Security & Retention

Short-lived CV artifacts with workspace-scoped access.

CVLens combines hashed API credentials, encrypted parser payloads, bounded document processing, and scheduled retention for sensitive candidate documents.

Workspace-scoped authentication

API tokens belong to a workspace and require the cv:parse ability for parser requests. Token secrets are shown once and stored only as hashes, while authenticated application access remains scoped to the current workspace.

Encrypted short-term retention

Uploaded CV files, extracted text, structured parse results, and optional analysis can contain personal data. Parser artifacts are stored encrypted and currently expire after seven days. The scheduled retention process deletes raw documents and clears parsed payloads after expiry.

Subprocessors and responsible use

CVLens sends extracted CV text and structured parser payloads to OpenAI for structured output and optional analysis. Stripe handles billing where enabled. Infrastructure, email, logging, and storage providers process operational data as needed to run the service.

Customers remain responsible for a lawful basis to process candidate documents and for validating automated output before it affects hiring or other material decisions.

Read the complete CVLens Privacy Policy.

Try CVLens with your product workflow.

CVLens is currently available through private beta invitations.

Request Access