Privacy Policy

Last Updated: November 2025

INTRODUCTION

We at PDFly ("PDFly," "we," "our," or "us"), are deeply committed to protecting your privacy and maintaining transparency about how we handle your personal information. This Privacy Policy describes in detail the types of information we collect, how we use it, the circumstances under which we may share it, and the measures we take to secure it.

This Policy applies to all users of our PDFly software, browser extensions, and related digital services (collectively, the "Services"). By downloading, installing, or using our Services, you acknowledge that you have read and understood this Policy and consent to the data practices described herein.

We comply with major global privacy frameworks, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws. Our goal is to ensure that your personal information is handled lawfully, fairly, and transparently, regardless of where you are located.

PRIVACY BY DESIGN

At PDFly, privacy is not an afterthought—it is a foundational principle. We implement Privacy by Design across all aspects of our operations. This means that privacy considerations are embedded into our product development, data management, and business processes from the very beginning.

We continuously assess and improve our systems to ensure that data collection and processing are limited to what is strictly necessary for legitimate business and operational purposes. Our internal policies require that all employees, contractors, and partners adhere to strict confidentiality and data protection standards.

We also employ data minimization, pseudonymization, and anonymization techniques where appropriate to reduce the risk of identifying individuals. These measures, combined with robust technical safeguards, help ensure that your privacy is protected throughout the entire data lifecycle—from collection to deletion.

INFORMATION WE COLLECT

We collect information to provide, improve, and personalize our Services, as well as to comply with legal and regulatory obligations. The information we collect falls into two main categories: Personal Information and NonPersonal Information.

1. Personal Information

Personal Information refers to data that can directly or indirectly identify you as an individual. This includes:

  • Device and usage data: IP address, MAC address, device type, operating system, browser type, and interactions with our Services.
  • Contact details: Name, email address, or other identifiers you provide when contacting our support team or submitting inquiries.
  • Search queries: Terms or phrases entered through your browser or the PDFly search interface.

We use this data to ensure compatibility across devices, deliver requested features, analyze performance, detect fraud, and provide personalized support or marketing communications. Some of this information may also be used to comply with legal obligations or respond to lawful requests. We may further anonymize some of the data and use it for other purposes.

2. NonPersonal Information

NonPersonal Information refers to data that cannot identify you individually. This includes aggregated or anonymized information such as:

  • Device type, browser version, general geographic region, and usage trends.
  • Statistical data about how users interact with our Services, including session duration, feature usage, and frequency of access.

We use this information to analyze user behavior, optimize performance, improve our Services, and develop new features that better meet user needs.

PURPOSES FOR DATA USE

We process your information for multiple legitimate purposes, each supported by a clear legal basis under applicable data protection laws.

Purpose Description
Service Delivery We use your data to operate, maintain, and improve our Services. This includes ensuring compatibility across devices, resolving technical issues, and optimizing performance. Without this data, we may be unable to provide certain functionalities or maintain service reliability.
Service Administration and Security We process data to manage and protect our Services, including troubleshooting, testing, fraud prevention, and system monitoring. This processing is based on our legitimate interest in maintaining a secure and reliable platform.
Communication and Improvement We use your information to respond to inquiries, provide updates, and improve our Services based on user feedback. This may include sending servicerelated communications or feature announcements. You may opt out of nonessential communications at any time.
Analytics and Insights We analyze aggregated usage data to understand how users interact with our Services. These insights help us identify popular features, detect usability issues, and make datadriven improvements.
Marketing We or third parties (such as Google) may use your data for CrossContextual Behavioral Advertising (CCBA). This allows us to deliver more relevant advertisements based on your interests. You can opt out using the Digital Advertising Alliance (DAA) or Network Advertising Initiative (NAI).
Legal Compliance We may process your information to comply with applicable laws, respond to government requests, or enforce our legal rights.
Security We use data to detect, prevent, and respond to unauthorized access, fraud, or abuse of our Services.

LEGAL BASIS FOR PROCESSING (GDPR)

Under the GDPR, we rely on several legal bases for processing your Personal Information:

  • Legitimate Interests: To ensure the stability, functionality, and security of our Services, and to improve user experience.
  • Contractual Necessity: To fulfill our obligations under the agreement formed when you use our Services.
  • Consent: For specific activities such as marketing, analytics, or optional data collection, we will request your explicit consent.
  • Legal Obligation: To comply with applicable laws, regulations, and legal processes.

You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal

DATA SHARING

We do not sell your Personal Information. However, we may share it with trusted third parties under limited and controlled circumstances:

  • Service Providers: We engage reputable vendors to assist with hosting, analytics, customer support, and other operational functions. These providers are contractually bound to use your data only as instructed and to maintain confidentiality and security. Some may be located outside your jurisdiction; in such cases, we implement appropriate safeguards such as Standard Contractual Clauses.
  • Legal Compliance: We may disclose your data when required by law, regulation, or court order, or to respond to lawful requests from public authorities.
  • Corporate Transactions: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction, subject to continued protection under this Policy.
  • Fraud Prevention and Security: We may share information with partners or law enforcement to detect and prevent fraudulent or malicious activity.
  • User Consent: We will share your data for additional purposes only with your explicit consent.

CROSSCONTEXTUAL ADVERTISING OPTOUT

You have the right to opt out of interestbased advertising. You can do so by visiting:

Digital Advertising Alliance (US)

Digital Advertising Alliance (Canada)

Digital Advertising Alliance (EU)

Network Advertising Initiative

Please note that opting out will not eliminate all ads but will prevent personalized advertising based on your browsing behavior.

DATA SECURITY

We take your data security seriously and employ a combination of physical, electronic, and procedural safeguards to protect it.

Our security measures include:

  • Encryption: Protecting data during transmission and storage using industrystandard encryption protocols.
  • Access Controls: Restricting access to authorized personnel who require it for legitimate business purposes.
  • Regular Audits: Conducting periodic assessments to identify vulnerabilities and ensure compliance with security standards.
  • Incident Response: Maintaining procedures to detect, report, and respond to data breaches promptly.

While we strive to maintain the highest level of protection, no system is entirely immune to threats. If you believe your data has been compromised, please contact us immediately at [email protected].

DATA RETENTION

We retain your Personal Information only for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, and resolve disputes.

Once your data is no longer needed, we securely delete or anonymize it so that it can no longer be linked to you. In some cases, we may retain anonymized or aggregated data indefinitely for statistical and analytical purposes.

Examples of retention periods include:

  • Operational Data: Retained while your account remains active.
  • Legal and Compliance Data: Retained as required by law or regulation.
  • Anonymized Data: Retained for research and performance analysis without identifying you personally

USER RIGHTS

Depending on your jurisdiction, you may have the following rights regarding your Personal Information:

  • Access: Request a copy of the data we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your data, subject to legal or contractual obligations.
  • Data Portability: Request that your data be provided in a structured, machinereadable format.
  • OptOut (CCPA): Decline the sale or sharing of your Personal Information.
  • Objection: Object to processing based on legitimate interests.
  • NonDiscrimination: Exercise your rights without facing any adverse treatment.

To exercise these rights, contact us at [email protected] or through our online request form. We may need to verify your identity before processing your request.

CHILDREN'S PRIVACY

Our Services are not directed toward children under the age of 16. We do not knowingly collect or process data from minors. If we become aware that we have inadvertently collected such information, we will take immediate steps to delete it. Parents or guardians who believe their child has provided us with personal data should contact us at [email protected].

POLICY UPDATES

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. The "Last Updated" date at the top of this page indicates the most recent revision.

When significant updates occur, we will notify users through our Services or via email, as required by law. Continued use of our Services after such updates constitutes acceptance of the revised Policy.

CONTACT US

If you have any questions, concerns, or complaints regarding this Privacy Policy or our data practices, please contact us at: [email protected]. We will respond to all inquiries in accordance with applicable data protection laws and aim to resolve any concerns promptly and transparently.