Privacy Policy
Last Updated: May 3, 2025

1. Introduction

This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our PDF conversion and editing services ("Service"). By using our Service, you agree to the terms outlined here.

2. Information We Collect

A. Data You Provide

  • Account Information: Name, email, password (if you register).
  • Payment Details: Billing address, credit card info (processed securely via Stripe/PayPal).
  • Uploaded Files: PDFs, images, or documents you convert/edit.

B. Data Collected Automatically

  • Usage Data: Time spent on pages, clicks, conversion success rates.
  • Device/Log Data: IP address, browser type, operating system, error logs.
  • Cookies & Tracking: Essential cookies (for login sessions); analytics cookies (opt-out available).

C. Third-Party Data

  • Social Logins: If you sign in via Google/Microsoft, we receive your name and email.
  • Integrations: Data from connected apps (e.g., Google Drive, Dropbox) if you enable file imports.

3. How We Use Your Information

Purpose Examples Legal Basis
Service Delivery Converting files, storing preferences Contractual necessity
Improvements Fixing bugs, optimizing speed Legitimate interest
Security Detecting fraud, brute-force attacks Legal obligation
Communications Sending invoices, service updates Consent (where required)
We do not:
  • Sell or rent your data to advertisers.
  • Use your files for AI training without explicit permission.

4. Data Storage & Security

A. File Handling

  • Retention: Uploaded files are automatically deleted within 24 hours of processing.
  • Backups: Encrypted backups may be retained for up to 7 days for disaster recovery.
  • Encryption:
    • In transit: TLS 1.2+
    • At rest: AES-256

B. Access Controls

  • Only authorized engineers can access files for troubleshooting (audited access logs).
  • Employees sign strict NDAs and undergo security training.

5. Data Sharing & Disclosure

We share data only under these circumstances:
Recipient Why? Restrictions
Payment Processors (Stripe, PayPal) To complete transactions PCI-DSS compliant
Cloud Providers (AWS, Google Cloud) Hosting services Data Processing Agreements (DPAs)
Legal Authorities Court orders, fraud investigations Limited to requested data
Third-party services (e.g., Google Analytics) may collect anonymized usage data.

6. Your Rights (GDPR/CCPA Compliance)

  • Access/Portability: Request a copy of your data in a machine-readable format.
  • Correction: Update inaccurate account details.
  • Deletion: Ask us to erase your data (exceptions may apply).
  • Opt-Out: Withdraw consent for marketing or analytics tracking.

7. International Data Transfers

  • Data may be processed in the U.S., EU, or other regions where our servers operate.
  • We use Standard Contractual Clauses (SCCs) for EU→U.S. transfers.

8. Policy Updates

  • We'll notify users of material changes via email or in-app alerts.
  • Archived versions of past policies are available upon request.