Privacy Policy
The continuity of our service relies on the assurance that our customers' data remains secure. Therefore, safeguarding privacy is our utmost concern. We will provide a comprehensive explanation on how DocConverter manages your data. If you do not consent to our Privacy Policy and the terms outlined below, kindly refrain from using our services and inform us of your apprehensions.
Contact Information
As a data controller, DocConverter is bound by the requirements of the General Data Protection Regulation (GDPR). The data controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
XXXXX
XXXXX
Tél:
Email: contact@docconverter.net
Data processing utilizing the DocConverter platform
Processing scope:
We gather solely the essential data required and utilize it exclusively for the purpose of delivering our services. We do not engage in the creation of profiles or similar activities.
DocConverter offers a wide range of tools for file conversions, including converting files to different formats, generating website screenshots, merging files, creating thumbnails, and adding watermarks. The service is accessible through both a website and a REST API for seamless integration with other platforms. Users have the option to utilize the service without registering, or they can choose to create an account.
When you visit our website or use our API, your IP address, HTTP referrer, user agent, and access dates are logged as part of our standard procedure for maintaining service quality. As part of the conversion process, your files are securely transferred and temporarily stored on DocConverter's servers.
If you opt to register for a DocConverter account, we will collect your email address, chosen username, and profile photo. When using our contact form, we will collect your email address and name. For users who purchase a package or subscribe to a plan, we will also need to gather additional information such as your full name, physical address, company name, and VAT ID. Rest assured that all data is transmitted through a secure SSL channel to ensure the protection of your information.
Objective of the processing:
The purpose of processing your uploaded files is to exclusively provide our services, such as converting the files to other formats. We do not read, inspect, or extract any data from your files, and we do not create any duplicates of them. All file processing is automated; there is no human involvement with your files.
For the enhancement of our service and for statistical purposes, we only gather the number of converted files, the number of errors, and the total file size of all your conversions.
We record your IP address to prevent misuse of our service and for general demographic analysis. This information is not linked to any personally identifiable information. If you provide an email address, we use it to send you account-related and marketing information. You have control over how we use your email address in your notification settings. If you purchase a package or subscribe to our services, your name, company, and address will be used to generate your invoice and to prevent fraud. Your VAT ID may be used to determine if you are exempt from paying VAT.
Duration of data retention and deletion:
Your files will be removed permanently and cannot be recovered from our servers once you click the delete button. This process is automatic and will take place within 24 hours at the latest.
If you decide to delete your account, all your personal information will be erased permanently within 72 hours.
After 180 days, all log data (including IP address, user agent, and referrer) will be deleted. The personal data collected for the paid service will be erased in compliance with Art. 6 (1) (c) GDPR after the expiration of tax and commercial law retention and documentation requirements (based on German legislation, specifically the Commercial, Criminal, and/or Tax Code).
Potential for opposition and elimination:
You can modify the data on your “dashboard” and you can delete your account at any time. When you delete your account, all associated data is permanently deleted within 72 hours. Deleting your account also deletes all data stored at payment provider Stripe and ticket system. Alternatively, you can contact us and we will modify or delete your data and/or delete your account for you.
Log files
When you access our service, we do keep basic log files for 180 days.
Data processing description and extent:
Whenever our platform is accessed, our system automatically retrieves data and information from the operating system of the device making the call.
The collected data includes:
- Browser type, browser version, and operating system
- IP address and approximate location based on the IP address
- Date and time of access
This information is stored in our system's log files and is not combined with any other personal data of the user.
Purpose of the processing:
The system requires temporary storage of the user's IP address to facilitate platform delivery to the user's device during the session. This data is stored in log files to maintain platform functionality, prevent misuse, optimize the platform, and safeguard our information technology systems. Please note that data evaluation for marketing purposes does not occur in this context. Our legitimate interest in data processing is in accordance with Art. 6 (1) (f) GDPR.
Duration of the storage:
Payment information and chargeback data will be retained only for the duration required for payment processing, chargeback handling, debt collection, and fraud prevention purposes. Additionally, payment data may be kept longer to adhere to legal retention periods or investigate instances of misuse. Your personal information will be deleted after the statutory retention period expires, typically within 10 years.
Possibility of objection and removal:
The collection of data for the provision of the platform and the storage of the data in log files is mandatory for the operation of the platform.
Your rights
You can modify or delete your data at any time.
In case your personal data is being processed, you are considered a data subject under the GDPR and you are entitled to the following rights in relation to the controller:
- You have the right to request information from the controller about the data they have stored about you (Art. 15 GDPR).
- If incorrect personal data is being processed, you have the right to request rectification (Art. 16 GDPR).
- If the legal requirements are met, you may request the deletion or restriction of processing (Art. 17 and 18 GDPR).
- If you have given consent to the data processing or if there is a contract for data processing and the processing is carried out using automated procedures, you may have the right to data portability (Art. 20 GDPR).
- If your personal data is being processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling related to such direct marketing. If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes (Art. 21 GDPR).
- Additionally, you have the right to appeal to a supervisory authority (Art. 77 GDPR).
The supervisory authority responsible for us is:
address: XXXXX
website: XXXXX
Tél: XXXXXX
Email: contact@docconverter.net
Cookies
Our services require their participation, and we exclusively utilize cookies that are technically essential.
Explanation and extent of data processing:
Our platform utilizes cookies, which are text files stored in the internet browser or by the internet browser on the user's device. When a user accesses our platform, a cookie may be saved on the user's operating system. This cookie contains a unique character string that allows the device to be identified when the platform is accessed again.
We employ cookies to enhance the user-friendliness of our platform. Certain features of our platform necessitate the ability to identify the device even after a platform switch.
The cookies store and transmit the following data:
- Identifiers of previously converted files
- Log-in and session information.
Processing purpose:
The use of essential cookies is intended to streamline the platform's usability for users. Certain features of our platform are dependent on the use of cookies, as it is essential for the browser to be recognized even after navigating to a different page.
We require cookies for the following features of the application:
- Access to previously converted files
- Log-in functionality
The user data gathered through essential cookies is not utilized for creating user profiles.
Storage period:
The user's computer stores cookies and sends them to our platform. As a user, you have complete control over cookie usage. You can disable or limit cookie transmission by adjusting your internet browser settings. Stored cookies can be deleted manually or automatically. Disabling cookies on our platform may limit access to certain functions. If you are using Safari browser version 12.1 or higher, cookies are automatically removed after seven days, including opt-out cookies for tracking prevention.
Registration
When you sign up, we gather certain information about you. This information will not be shared with any third parties.
On our platform, users have the option to register by providing personal information. This information is inputted into a form and then sent to us for storage.
Upon registration, users gain access to additional features and can view their previously converted files.
Rest assured, we do not share this data with any third parties. The information collected during registration includes:
- Email address
- UserName
- Name
- IP address of the device used
- Date and time of registration
Alternatively, users can choose to register or create an account using their Facebook or Google credentials. In this case, the necessary information (Username, email address, name) is automatically transferred to us from the respective platform. This data will only be used as per your account settings on Facebook or Google.
During registration, users are required to provide consent for the processing of their personal data.
Storage period:
The data will be removed once it is no longer necessary for the purpose for which it was gathered. This applies to the data gathered during the registration process for the execution of a contract or for the implementation of pre-contractual measures when the data is no longer necessary for the execution of the contract. There may still be a necessity to retain personal data of the contractual partner even after the contract has been concluded, in order to fulfill contractual or legal obligations.
Upon deletion of your account, all data linked to your account will be automatically erased within 72 hours.
Potential for dissent and elimination:
You have the ability to make changes to the information displayed on your dashboard and to close your account whenever you wish. If you prefer, you may also reach out to us, and we will make adjustments or remove your data and/or close your account on your behalf.
Payment
When you make a purchase or sign up for a subscription, we gather additional information about you. This data is utilized for the purpose of processing payments through our payment provider, Stripe or PayPal.
Data processing description and extent:
We provide our clients with a range of payment methods to cover expenses related to our services. To facilitate this, we redirect clients to the appropriate payment service provider's platform based on their chosen payment method. Once the payment is finalized, we obtain the customer's payment details from the payment service provider or our in-house bank, and proceed to handle them in our systems for invoicing and accounting purposes.
Payment by credit card:
If you opt for credit card payment, your payment information will be shared with payment service providers for processing. These providers adhere to the "Payment Card Industry (PCI) Data Security Standards" and have been certified by an independent PCI Qualified Security Assessor.
The data regularly transmitted during credit card payments include the purchase amount, date and time of purchase, first name and surname, address, email address, credit card number, credit card expiration date, security code (CVC), IP address, VAT ID.
Payment data is shared with Stripe Inc or Paypal. For more details on data protection policies, as well as options for revocation and removal with payment service providers, please visit: https://stripe.com/en-gb-de/privacy and https://www.paypal.com/myaccount/privacy/privacyhub.
Storage period:
All payment information and details regarding potential chargebacks will be retained only for the duration required for payment processing, chargeback handling, debt collection, and fraud prevention purposes.
Additionally, payment data may be retained beyond this period if deemed necessary to adhere to legal retention requirements or to pursue a particular case of fraud.
Your personal information will be deleted once the legal retention obligations expire, typically within a maximum of 10 years.
Potential for dissent and elimination:
You have the option to withdraw your consent for the processing of your payment information by either deleting your account or informing the relevant party or payment service provider. Nevertheless, the payment service provider may still have the right to process your payment data if it is required for the contractual processing of payments.
Telemetry data
We collect telemetry data in our platform for monitoring and troubleshooting.
Explanation and extent of data processing:
Telemetry data is gathered on our platform, utilizing our services. During the processing of telemetry data, the following personal information is handled:
- IP address and general location derived from the IP address
- User ID
- Software provisioning and usage.
Storage period:
The retention period for your personal information will be determined based on the purposes outlined in our Privacy Policy or as mandated by law. Telemetry data stored in log files, for instance, will be kept for a maximum of 180 days. However, it is also possible for the data to be retained beyond this timeframe. In such instances, user IP addresses will either be deleted or anonymized to prevent any identification of the originating client.
Potential for dissent and elimination:
Upon deletion of your account, all telemetry data linked to your account will be automatically removed within 72 hours. Alternatively, you may reach out to us for assistance in deleting your data and/or account.