PDF Expert Privacy Notice Website
Last updated: 30 June 2021 (view archived versions)
PDF Expert takes care of your personal data and does everything possible to protect it. This Privacy Notice is written to help you understand what your personal data is collected, stored and used, and what happens to it when you use our website https://pdfexpert.com/ (“website”).
If you are interested in App Privacy notice, please follow the link.
In this Privacy Notice we answer the following questions:
- Who are we?
- What is the Privacy Notice covered by?
- What data do we collect and why?
- How long do we keep your data?
- Do we share data with third parties?
- Do we do data transfer outside the European Economic Zone?
- Do we use cookies?
- What rights do I have regarding my data?
- How do we update Privacy Notice?
- California privacy rights
- Do-not-track requests
- California resident’s data protection rights
1. Who are we?
We are Readdle Limited (PDF Expert), registered at Glandore Business Centre, Grand Canal House, 1 Grand Canal Street Upper, Dublin 4, D04 Y7R5, Ireland. Hereinafter, PDF Expert will be referred to as "we", "us" and "our".
We are the controller of personal data of our users and affiliates (at the moment of concluding and for duration of a contract), which means that we determine what, for what purpose and how your personal data will be processed.
If you have any questions, you can contact us by sending an email to dpo@readdle.com. You can also send us a letter at the address: Glandore Business Centre, Grand Canal House, 1 Grand Canal Street Upper, Dublin 4, D04 Y7R5, Ireland.
2. What is the Privacy Notice covered by?
This Privacy Notice applies to our website.
Website Address: https://pdfexpert.com/
Pay your attention. This policy does not apply to our App.
If you are interested in App Privacy notice, please follow the link.
3. What data do we collect and why?
The data we process is divided into two categories: technical information and data that is provided to us by user and affiliate.
- User is our website visitor.
- Affiliate is an influencer who promotes PDF Expert.
Technical information from the website. When you visit our website, some data is collected automatically. We need technical data to operate, maintain, and improve our website. This includes data such as IP address, UTM parameters, geolocation, device type, operation system of device, browser type, cookies, and data about your interaction with the website - session ID.
Data provided by user: name, email address, occupation, additional information in support requests.
*occupation is information about the profession and/or sphere of interests.
Data assigned to user: user ID
Data provided by affiliate: name, email address, social media links, payment data, identification number.
Data assigned to affiliate: user ID, unique identifier (link), user history.
Once again, briefly about what personal data we collect:
| When | Type of data | Description of data | Legal basis | Reasons for processing |
|---|---|---|---|---|
| User | ||||
| Help requests | Provided | Name, email address, occupation, additional information in support requests. | Performance of a contract | Customer support |
| Receiving information | Provided | Name, email | Legitimate interest | Marketing |
| Using website | Provided | Technical data | Legitimate interest | Providing a service |
| Click the download link | Provided | Operation system of the device | Performance of the contract | Providing a service |
| Using website | Provided | Language | Legitimate interest | Providing a service |
| Using website | Collected | Cookies | Legitimate interest | Analytics; Statistics |
| Affiliate | ||||
| Registration | Provided | Name, email, user ID, personalised link, payment data, user history | Performance of the contract | Receiving payment |
| Fulfillment of obligations | Collected | User history | Legitimate interest | Analytics; Statistics |
| Consent for receiving materials | Provided | Name, email | Consent | Marketing |
Pay your attention. We knowingly do not process personal data of users under the age of 16 without consent from legal representative(s). If you are such a user, or you are the legal representative of the user, please let us know by email dpo@readdle.com
4. How long do we keep your data?
We store personal data in the following categories:
- user’s data
We store personal data of the user for the 12 months after the last usage of the website.
- affiliates’ data
We store personal data of the user for the period of duration of the contract and 36 months after.
After the expiration of this period, we anonymize the data and store it for statistics and analytics purposes.
We process data based on your consent during the performance of the contract/ while your interaction with our service and 24 months after or until you withdraw your consent.
However, you can exercise your right to delete your data. In this case, your data will be deleted from our servers within 30 days of your request.
5. Do we share data with third parties?
We use your personal data to perform a contract and for communication between us and users / affiliates. We share your personal data with our contractors in order to perform a contract. Also, we transfer your data on the following grounds:
Consent. We transfer your personal data based on your explicit consent.
Compliance with the law. We will disclose your personal data to third parties to the extent that it is necessary:
- to comply with a government request, court order, or applicable law;
- to prevent unlawful use of our website or violation of the Terms of use of our website and our policies;
- to protect against claims of third parties;
- to help prevent or investigate fraud.
Transfer to third parties: We transfer your personal data to third parties on the basis of public offer for processing on our behalf, subject to technical and organizational measures to protect your personal data. We may transfer your data to certain companies, consultants, and contractors hired to provide certain services on our behalf.
AWS: We disclose your personal data to Amazon Web Services to store your data. For more information please read AWS’s Privacy Notice
We will ask for your consent unless the transfer of data is part of performance of a contract.
6. Do we do data transfer outside the European Economic Area?
The personal data we collect is stored on servers in the US. By default, the data is stored in the USA but the main part of processing is happening in Ireland and Germany.
There is not an adequacy decision by the European Commission in respect of the US and this means that the US is not deemed to provide an adequate level of protection for your personal data. We use adopted Standard Contractual Clauses for data protection while transfer and storage. We may process data outside the UEA and if a transfer is required, we will take the necessary data protection measures.
However, if a data transfer is required to perform a contract or to provide you services, we have the right to do so without your consent. Otherwise, we will inform you and ask for your consent.
7. Do we use cookies?
We use cookies necessary for the functioning of the website. Using cookies, we receive the technical information specified in clause 3 above and our Cookie Policy.
If you want to disable cookies, then you can find instructions for managing your browser settings at these links:
8. What rights do I have regarding my data?
You, as subjects of personal data, have the following rights:
- The right to access information. You can request an explanation of the processing of your personal data.
- The right to withdraw a consent. You can withdraw your consent at any time.
- The right to portability. You can request all the data that you provided to us, as well as request to transfer data to another controller.
- The right to restrict processing. You may partially or completely prohibit us from processing your personal data.
- The right to file complaints. If your request was not satisfied, you can file a complaint to the regulatory body.
- Right to be forgotten. You can send us a request to delete your personal data from our systems.
To exercise your rights, write us an email at dpo@readdle.com
If your request was not satisfied, you can file a complaint to the regulatory body, the The Data Protection Commission (DPC) by post at 21 Fitzwilliam Square, South, Dublin 2, D02 RD28, Ireland or by means of webforms.
9. How do we update Privacy Notice?
This Privacy Notice and the relationships falling under its effect are regulated by the GDPR. Existing laws and requirements for the processing of personal data are subject to change. In this case, we will publish a new version of the Privacy Notice on our website. If significant material changes are made that affect your privacy and confidentiality, we will notify you by email or display information on the website and ask for your consent if necessary.
10. California privacy rights
We make these disclosures to those visiting our websites who reside in California which supersede and replace any conflicting disclosures found elsewhere on our websites as well as reflect your privacy rights granted by the California Consumer Privacy Act (CCPA).
Opt-out of disclosure for direct marketing purposes. The California laws allow its residents to learn the identities of entities that received their personal data for marketing purposes and the categories of information disclosed. You may request such information by contacting us by email dpo@readdle.com
Please be aware that this opt-out does not prohibit our disclosure of personal data for any purpose other than direct marketing. The data we process and share may include your name, address, email address.
Automatic gathering of information. We collect data that you provide to us online, and through websites of unaffiliated third parties.
Automatic gathering of information by third parties. When you visit our websites, third parties through cookies can collect personal data about your online activities over time and across different websites pertaining to your visit to or use of our and other websites.
11. Do-not-track requests.
California residents visiting our websites may request that we do not automatically gather and track information pertaining to their online browsing movements across the Internet. Such requests are typically made through web browser settings that control signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personal data about an individual consumer's online activities over time and across third-party websites or online services. We currently do not have the ability to honor these requests. We may modify this Notice as our abilities change.
12. California residents’ data protection rights.
The CCPA has extended California residents’ data protection rights. However, we have already guaranteed all these rights and described them precisely in this Notice as well as a means of rights exercising. Please refer below to investigate.
Right to be informed. Please find a list of personal data we collect about you and your activity, sources and business purposes of personal data collection, and third parties we may share your personal data with in Section 3 - 6 of the Notice.
Your Right of access, Data portability, and Right to delete are prescribed by Section 7 of the Notice.
You can exercise these rights any time by contacting us via email at dpo@readdle.com
Notice, the CCPA envisages some specific requirements related to the exercising of these data protection rights. Considering them we may:
- respond to your request within forty-five (45) days of receiving the request;
- provide you with personal data we collected about you no more than twice in a 12-months period (categories and specific pieces of collected personal data, business purpose and sources of collection, categories of third parties personal data is shared with);
- NOT provide you with personal data if we cannot verify your identity. You shall provide us with sufficient information allowing us to verify you as the person about whom we collected personal data. However, we do consider requests made through your Account sufficiently verified.
- NOT transmit your personal data to another entity.
Also, please be aware that we are allowed to maintain personal data after deletion request is received as permitted by the CCPA (for instance, for the purposes of detection of security incidents, repair errors, compliance with legal obligations, transaction completion).
We want to draw your special attention that PDF Expert does not sell, rent, or trade your personal data to anyone.
Key changes to Privacy
Effective as of June 30, 2021 (view archived versions)
In Readdle we respect your privacy so we are informing you about changes in our Privacy Notice.
Here are some of the notable changes. We:
- updated information about the controller (about us);
- divided the data subjects into 5 categories for your convenience: user, consumer, vendor, partner and customer. Now you can read more about what your data we process;
- detailed the personal data that we process and specified the legal basis;
- updated the term of storage of personal data;
- and clarified the policy section for our California users.
Please, read the document carefully. If you have any doubts or questions you can contact our DPO at dpo@readdle.com