Last updated Apr 18th, 2019.
Information We Hold
Registration and Contact Information. We collect information about you when you (a) register to use the Services and (b) otherwise provide contact information to us via email, mail, or through our Service. This information you provide may include your username, first and last name, email address.
Payment Information. When you purchase the Services, we will also collect transaction information, which may include your company name, company VAT (when applicable), credit card information, billing and mailing address. We describe how Payment Information are collected and processed later in this document.
Third Party Platforms. We may collect information when you interact with our service on third-party sites or platforms, such as analyticals sites. This may include information such as actions or the fact that you viewed or interacted with our content.
How We Use the Information We Collect
We use your information in the following ways:
- To provide, maintain and improve the Service and our other products and services, including to operate certain features and functionality of the Service (for example, by remembering your information so that you will not have to re-enter it during this or subsequent visits);
- To process your inquiries and otherwise deliver customer service;
- To process your payments, we share and use Payment Information as described in Section 4 (Payment Information);
- To control unauthorized use or abuse of the Service and our other products and services, or otherwise detect, investigate or prevent activities that may violate our policies or be illegal;
- To analyze trends, administer or optimize the Service, monitor usage or traffic patterns (including to track users’ movements around the Service) and gather demographic information about our user base as a whole;
- To communicate directly with you, including by sending you newsletters, promotions and special offers or information about new products and services. Your opt-out options for promotional communications are described in Section 6 (Your Controls and Choices);
Sharing Your Information with Third Parties
We do not sell, trade, share or transfer your personal information to third parties except in the following limited circumstances:
- We may share your personal information with our parent companies, subsidiaries and affiliates;
- We may share your personal information with third-party service providers to permit such parties to provide services that help us with our business activities, which may include assisting us with marketing, advertising our product/service offerings, or providing, maintaining and improving the features and functionality of the Service, among other things. For example, we may provide personal information to our service providers for direct emailing of our newsletters or notifications of our product/service offerings;
- We may share your personal information when we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce a Customer Agreement, including investigation of potential violations thereof, or (c) protect against imminent harm to our rights, property or safety, or that of our users or the public as required or permitted by law;
- We may share your personal information with third parties (including our service providers and government entities) to detect, prevent, or otherwise address fraud or security or technical issues;
- We may share your personal information with our business partners who offer a service to you jointly with us, for example when running a cross-promotion;
- We may share your Payment Information to process your payments, as further described in Section 4 (Payment Information);
- We may share and/or transfer your personal information if we become involved in a merger, acquisition, bankruptcy, or any form of sale of some or all of our assets; and
- We may share your personal information with a third party if we have your consent to do so.
We may also share aggregated or anonymized information with third parties for other purposes. Such information does not identify you individually, but may include usage, viewing and technical information such as the types of Service our customers and users generally use, the configuration of their computers, and performance metrics related to the use of Service which we collected through our technology. If we are required under applicable law to treat such information as personal information, then we will only disclose it as described above. Otherwise we may disclose such information for any reason.
We have a dedicated page related to the EU GDPR law that you can read in details here:
General Data Protection Regulation(GDPR) compliance
We also have a dedicated page listing our Subprocessors available here:
List of Sub-processors engaged by PDFShift
Data Privacy (what do we store)
When you send a POST request to PDFShift in order to convert your HTML documents to PDF, our service doesn't store the content of your document nor the URL used.
We only store the related information, including the date of the request, the duration of the conversion, the file size and the API key used for the conversion.
In case an error occurs, the error message, the line, and the date are saved to our database for further analysis.
In no circumstances the content of your documents are stored on our servers, except for the following reason:
- When passing the "filename" parameter
- When passing the "webhook" parameter
In these cases, instead of returning the PDF documents, our server will save the document to Amazon S3 and will return a JSON response with the link to Amazon S3.
The link is unique, generated via a unique identifier, and only shared to the user who made the request.
Moreover, the document is only stored for a limited amount of time (default to 2 (two) days), and will then be deleted automatically.
Other Access to or Disclosure of Your Information
Your Controls and Choices
Your data protection rights under the General Data Protection Regulation (GDPR)
- If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing email@example.com.
- In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information, or request portability of your personal information. Again, you can exercise these rights by emailing firstname.lastname@example.org.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails we send you. To opt-out of other forms of marketing, please contact us by emailing email@example.com.
- Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Accessing and Updating Your Personal Information
When you use the Service, we make good faith efforts to provide you with access to your personal information upon your request and either provide you the means to correct this information if it is inaccurate or to delete such information at your request if it is not otherwise required to be retained by law or for legitimate business purposes. You may access, review, correct, update, change or delete your information at any time. To do so, please contact us at firstname.lastname@example.org with your name and the information requested to be accessed, corrected or removed, or if you are using the Service, sign in to your account, go to your profile, and make the desired changes. We may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort (for instance, requests concerning information residing on backup tapes), jeopardize the privacy of others, would be extremely impractical, or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
We may retain your information as necessary to support the Service, comply with our legal obligations or resolve disputes.
No Children Under Age 13
Your California Privacy Rights and Disclosures
California Shine the Light Law. If you are a California resident and we disclose your personally identifiable information to third parties for such third parties’ direct marketing purposes, California’s Shine the Light Law (CA Civil Code Section 1798.83) allows you to request certain information from us about such disclosures. To make a request under the Shine the Light Law, please contact us at email@example.com. Please note that under California law, businesses are not required to respond to such requests more than once during any calendar year.
California Information-Sharing Disclosure. California residents may request a list of all third parties with respect to which we have disclosed any information about you for direct marketing purposes and the categories of information disclosed. If you are a California resident and want such a list, please send us a written request by email to firstname.lastname@example.org with “California Privacy Rights” in the subject line.
California Minors. At any time, you can delete or remove your posts using the same deletion or removal procedures described in Section Accessing and Updating Your Personal Information above, or otherwise through the Service. If you have questions about how to remove your posts or if you would like additional assistance with deletion you can contact our support team at email@example.com.
The security of your personal information is important to us. We maintain a variety of appropriate technical and organizational safeguards to protect your personal information. We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs. Further, we have implemented reasonable physical, electronic, and procedural safeguards designed to protect personal information about you. When you enter sensitive information (such as your password), we encrypt that information in transit using industry-standard Transport Layer Security (TLS) encryption technology. No method of transmission over the Internet, method of electronic storage or other security methods are one hundred percent secure. Therefore, while we strive to use reasonable efforts to protect your personal information, we cannot guarantee its absolute security.
How you can contact us
In addition, you may also contact PDFShift by writing to us at:S.A.S. PDFShift
128 rue la Boétie