • Encryption in transit and at rest;

  • Role-based access controls and least privilege;

  • Multi-factor authentication for privileged access;

  • Secure development practices, logging and monitoring;

  • Regular backups and disaster recovery procedures;

  • Audit trail and version history within the app;

  • Anonymized export option you can enable for CVs.

No system is 100% secure. If we identify a breach impacting your data, we will notify you without undue delay as required by law.

9. Your rights (EU/EEA & UK)

Subject to conditions and your role (Controller vs Processor), you may have the right to:

  • Access your personal data;

  • Rectify inaccurate data;

  • Erase data (“right to be forgotten”);

  • Restrict or object to processing;

  • Portability (machine-readable copy);

  • Withdraw consent where processing is based on consent.

When we act as Processor, please send requests to your organization (the Controller). We will assist the Controller as required by the DPA.

Contact for rights requests: hello@resumaro.com
We aim to respond within 30 days. You can also lodge a complaint with your local authority; in the Netherlands: Autoriteit Persoonsgegevens (www.autoriteitpersoonsgegevens.nl).

10. Cookies & similar technologies

We use essential cookies to run the Service and (with consent, where required) analytics/marketing cookies to improve performance and measure usage. For details, see our Cookie Notice. You can change preferences in our consent banner at any time. Not consenting may affect certain features.

11. Children

Our Service is not directed to children under 16. We do not knowingly process children’s data. If you believe a child has provided personal data, contact us to delete it.

12. Data Processing Addendum (DPA)

For Customer Data where we act as Processor, our DPA (incorporated by reference into our Terms) governs processing instructions, confidentiality, sub-processors, international transfers (SCCs), security, assistance with data subject rights, and deletion/return of data at end of service.

13. Changes to this Policy

We may update this Policy from time to time. Material changes will be notified in-app or by email. The updated Policy takes effect on publication unless otherwise stated.

14. Contact

Nafite B.V. (Resumaro)
Standaardruiter 9, 3905 PT Veenendaal, The Netherlands
Email: hello@resumaro.com

Save settings
Cookies settings