GDPR Compliance

Last updated: June 07, 2025

1. Introduction

This GDPR compliance statement explains how we adhere to the General Data Protection Regulation (GDPR) when processing your data through our PDF processing service.

2. Data Controller

For the purposes of the GDPR, we act as the data controller when processing your personal information. For any GDPR-related inquiries, please contact our Data Protection Officer at [DPO email].

3. Legal Basis for Processing

We process your data under the following legal bases:

  • Contract Performance: Processing your PDF files as requested through our service
  • Legitimate Interests: Improving our service and ensuring technical functionality
  • Legal Obligation: Complying with legal requirements
  • Consent: When explicitly provided for specific purposes

4. Data Processing Principles

We adhere to the following GDPR principles:

  • Lawfulness, Fairness, and Transparency: We process data legally, fairly, and transparently
  • Purpose Limitation: We only process data for specified, explicit, and legitimate purposes
  • Data Minimization: We only process data that is necessary for the purpose
  • Accuracy: We ensure data is accurate and kept up to date
  • Storage Limitation: We only store data for as long as necessary
  • Integrity and Confidentiality: We process data securely
  • Accountability: We take responsibility for complying with GDPR principles

5. PDF File Processing

Regarding PDF files specifically:

  • Files are processed solely for the requested operation (merge, split, rotate, compress, or convert)
  • Files are automatically deleted after processing or within 1 hour maximum
  • We do not access, read, or analyze the content of your PDF files
  • Files are encrypted during transmission and processing
  • We maintain appropriate technical measures to ensure data security

6. Your GDPR Rights

Under GDPR, you have the following rights:

  • Right to Access: Obtain confirmation of whether we process your data and request a copy
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to our processing of your data
  • Rights Related to Automated Decision Making: Not be subject to decisions based solely on automated processing

7. Data Transfers

If we transfer your data outside the EEA, we ensure appropriate safeguards are in place through:

  • EU Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Other appropriate security measures

8. Data Breach Procedures

In the event of a data breach that risks your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Inform affected users without undue delay
  • Document all breaches and our response measures

9. Contact Information

For any GDPR-related queries or to exercise your rights, please contact:

  • Data Protection Officer: [DPO email]
  • Postal Address: [Company Address]