• PDF Expert
  • Features
    • iPhone and iPad
      • All Features
      • Read PDF
      • Annotate PDF
      • Edit PDF
      • Fill out PDF Forms
      • Sign PDF
    • Mac
      • All Features
      • Edit PDF
      • Read PDF
      • Annotate PDF
      • Fill out PDF Forms
      • Combine PDFs
      • Sign PDFs
  • Resources
    • Blog
    • Templates
    • Help Center
    • Experience iOS
    • Experience Mac
    • How-to Guides for iOS
      • All How-Tos
      • Edit PDF
      • Fill out PDF Forms
      • Sign PDF
      • Merge PDFs
      • Annotate PDF
      • View PDF
      • Transfer PDFs
      • Convert PDF
      • Create PDF
      • Compress PDF
    • How-to Guides for Mac
      • All How-Tos
      • Fill out Tax Forms
      • Edit PDF
      • Fill out PDF Forms
      • Sign PDF
      • Merge PDFs
      • Create PDF
      • Compress PDF
    • Responsible Disclosure
    • Legal
  • Business
  • Pricing
  • PDF Expert
Free download Buy now
Legal
Legal
Terms of Service
Privacy Notice Website
Privacy Notice for App
Cookie Policy
Data Processing Agreement (EEA)
Data Processing Agreement (US)
Responsible Disclosure
Privacy FAQ
Archives

Privacy Notice
PDF Expert Website

Last updated: February 19, 2025



Key Changes to the Terms of Service and Privacy Notice for PDF Expert App

At Readdle, we prioritize our users, and, as PDF Expert evolves, we amend our Terms of Service, Privacy Notice for Website, Privacy Notice for App, and Cookie Policy for Website accordingly.

In a nutshell, we: 

  • updated the address of Readdle Limited; and
  • clarified processing of data in case of crash events.

We encourage you to carefully read the full text of the Terms of Service, Privacy Notice for Website, Privacy Notice for App, and Cookie Policy for Website. The changes become effective as of the publication date above.


Intro

Readdle Limited (“Readdle” or “we”) welcomes you. We provide you with our website by following the link (“Website”) subject to the terms and conditions of our Terms of Service.

This Privacy Notice describes which of your personal data the Website collects, how stores, processes, and uses it, and what happens when you use the Website.

We collect your personal data when you use the Website according to this Privacy Notice. When you use our iOS, iPadOS, or MacOS application “PDF Expert” (“App” or “PDF Expert”), your personal data is processed in accordance with the Privacy Notice for PDF Expert App.

We understand you care about your privacy, and we appreciate the trust you place in us. To justify that trust, we embed the latest data security standards, improve our awareness of privacy matters, and comply with the General Data Protection Regulation and other privacy laws.

If you have any questions or comments about this Privacy Notice, visit our Support page for more information about the Website or contact us.

Table of Contents

  • About Us
  • About You
  • Personal Data
    • Sources of Data
    • Lawful Basis for Processing
    • Visitors’ Data
    • Potential Clients’ Data
    • Clients’ Data
    • Educational Clients’ Data
    • Support Requesters’ Data
    • ​​License Support Requesters’ Data
    • Partners’ Data
    • Newsletter Subscribers’ Data
    • Data Received from Third Parties
  • Data Sharing with Third Parties
  • Data Sharing Outside the European Economic Area
  • Security Measures
  • Data Subjects Rights
    • European Economic Area and United Kingdom Residents
    • United States Residents
    • Do Not Sell My Personal Information
    • Do-Not-Track Requests
    • Canada Residents
  • Privacy Notice Updates

About Us

We are the controller of your personal data processed through the Website. This means that we determine the purposes and means of personal data processing.

Controller Readdle Limited
Company number: 630281
Glandore Business Centres, 26-27 Fitzwilliam Place, Fitzwilliam Hall, Dublin 2, D02T292, Ireland
Data Protection Officer Privacity GmbH
Neuer Wall 50, 20354 Hamburg, Germany
Email rdsupport@readdle.com – for general inquiries
dpo@readdle.com – for privacy inquiries

Our support team is happy to assist you in any matter. We kindly ask you to be polite and calm in your communication with us. Otherwise, we may not respond to offensive emails/messages.

About You

When you visit the Website, you become our user (“User”).

We divide the Users into categories so you can easily find details about the processing of your personal data. Pay attention that you can fall into several categories depending on your actions.

Data subject Description
Visitor User who visits the Website.
Potential Client User who fills out the “Contact sales” form.
Client User who buys a paid version of the App.
Educational Client User who fills out the “Special Offer” form for students and educators.
Support Requester User who fills out the “Contact us” form on the support topic.
License Support Requester User who fills out the “License Retrieval” form.
Partner User who applies through the “Affiliate Program” form.
Newsletter Subscriber User who subscribes to the newsletter via “Subscribe to News” form.
Feedback Provider User who provides feedback about the Website or the App to us directly or via a third-party platform.
Please note! We do not knowingly process the personal data of Users under the age of 16. If you are such a User or you are a legal representative of such a User, please, contact us.

Personal Data

Sources of Data

We receive data about you when you visit our Website and interact with it, depending on your actions on the Website. Please read carefully the details below.

You can change your personal data in the Website by exercising your right to rectification or by the Website functionality. Please note that the same lawful bases and storage terms apply to the changed data.

We may also, although we do not necessarily do so, receive data from third parties. It depends on your settings and the features you use.

Lawful Basis for Processing

To process your personal data, we rely on the following lawful bases:

  • performance of the contract — for the processing of personal data necessary for the negotiating on, conclusion, and performance of a contract (mainly, Terms of Service) with you;
  • legal obligation — for the processing of data as required by applicable laws (for example, to comply with tax or KYC/AML regulations) or if requested by a law enforcement agency, court, supervisory authority, or another state-authorized public body;
  • legitimate interest — for the processing necessary for the development of our services, taking into consideration your interests, rights, and expectations;
  • consent — for additional processing for specific purposes.

Visitors’ Data

When you visit the Website, we may collect some data automatically.

Data Description Reasons for Processing Lawful Basis
Necessary cookies Information that is necessary for the operation of the Website Improving your experience using the Website Performance of the contract
Statistics cookies Information that helps us to understand how you interact with the Website by collecting and reporting information anonymously Improvement of the Website and analysis of the statistic for other purposes Consent
Marketing cookies Marketing information used to match relevant advertising to you Marketing Consent
Pixel technology Information that is needed to collect metrics on the marketing campaigns: opening rate, time, conversion, etc. Analytics Consent
Data Storage
Cookies Stored during the terms indicated in the Cookie Policy
Pixel technology Stored during the terms indicated in the Cookie Policy

Potential Clients’ Data

We may ask you for some information about your company to contact you and offer you a subscription for your team.

Data Reasons for Processing Lawful Basis
Full name To personalize our response to your request Legitimate interest
Email To respond to your request Performance of the contract
Company name To personalize our response to your request Legitimate interest
Number of subscriptions To send you relevant offer Performance of the contract
Mobile Device Management System To send you relevant offer Performance of the contract
Data Storage
We store the data during communication and 1 year after, if we have not concluded a contract
We store the data during your use of the App and 6 years after the termination of the contract between Readdle and you if we have concluded a contract

Clients’ Data

In order to buy a paid version of the App via the Website, you shall provide us with your payment information.

We also keep the history of payments, as this is a legal requirement, and we cannot delete this information until the filing of the annual accounts expires.

Data Reasons for Processing Lawful Basis
Subscription information
  • email
  • information about your credit card and name of the cardholder
  • your country of location
  • subscription type
  • customer ID
Confirming the payment for compliance with the applicable law Legal obligation
Confirming the payment for providing you with the subscription to the App Performance of the contract
Email hash. To analyze your actions on the Website in order to understand you better and improve the Website. Consent
Data Storage
We store the data during your use of the App and 6 years after the termination of the contract between Readdle and you.
We store email hash for 2 years.


If you have a subscription activation code, you can redeem it on our Website. In some cases, when you purchase the subscription on our partners’ platforms, the partner may redeem such code and transfer to us your data necessary for the subscription activation. 

Data Reasons for Processing Lawful Basis
Subscription information
  • email
  • name
  • subscription type
  • your country language
  • billing email (when applicable)
  • customer ID
Confirming the transaction for compliance with the applicable law Legal obligation
Confirming the transaction for providing you with the subscription to the App Performance of the contract
Data Storage
We store the data during your use of the App and 6 years after the termination of the contract between Readdle and you.
We store email hash for 2 years.


Educational Clients’ Data

We may ask you for an additional information regarding your educational institution to offer you a special type of subscription.

Data Reasons for Processing Lawful Basis
Educational email and educational institution name To confirm your educator's status Performance of the contract
Data Storage
We store the data during your use of the App and 6 years after the termination of the contract between Readdle and you.

Support Requesters’ Data

When you address your request to support on the Website, we collect some information to help you.

Data Reasons for Processing Lawful Basis
Email
Name
Test of the request
Attached FIles
Device type
To respond to your request Performance of a contract
Privacy requests
If you contact us through the DPO mailbox, we will process your request with the help of Spark Mail.
Data Storage
We store the data during communication and for 6 years after the last communication on the ticket.

​​License Support Requesters’ Data

If you have a trouble with access to your license, we will ask you to provide us with your email related to your license.

Data Reasons for Processing Lawful Basis
Email To help you find your license Performance of a contract
Data Storage
We store the data during communication and for 6 years after the last communication on the ticket.

Partners’ Data

If you want to take part in our affiliate program, you can fill out the form through Impact platform, acting as our processor.

Data Reasons for Processing Lawful Basis
Your information:
  • full name
  • user name
  • email
  • password
Creation of the Affiliate Partner’s account Performance of the contract
Company information:
  • company name
  • company website
  • country of residence
  • business address
  • currency
  • timezone
Creation of the Affiliate Partner’s account Performance of the contract
Promotional information:
  • company website
  • type of operational system
  • links to social networks accounts
Creation of the Affiliate Partner’s account Performance of the contract
Data Storage
We store the data during the existence of the Partners’ account and 6 years after that.

Newsletter Subscribers’ Data

Data Reasons for Processing Lawful Basis
Email To send you recommendations, tips, news about the product and news about the company Consent
Email To inform you about major events and special offers for other products of the company and its partners Legitimate interest
Data Storage
We store the data until you unsubscribe from the mailing.
We store the data during the performance of the contract or until you object the processing

Feedback Providers’ Data

When you submit your feedback about the Website or the App to us directly or via third-party platforms, we process personal data in your feedback, which may include your first and last name, username, the text of the feedback, and/or any other information such as the feedback submission date, the rating which you assigned to the App, etc., contained in or related to the feedback.

Feedback Provided to us Directly
Data Reasons for Processing Lawful Basis
Email To respond to your feedback and ask for your consent Consent
First and last name or username To use your feedback in our marketing activities
Text of the feedback To use your feedback in our marketing activities
Data Storage
We store the data for 6 years from feedback or the last communication on feedback
Feedback Provided via Third-party Platform
Data Reasons for Processing Lawful Basis
First and last name or username To use your feedback in our marketing activities Legitimate interest
Text of the feedback. To use your feedback in our marketing activities
Data Storage
We store the data for 2 years from feedback or the last communication on feedback

Data Received from Third Parties

We may receive some personal data from third parties.

The amount of data collected, the purposes, and the lawful basis for processing is determined by the respective privacy documents of these parties.

Third Party Privacy Documents
Stripe Privacy Policy
Impact Privacy Policy

Data Sharing with Third Parties

We can share your personal data with third parties without any harm to you and in full compliance with applicable law. In addition, we have implemented organizational and technical measures to ensure the security of personal data during data transfer to third parties.

To share your data, we rely on the following lawful bases, depending on the case: consent, compliance with the law, and performance of a contract.

Third Party Description
Analytics tools We use analytics tools to understand and promote our business.
Contractors We cooperate with contractors to operate, develop, and improve the features and functionality of the Website, fulfill your support requests, etc.

We sign data processing agreements with them and impose various security measures to ensure your data is safe.
Services Website uses We use third-party services to provide you with the functionality of the Website.
Services our team uses We use CRM systems, messengers, and other services in our organization to provide you with our services.
To manage and fulfill privacy requests we use:
  • Spark for processing requests and communication with the user;
  • Jira for internal tracking and timely involvement of responsible ones in scope of request.
State authorities, courts, law enforcement agencies, etc. We may be obliged to transfer some of your data to tax authorities, courts, law enforcement agencies, and other governmental bodies:
  • to comply with a government request, court order, or applicable law;
  • to prevent unlawful use of the Website;
  • to protect against claims of third parties;
  • to help prevent or investigate fraud.
To get a detailed list of the third-party recipients of your personal data, contact us

Data Sharing Outside the European Economic Area

The personal data we collect is stored on the US servers, which participate in the Data Privacy Framework and European Economic Area (“EEA”) servers, which fall under the General Data Protection Regulation. 

We may share personal data with the recipients in the USA and other countries, including non-EEA ones, ensuring that your data is protected and processed in accordance with the General Data Protection Regulation. For example, we share some data with our contractors in Ukraine.

To share the data outside the EEA, we rely on the adequacy decision by the European Commission or the Data Privacy Framework participation of the recipient. 

If the recipient does not participate in the Data Privacy Framework and its country is not deemed to provide an adequate level of protection for your personal data, we adopt Standard Contractual Clauses based on legislation assessments for data protection during transfer and storage.

You can read more detailed measures to protect your personal data here.

Security Measures

We systematically perform Data Protection Impact Assessments to ensure that we use an appropriate level of technical and organizational measures to prevent accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of or access to personal data transmitted, stored, or otherwise processed.

To be more specific, to protect your personal data, we use HTTPS and encryption, divided group and individual access (where appropriate), an alarm system, corporate VPN, and written approved internal policies (like password policy and physical access policy). 

Moreover, we systematically monitor our technologies’ state of the art and never forget about the backups. All our contractors are under contractual obligations compliant with the GDPR requirements.

You can contact us in case of any questions regarding security issues.

Here you can find information about the steps we mentioned above:

Physical Measures
Limited Access to Premises
Organizational Measures
Policies and Instructions
  1. Password policy
  2. Monitoring and physical access policy
  3. Contractual obligations and corporate VPN
  4. Internal security policy
  5. Access control policy
Transfer Protection
  1. Data Transfer Agreements
  2. Standard Contractual Clauses
  3. Data Privacy Framework
Contractor and Staff Training Agreements
  1. Non-disclosure Agreements
  2. Data Processing Agreements
Regular Access and Policy Review Privacy Protection:
  1. Privacy by design and by default.
  2. Internal procedures for GDPR compliance
Code Review
Technical Measures
Encryption Technologies:
  • Encryption in transit
  • Backup encryption
  • State-of-the-art methods of cryptographic keys
Backup
  • Regular backup of the entire system
  • Redundant operation of the critical services in multiple data centers controlled by a high-availability system
Two-factor Authentication Stress-tests
Static Analysis Quality Assurance
Regular Patch Management Dependency and Supply Chain Vulnerability Check

Data Subjects Rights

European Economic Area and United Kingdom Residents

You, as a data subject, have the right to interact with your data directly or through a request to us. This section describes these rights and how you can exercise them depending on your residency.

Right Description
Right to access You can request an explanation of the processing of your personal data.
Right to rectification You can change the data if it is inaccurate or incomplete.
Right to erasure You can send us a request to delete your personal data from our systems. We will remove them unless otherwise provided by law.
Right to restrict the processing You may partially or completely prohibit us from processing your personal data.
Right to data portability You can request all the data you provided to us and request to transfer data to another controller.
Right to object You may object to the processing of your personal data.
Right to withdraw consent You can withdraw your consent at any time.
Right to file a complaint If your request was not satisfied, you could file a complaint to the regulatory body.
To exercise your rights, contact us.
For EEA residents: we will answer your request within one month. If your request is not satisfied, you can submit a complaint to your local Data Protection Authority. You may find it here.
For UK residents: we will answer your request within one month. If your request is not satisfied, you can submit a complaint at the Information Commissioner’s Office via number 0303-123-1113 or go online at www.ico.org.uk/concerns.

United States Residents

Your rights vary depending on the state of your residency, as indicated below.

Right Description Area
Right to access You can request an explanation of the processing of your personal data. California
Colorado
Connecticut
Indiana
Iowa
Montana
Tennessee
Texas
Utah
Virginia
Right to correct You can change the data if it is inaccurate or incomplete. California
Colorado
Connecticut
Indiana
Montana
Tennessee
Texas
Virginia
Right to delete You can send us a request to delete your personal data from our systems. California
Colorado
Connecticut
Indiana
Iowa
Montana
Tennessee
Texas
Utah
Virginia
Right to portability You can request all the data you provided to us and request to transfer data to another controller. California
Colorado
Connecticut
Indiana
Iowa
Montana
Tennessee
Texas
Utah
Virginia
Right to opt out of sales The right to opt out of the sale of personal data to third parties. California
Colorado
Connecticut
Indiana
Iowa
Montana
Tennessee
Texas
Utah
Virginia
Right to opt out of certain purposes The right to opt out of processing for profiling/targeted advertising purposes. Colorado
Connecticut
Indiana
Montana
Tennessee
Texas
Utah
Virginia
Right to opt out of the processing of sensitive data The right to opt out of the processing of sensitive data California  
Right to opt in for sensitive data processing The right to opt in before the processing of sensitive data. Colorado
Connecticut
Indiana
Montana
Tennessee
Texas
Virginia
Right against automated decision-making A prohibition against a business making decisions about a consumer based solely on an automated process without human input. California
Colorado
Connecticut
Indiana
Iowa
Montana
Tennessee
Texas
Virginia
Private right of action The right to seek civil damages from a controller for violations of a statute. California  
To exercise your rights, contact us
We will answer your request within 30 to 60 days, depending on the state and legislative requirements. If your complaint is not satisfied, you can submit a complaint with the Federal Trade Commission.
Please note! Some states do not have their own privacy laws. The rights of residents of such states are governed by U.S. federal law. If your state is not on the list, please contact us.

Do Not Sell My Personal Information

California residents have the right under the California Consumer Privacy Act (“CCPA”) to opt out of the “sale” of their personal information by a company governed by CCPA.

We neither sell your personal information to anyone nor use your data as a business model. Your privacy is our top priority and we are committed to protecting it.

However, we support the CCPA by allowing California residents to opt out of any future sale of their personal information. If you would like to record your preference that we will not sell your data in the future, please contact us via dpo@readdle.com.

Do-Not-Track Requests

California residents visiting the Website may request that we do not automatically gather and track information about their online browsing movements across the Internet.

Such requests are typically made through web browser settings that control signals or other mechanisms that allow consumers to exercise choice regarding collecting personal data about an individual consumer’s online activities over time and across third-party websites or online services.

We currently do not have the ability to honor these requests. We may modify this Privacy Notice as our abilities change.

Canada Residents

Right Description
Right to access You can request an explanation of the processing of your personal data.
Right to rectification You can change the data if it is inaccurate or incomplete.
Right to delete You can send us a request to delete your personal data from our systems. We will remove all data except of what we are obliged to store in compliance with the law requirements.
Right to data portability You can request all the data you provided to us and request to transfer data to another controller.
Right to object opt-out You may object to the processing of your personal data.
Right to withdraw consent You can withdraw your consent at any time.
Right not to be subject to automated decision-making You can object to being subject to automated-based processing to know if there are consequences concerning them due to such processing.
Right to lodge a complaint If your request is not satisfied, you could file a complaint to the regulatory body.
To exercise your rights, contact us.
We will answer your request within 30 days. If your complaint is not satisfied, you can submit a complaint to the Office of the Privacy Commissioner of Canada.

Privacy Notice Updates

The Privacy Notice and the relationships falling under its effect are regulated by the General Data Protection Regulation. Existing laws and requirements for processing personal data are subject to change. Should this be the case, we will publish a new version of the Privacy Notice addressing such changes on the Website.

If we make substantial changes to the Privacy Notice or the Website that affect your data privacy rights, we will notify you by email or display information on the Website and ask you to read it. We will notify you in advance, and, if you continue using the Website after the changes come into effect, it shall be deemed that you have agreed to and accepted the updated Privacy Notice.

Features

  • iPhone and iPad
  • Mac

How-Tos

  • iPhone and iPad
  • Mac

Company

  • Blog
  • Press Kit
  • Help Center
  • Become an Affiliate

Legal

  • Privacy Notice - Web
  • Privacy Notice - App
  • Terms of Service
Copyright © 2007 - 2025 Readdle Limited.

Apple, the Apple logos, MacBook, iPad, iPhone, Apple Watch and Apple Vision Pro are trademarks of Apple Inc., registered in the U.S. and other countries. App Store and Mac App Store are a service mark of Apple Inc., registered in the U.S. and other countries.

Terms of Service
Privacy Notice