Product Leader.
Login

Effective 13 October 2025

Privacy policy.

This Privacy Policy explains how Loistava Holding UG (haftungsbeschränkt) ("Loistava", "we") processes personal data in connection with Product Leader / productleader.cv (the "Service"). We comply with the EU General Data Protection Regulation (GDPR) and Germany's TTDSG/TMG requirements.

1. Controller & contact

Controller: Loistava Holding UG (haftungsbeschränkt), Asternring 9, 15732 Schulzendorf, Germany.
Register: Amtsgericht Charlottenburg Berlin HRB 157120 B.
Contact: see our Legal Notice page for the current email address.
productleader.cv

2. What we do & why we process data (purposes & legal bases)

Account & profile/portfolio data (name, email, headline, bio, links, case studies, media you upload): to provide the Service, host your portfolio, and enable you to share it (Art. 6(1)(b) GDPR – contract).

AI-assisted drafting (resume parsing to create a portfolio draft): to provide requested functionality (Art. 6(1)(b)); we minimize data used and avoid sensitive categories unless you choose to include them.

Payments/subscriptions (billing details, transaction metadata—processed by our payment provider): to process orders, prevent fraud, manage subscriptions (Art. 6(1)(b) & (f)).

Communications (service emails, notices): to operate the account and inform you of changes (Art. 6(1)(b)).

Marketing communications (optional newsletters like curated articles/jobs): based on consent (Art. 6(1)(a)) or legitimate interest for similar own products where permitted (Art. 6(1)(f) + §7 UWG), with opt-out anytime.

Usage analytics & diagnostics (device, pages viewed, timestamps, referrers, rough location, events): to improve reliability, security, and UX (Art. 6(1)(f)).

Security & fraud prevention (logs, IP, headers): to secure the Service (Art. 6(1)(f)).

Legal compliance (tax/audit, law enforcement requests): (Art. 6(1)(c)).

3. Cookies & similar technologies

We use strictly necessary cookies for login/session. With your consent (Art. 6(1)(a) GDPR; §25(1) TTDSG), we may set analytics/marketing cookies or use similar identifiers. You can Accept/Decline/Customize via the cookie banner and change preferences later in settings. Refusing non-essential cookies won't block core functionality.
productleader.cv

4. Categories of personal data we collect

You provide: account details, profile/portfolio content, resume uploads, support messages, billing details (handled by payment processor), preferences, consents.

Automatically collected: device & log data, IP address, browser/OS, interaction events, approximate location from IP, cookies/identifiers (subject to consent where required).

From third parties: payment confirmations, referral attributions, publicly available info you link (e.g., LinkedIn/GitHub) if you choose to connect.

5. Who receives your data (recipients)

Service providers/processors under data processing agreements: hosting/CDN, email delivery, analytics (consent-based, where applicable), error/uptime monitoring, customer support, and payment processing.

Public viewers of your public portfolio pages (if you publish them).

Authorities where required by law.

We do not sell personal data.

6. International transfers

Where data is transferred outside the EEA/UK/Switzerland, we use lawful transfer mechanisms such as EU Standard Contractual Clauses and additional safeguards where appropriate, or rely on adequacy decisions.

7. Retention

We keep data for as long as needed to provide the Service and for legitimate business/legal purposes:

Account & portfolio content: until you delete it or close your account; limited backups may persist for up to ~90 days.

Transaction records: retained per tax/commercial laws (typically 6–10 years in Germany).

Logs/analytics: typically 12–24 months or shorter where feasible.

8. Your choices & controls

Portfolio visibility: you control whether your portfolio is public or private. Public content may be indexed by search engines.

Emails: unsubscribe via link in any non-essential email or in settings.

Cookies: manage via the cookie banner/settings.

9. Your GDPR rights

You have the right to access, rectify, erase, restrict, object (including to direct marketing), and data portability, and to withdraw consent at any time (without affecting prior processing).

To exercise rights, contact us (see §1). You also have the right to lodge a complaint with your local supervisory authority. In Berlin, this is the Berliner Beauftragte für Datenschutz und Informationsfreiheit (or your home country DPA).

10. Children

The Service is not directed to children under 16, and we do not knowingly collect their data.

11. Security

We implement appropriate technical and organizational measures (encryption in transit, access controls, least-privilege, backups, logging). No method is 100% secure; you are responsible for using strong passwords and protecting your account.

12. Automated decision-making

We do not make decisions with legal or similarly significant effects solely by automated means. AI-assisted drafting provides suggestions you control and publish at your discretion.

13. Third-party links

Links to external sites have their own privacy practices; we are not responsible for them.

14. Changes to this Policy

We may update this notice. Material changes will be communicated (e.g., in-app or by email). Continued use after the effective date means you acknowledge the update.

15. Contact

Loistava Holding UG (haftungsbeschränkt)
Asternring 9, 15732 Schulzendorf, Germany
Register: Amtsgericht Charlottenburg Berlin HRB 157120 B
Email: see Legal Notice page.
productleader.cv

Cookies

We use cookies for analytics and to remember your preferences. "Necessary" is always on.

💬