Cookie Policy

Last updated: March 14, 2026

1. What Are Cookies

Cookies are small text files stored on your device when you visit a website. They are widely used to make websites work efficiently and provide information to site owners.

2. Cookies We Use

GitResume only uses essential cookies required for the Service to function. These cookies cannot be disabled.

• Access Token (httpOnly, SameSite=Lax): A JWT token used to authenticate your requests. Expires after a short period.
• Refresh Token (httpOnly, SameSite=Lax): A JWT token used to obtain new access tokens without re-logging in. Expires after a longer period.

3. Third-Party Cookies

When subscribing to a paid plan, the Paddle checkout interface may set essential cookies to complete the payment process. These cookies are managed by Paddle and are only used during checkout. See Paddle's Privacy Policy for details.

4. What We Don't Use

GitResume does not use:

• Analytics cookies
• Advertising cookies
• Social media tracking cookies

5. Cookie Security

All essential cookies are set with the following security attributes:

• httpOnly: Cookies cannot be accessed by JavaScript, preventing XSS attacks
• SameSite=Lax: Cookies are not sent with cross-site requests, preventing CSRF attacks
• Secure: Cookies are only sent over HTTPS connections

6. Managing Cookies

You can control cookies through your browser settings. Disabling essential cookies will prevent you from logging into the Service, but you can still view public resume pages.

7. Changes to This Policy

We may update this Cookie Policy if we introduce new types of cookies. We will notify you of any significant changes.

8. Contact

If you have questions about our use of cookies, contact us at [email protected].