Privacy Policy
Thank you for visiting our website.
PDFlike respects your right to privacy when you use our services, visit our website, download our desktop app or mobile apps, or communicate with us. We take all necessary measures to ensure that any personal data you give us is treated in compliance with data protection laws and with this Privacy Notice.
‘Personal data’ is any information that relates to an identified or identifiable natural person, such as your name or email address.
In exchange for our services, when you visit our website or communicate with us, we may process personal data related to you (‘Your Personal Data’). In these cases, PDFlike is the controller of Your Personal Data.
When you upload or otherwise provide files and information, which may contain personal data related to you or others, and process such files and information using our services (‘User Files’), you remain fully responsible for such personal data contained in the User Files.
In the paragraphs below, we endeavor to provide you with information about our processing of Your Personal Data, your rights regarding Your Personal Data, and the measures we take to maintain the privacy and security of Your Personal Data.
If you provide us with personal data of other people (such as family members or work colleagues) or provide us User Files which contain personal data related to other people, please make sure they are aware of this Privacy Notice and only provide us with their data if you are allowed to do so and such personal data is correct.
Our website, desktop app, mobile apps, and communications may contain links to other websites. If you follow a link to any of those websites, please note that the personal information you submit will be processed according to their own privacy notices, and that PDFlike does not accept any responsibility or liability for those websites. Please make sure to check those privacy notices before you submit any personal information to those websites.
This Privacy Notice has been drafted to be in line with applicable privacy laws. Based on your location, this might, for example, be the Swiss Federal Data Protection Act, the California Consumer Privacy Act, or the EU General Data Protection Regulation (GDPR).
Key Questions and Answers
1. What personal data does PDFlike collect through its website and for what purposes?
In brief: If you use our services, regardless of whether you are a free or paying user, we will collect Your Personal Data as required to provide our services to you and/or help us improve our services for you.
1.1 Use of our website
If you visit any domain or subdomain of PDFlike.com and do not register for or log into your account, we collect and process Your Personal Data that is necessary to enable your informational use of these domains. We also use functional cookies and other technologies (see Section 8) to enable this functional use of our website and to maintain the stability and security of our website. For these purposes, we process your IP address and other usage metrics along with the date and time of your access. We process Your Personal Data to provide our website to you (Art. 6 (1) (1) b GDPR) and based on our legitimate interest to maintain our website’s stability and security (Art. 6 (1) (1) f GDPR).
1.2 Use of our services via third-party services
You may be able to access our services and upload User Files via third-party services, such as Dropbox and Google Drive. For this purpose, you do not have to create a User Account with us or provide your login credentials for the third-party service or application. Rather, we will let you access our services with an authorization token (aka “OAuth token”) from the third-party service provider confirming that you are a valid user of their service. We process this information to enable your use of our services (Art. 6 (1) (1) b GDPR).
1.3 User Account
If you create a PDFlike account (including for a free trial of our services) via our website, mobile apps, or desktop app, we process your email address and the password you choose at registration.
You can also create a user account for our services using your pre-existing Google, Apple, or Facebook accounts and use that third-party platform’s credentials to log in to your user account with us. If you choose this option, you allow us to request and use some of Your Personal Data from the third-party account.
For Google, this involves us processing your name, surname, email address, and public profile information (e.g. profile picture). For Facebook, we will process your email address and public profile information (username and profile picture). For Apple, this involves us processing your username and email address. The third-party platform may ask for your consent to share this data with us. As the personal data we may process under this option was originally collected by the third-party platform, the initial data processing and sharing of the data with us is governed by the privacy policy of such third-party platforms (thus, either Google, Apple, or Facebook). Please refer to the relevant third-party platform and/or its settings, if you want to deactivate the connection between the third-party platform and us.
We process Your Personal Data to set up your user account and, thus, form a contractual relationship (Art. 6 (1) (1) b GDPR).
For security reasons, we also process the time, browser, IP address of your last login, and the time of your last password reset. We have a legitimate interest to process this information to filter out suspicious login requests and to detect and prevent abuse of your user credentials (Art. 6 (1) (1) f GDPR).
1.5 Email communication, including customer support, newsletters, and other marketing emails
When you communicate with us via email, including for customer support, you provide us with your email address and may provide us with your name, contact details, and other personal data, including the content of your email. We process this information to answer your request (Art. 6 (1) (1) b GDPR).
We may send you our newsletter or other marketing emails, generally only with your consent (Art. 6 (1) (1) a GDPR). However, where you have already purchased products and/or services from us, we may inform you about our similar products or services via email where we have informed you of such a possibility in advance and allowed you to refuse it. We do so under our legitimate interest to promote our business with existing customers (Art. 6 (1) (1) f GDPR). Please note that you can opt out of such email communication by clicking on the unsubscribe link at the end of each marketing email.
For information about third-party providers that we may use for the aforementioned purposes, please visit Section 4 below.
1.6 Service improvement and error detection
a) Website and mobile apps
For our website and mobile apps, we may process information on your default system language, your device, your usage of our services, and information on the pages of our website which you have visited. For error detection, we aggregate this information by shortening your IP address, such that it is not directly attributable to specific users. We only use this information in this aggregated form. We generally use the same type of information, as well as file metadata, for analytical purposes to improve our services by identifying features our users like and how our services function with different devices. We have a legitimate interest to use this information for service improvement (Art. 6 (1) (1) f GDPR). For information on third-party providers that we use for these tasks, please visit Section 4 below.
1.7 Surveys & user feedback
We occasionally conduct voluntary surveys through our website, desktop app, mobile apps, or other methods to collect user feedback. For some of these surveys, we may process Your Personal Data, such as your name, email, and IP address in addition to your feedback/answers. In other cases, we only collect aggregated information that is not directly attributed to specific users (e.g. yes or no answers through a survey field only). We process and store all of the aforementioned information to carry out the surveys (Art. 6 (1) (1) b GDPR) and under our legitimate interest to collect user feedback (Art 6 (1) (1) f GDPR). In some cases, we may also collect your consent (Art. 6 (1) (1) a GDPR). For more information on third-party providers we use for this purpose please visit Section 4 below.
1.9 Our services
a) PDF services
If you choose to use our PDF services and upload or otherwise provide User Files for this purpose, we process the User Files and metadata (such as file size, file name, and file type) and may store User Files as set out in Section 6 below. Such files and information may contain personal data related to you or others and you remain fully responsible for any personal data contained in the User Files. We process this information in order to provide you with our PDF services (Art. 6 (1) (1) b GDPR).
b) Signature/eSign
If you use our eSign tool, we process and store your signature(s) for future use at your convenience. If you are requesting a signature via our eSign tool from someone else, you remain fully responsible for the data processing regarding the other person. In order to verify the signing process, we also process other information on the involved persons/people, such as their email address, their IP address, the time of their signature, and the document status. This is necessary to provide the eSign tool (Art. 6 (1) (1) b GDPR) and is based on our legitimate interest to provide you with an easy-to-use and smooth service as well as to prevent its abuse (Art. 6 (1) (1) f GDPR).
2. How does PDFlike protect Your Personal Data?
In brief: Ensuring the safety and security of our service and Your Personal Data is a priority.
PDFlike uses appropriate technical and organizational measures to protect Your Personal Data. Only authorized PDFlike staff or third-party company staff (i.e. service providers) have access to Your Personal Data. All such staff are required to adhere to our Privacy Notice. Additionally, all third-party employees who have access to Your Personal Data must sign non-disclosure agreements. In addition, PDFlike has contracts in place with third-party companies that have access to Your Personal Data in order to protect it. To protect Your Personal Data, PDFlike maintains a secure IT environment and has measures in place to prevent unauthorized access to it. All communication and file transfers to and from our server are encrypted with TLS. Passwords are only stored in encrypted (hashed) form, never in plain text.
3. How does PDFlike use Your Personal Data?
In brief: We use Your Personal Data to provide you with high-quality services. Your privacy is our priority. We would not use Your Personal Data for any unlawful purposes.
We process Your Personal Data for the purposes listed above.
In specific cases, Your Personal Data may also be processed for the following purposes:
- ● In case we partially or fully sell the company or buy another company in whole or in part. We have a legitimate interest to further the development of our company through mergers and acquisitions (Art. 6 (1) (1) f GDPR).
- ● To comply with our legal obligations, including participation in investigations and proceedings conducted by the government or public authorities (Art. 6 (1) (1) c GDPR).
- ● In case we have a legal obligation to this effect (Art. 6 (1) (1) c GDPR), we may process Your Personal Data to protect our rights and safety, as well as those of our customers and third parties. Although we may not have a legal obligation to do so, we may still process data for this purpose based on our legitimate interest or those of other affected persons in order to assert legal claims (Art. 6 (1) (1) f GDPR).
4. How and for how long do we store Your Personal Data?
In brief: We keep Your Personal Data and the User Files you upload only as long as they are needed for the provision of our services or as required by law.
We will only retain Your Personal Data and User Files you upload for as long as necessary to fulfill the purpose for which it was collected or to comply with legal requirements. To help us, we apply criteria to determine the appropriate periods for retaining Your Personal Data depending on its purpose, such as account maintenance, facilitating client relationship management, and responding to legal claims or requests from authorities.
If you do not have a User Account (see Section 1.4 above) or are not logged in when using our services (e.g. when being asked for a signature via our eSign tool, see Section 1.9 above), we will generally delete User Files within 14 days after the last time they were opened. Please note that this retention period is extended by another 14 days every time you reopen the respective User File. Please note that if you use third-party services to access our services, data retention of User Files by the respective provider may differ.
If you access our services via a User Account, we delete User Files within one hour unless you save them to your file storage. When you choose to delete saved User Files, we generally delete them within 14 days.
5. Which data transfers outside the EU/EEA take place?
In brief: In some cases, we may transfer Your Personal Data outside of Switzerland and will ensure that Your Personal Data is well protected irrespective of its location.
We are located in Switzerland, which has been recognized as a safe third country in an adequacy decision of the European Commission. When you use our services, Your Personal Data may be transferred to recipients located in other countries, including outside the EU/EEA.
Where such a recipient country does not provide for an adequate level of data protection according to the European Commission, we will only transfer Your Personal Data to the recipient country on the basis of appropriate safeguards, such as binding corporate rules, standard contractual clauses (European Commission decision 2010/87/EU), or when another exception under Art. 49 GDPR applies. Please contact us (see “Contact Us” section) to request information on the specific safeguards that are in use for the recipients of Your Personal Data.
6. COOKIES–How and why does PDFlike use them?
In brief: We may use cookies for functional purposes without your consent, or for analytical or advertising-related purposes, if you consent to this.
A cookie is a small piece of data placed on your computer’s hard drive that permits identifying a specific device or browser. We may place our own cookies (first-party cookies) or third-party services integrated on our website may place cookies on your device (third-party cookies). Cookies may typically process personal data, such as your IP address, device information, date and time of your visit to our website, information on your activities on our website, settings you make when visiting our website, and unique identification numbers. There are different types of cookies, such as session cookies (which expire at the end of your browsing session) or persistent cookies (which are stored on your device for a longer period of time and between sessions and can enable the entity that placed the cookie to recognize your device or browser between sessions).
We use cookies for different purposes:
6.1 Cookies for functional purposes
We use cookies or similar technologies that are technically necessary to operate our website or provide its basic functions, such as our payments or keeping you logged in (if you want that). These cookies allow us to operate our site, maintain its security, and provide its key functions. We process Your Personal Data to provide our website to you (Art. 6 (1) (1) b GDPR) and based on our legitimate interest to ensure its security, a smooth user experience, and smooth access to these key functions (Art. 6 (1) (1) f GDPR).
6.2 Cookies for analytical purposes
We use cookies or similar technologies to better understand your use of our website. For example, they help us track the number of visitors to our website and see how users move around our website. This helps us improve the way our website works, for example, by ensuring that users can find what they are looking for. Some of these cookies may be placed by third-party providers (see Section 4 above for details). We only place these cookies with your consent (Art. 6 (1) (1) a GDPR).
6.3 Cookies for personalization and advertising-related purposes
We use cookies or similar technologies to capture your visit to our website, the pages you visit, and the links you follow. We may use this information based on your consent (Art. 6 (1) (1) a GDPR) and will process it to evaluate your preferences to make our website and the advertisements we display more relevant for you. We may also share this information with third parties (see Section 4 above for details). Some of these cookies may track your movements on other websites.
7. Does PDFlike knowingly handle the data of minors?
PDFlike does not knowingly collect or retain the data of minors under the age of sixteen. Such persons are not permitted to use this website except where enabled by a school that has contracted with us, in which case the school is the data controller and is responsible for the respective data processing affecting minors. If you discover that a minor has been using our website, please let us know via the contact information in Section 11 and we will delete their information.
8. Can PDFlike change the terms of this Privacy Notice?
In brief: Changes to this Privacy Notice may occur and will be made available to you.
PDFlike may occasionally make changes and corrections to this Privacy Notice. Please check this Privacy Notice regularly to see the changes and how they may affect you.