Privacy Policy

Softflakes, Inc (“Company”, “we”, “us”, or “our”) is committed to protecting your privacy. This privacy policy (“Privacy Policy”) describes how and why we might collect, store, use, and/or share and otherwise process, in our capacity as data controller, the Personal Data (as defined below) we may collect relating to you when you (the “User(s)” or “you”) use our services (the “Services”), such as when you:

Visit our website at https://www.pdfsmart.com, or any website of ours that links to this privacy notice
Pay for your subscription;
Engage with us in other related ways, including any sales, marketing, or events

This Privacy Policy has been drafted in light of the General Data Protection Regulation (“GDPR”) and the Data Protection Act no. 78-17 of 6 January 1978 as amended and related CNIL standards and recommendations (the “Applicable law”). We are committed to follow the GDPR in all data processing operations in the European Economic Area and where it otherwise applies.

Questions or concerns? Reading this Privacy Policy will help you understand your rights and choices in terms of data protection. If you still have any questions or concerns, please contact us at [email protected].

SUMMARY OF KEY POINTS

This summary provides key points of our Privacy Policy, but you can find out more details about any of these topics by clicking the link following each key point or by using our table of contents below to find the section you are looking for.

What Personal Data do we process? When you visit, use, or navigate the Site(s) and our Services, we may process Personal Data depending on how you interact with us and the Services, the choices you make, and the products and features you use. The Personal Data we collect about you includes the following: surname, name, email address and payment data.
Do we process any sensitive personal data? We do not process sensitive personal data.
How do we process my Personal Data? We process your Personal Data to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so.
In what situations and with which parties do we share Personal Data? We may share Personal Data in specific situations and with specific third parties.
How do we keep your Personal Data safe? We have organizational and technical processes and procedures in place to protect your Personal Data, including encryption. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
What are your rights? You have the following rights : the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and to withdraw any consent you have given and the right to direct how your Personal Data should be used after your death.
How do I exercise my rights? The easiest way to exercise your rights is by filling out our data subject request form available here or by contacting us at [email protected]. We will consider and act upon any request in accordance with applicable data protection laws.
Want to learn more about what we do with any Personal Data we collect? Click here to review the notice in full.

1. WHAT PERSONAL DATA DO WE COLLECT?

“Personal Data” refers to any information that may be used, alone or in combination with other information, to identify you.

We collect Personal Data that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or when you otherwise contact us.

The Personal Data that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use.

The Personal Data we collect may include the following:

Identification Data: your name, surname, email address, mailing address, usernames);
Financial Data: includes the cardholder's name and bank card number, the expiry date, the visual cryptogram, the transaction number and details, the date and amount of the transaction. It is specified that the Company does not have access to these bank details and does not store them. This data is collected by our payment management provider ;
Technical Data: includes information collected by way of log files, namely internet protocol (IP) address, browser type and version, Internet Service Provider (ISP), date and time stamp, referring/exit pages, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our Site.

We do not process sensitive information. We may incidentally collect Personal Data included in the documents you share with us when using the Services.

We may provide you with the option to register with us using your existing social media account details, like your Facebook, Twitter, or other social media account. If you choose to register in this way, we will collect the information described in the section called “HOW DO WE HANDLE YOUR SOCIAL LOGINS?” below.
The Site also collects information through cookies and similar technologies. We also automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, other technical information and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called “crash dumps”), and hardware settings). This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

2. HOW DO WE PROCESS YOUR INFORMATION?

We process your Personal Data for a variety of reasons, depending on how you interact with our Services, including:

To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order;
To provide you with the Services;
To provide a Cloud storage service;
To respond to requests for information using the contact form available on the Site or by e-mail to the address indicated above;
To communicate to you important notices, such as information about changes to the Site(s) and Service updates;
To ensure that the Site and its functionalities are optimized and constantly improved;
Enable us to meet our legal obligations;
Carry out statistics, studies and other marketing actions;
To manage and respond to requests from Users who exercise their rights;
To prevent and detect unlawful behaviour, and protect or enforce our legal rights, for example defending the company in case of legal disputes.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

As such, we may rely on the following legal bases to process your Personal Data:

Consent. We may process your Personal Data if you have given us your consent to use your Personal Data for a specific purpose. You can withdraw your consent at any time by using the contact details provided in the section “HOW CAN YOU CONTACT US ABOUT THIS PRIVACY POLICY?”.
Legal Obligations. We may process your Personal Data where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
Our legitimate interests. We may process your Personal Data where it is necessary for our legitimate interests as a company, including to manage, promote and improve our business and manage our risk.

Your Personal Data may only be disclosed to the following recipients or categories of recipients, within the limits of their respective responsibilities and insofar as such disclosure is strictly necessary to achieve the purposes set out in this Privacy Policy.

Authorized employees of Softflakes INC’s marketing, administrative and IT departments;
Persons in charge of internal and external control;
Service providers. We may disclose your Personal Data to companies that provide services to us linked to our Services which are not permitted to use your Personal Data for any other purpose than to carry out the services they are performing for us;
Third parties in connection with a business sale. We may share or transfer your Personal Data in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company;
Third parties, where required by law: We may disclose your Personal Data to a third party if it is necessary to comply with a legal obligation or the decision of a judicial authority, a public authority or a government body, or if disclosure is necessary for national security, law enforcement or other issues of important public interest;
Other third parties with your consent. We may also share your Personal Data with other third parties when you specifically consent to such sharing with associated specific purposes.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

During your browsing on the Site, cookies may be placed on your terminal (computer, mobile, tablet), subject to the choices you have made and which you may modify at any time.

These cookies are managed by the User's web browser.

To find out more about cookies and their impact, please consult the "How it works" section of the CNIL website, which can be accessed here.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive. Our Site uses cookies to distinguish you from other users of our Site. This helps us provide you with a good experience when you browse our Site and also allows us to improve our Site.

A cookie will typically contain a record of the website which issued it, its own name, and a value which is often a randomly generated unique number.

There are several categories of cookies:

Technical cookies: these cookies are purely technical, are not intended for profiling and are strictly necessary for the provision of the service of consulting the resources available on your online media library. They enable and/or facilitate electronic communication. Under no circumstances do we use or disclose your information for advertising or commercial purposes. These cookies do not require consent: session cookies and navigation assistance cookies;
Preference cookies: these enable a website to remember information that modifies the way the site behaves or is displayed, such as your preferred language or the region in which you are located;
Marketing cookies: these are used to track visitors through websites. The aim is to display advertising that is relevant and interesting to the individual user and therefore more valuable to third-party publishers and advertisers;
Statistics cookies: These cookies are used to improve the quality of our services and enable us to track site traffic;
Unclassified cookies: these are cookies that are in the process of being classified, as well as individual cookie suppliers.

The following cookies are used on the Site:

Type of cookie	Name of the cookie	Type of cookie	Who manages them?	Function	Duration
Strictly necessary cookies	pusherTransportTLS	HTML	Data controller	Technical cookie that synchronizes the website with the SGC. This is used to update the site.	Persistent
Strictly necessary cookies	cf_chl_1	HTTP	Data controller	This cookie is part of the services provided by Cloudflare - including load balancing, website content delivery and DNS connection for website operators.	1 day
Strictly necessary cookies	XSRF-TOKEN	HTTP	Data controller	Ensures the security of visitors' browsing by preventing the falsification of requests between sites. This cookie is essential for the security of the website and the visitor.	1 day
Strictly necessary cookies	CookieConsent	HTTP	Cookiebot	Stores the user's permission to use cookies for the current domain	1 year
Strictly necessary cookies	1.gif	Pixel	Cookiebot	Used to count the number of sessions on the website, necessary to optimise the delivery of CMP products.	Session
Strictly necessary cookies	test_cookie	HTTP	Google	On hold	1 day
Statistics cookies	td	Pixel	Google	Records statistical data on the behaviour of visitors to the website. Used for internal analysis by the website operator.	Session
Marketing cookies	IDE	HTTP	Google	Used by Google DoubleClick to record and report the site user's actions after seeing or clicking on one of the advertiser's ads in order to measure effectiveness and present targeted advertisements to the user.
Marketing cookies	pagead/landing [x2]	Pixel	Google	Collects data on visitor behaviour from several websites in order to present more relevant advertising. This also allows the website to limit the number of times the same advertisement is shown to the visitor.	Session
Marketing cookies	ads/ga-audiences	Pixel	Google	Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites.	Session
Marketing cookies	pagead/1p-user-list/#	Pixel	Google	Identifies whether the web surfer has shown interest in specific products or events on several websites, and how the surfer navigates between sites. This is used to measure advertising efforts and facilitates the payment of referral fees between websites.	Session
Marketing cookies	csi	Pixel	Google	Collects data on visitors' preferences and behavior on the website - This information is used to make content and advertising more relevant to the visitor in question.	Session
Marketing cookies	_ga	HTTP	Google	Used to send data to Google Analytics about the visitor's device and behaviour. Follows the visitor across devices and marketing channels.	2 years
Marketing cookies	_ga_#	HTTP	Google	Used to send data to Google Analytics about the visitor's device and behaviour. Follows the visitor across devices and marketing channels.	2 years
Marketing cookies	_gcl_au	HTTP	Google	Used by Google AdSense to test the effectiveness of advertising on various websites using their services.	3 months
Marketing cookies	ads/ga-audiences	Pixel	Google	Used by Google AdWords to re-engage visitors who are likely to convert into customers on the basis of their online behaviour on websites.	Session
Marketing cookies	_uetsid	HTML	Microsoft	Used to track visitors across multiple websites, in order to present relevant advertising based on visitor preferences.	Persistent
Marketing cookies	_uetsid_exp	HTML	Microsoft	Contains the expiry date of the cookie with the corresponding name.	Persistent
Marketing cookies	_uetvid	HTML	Microsoft	Used to track visitors across multiple websites, in order to present relevant advertising based on visitor preferences.	Persistent
Marketing cookies	_uetvid_exp	HTML	Microsoft	Contains the expiry date of the cookie with the corresponding name.	Persistent
Marketing cookies	MUID	HTTP	Microsoft	On hold	1 year
Marketing cookies	_uetsid	HTTP	Microsoft	Collects data on visitor behavior from several websites in order to present more relevant advertising. This also enables the website to limit the number of times the same ad is shown to the visitor.	1 day
Marketing cookies	_uetvid	HTTP	Microsoft	Used to track visitors across multiple websites, in order to present relevant advertising based on visitor preferences.	1 year
Unclassified cookies	__openreplay_pageno	HTML	static.openreplay.com	Pending	Session
Unclassified cookies	__openreplay_tabid	HTML	static.openreplay.com	Pending	Session
Unclassified cookies	pdfsmart_session	HTTP	Data controller	Pending	1 day

With the exception of strictly necessary cookies, which are constantly active, the User may refuse cookies by activating the cookie settings via a dedicated screen. If the User does not wish to consent to the use of cookies by the Company, the User may refuse cookies and/or refuse access to previously stored information by using his/her web browser.

The web browser functions that enable the User to do this vary from one browser to another. If cookies are disabled, the User may not be able to use all of the interactive features of the Site and this may limit the service that the Company is able to provide via the Site.

As mentioned above, the Sites uses Google Analytics, an analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to personalize ads, and for advertising purposes (personalized ads or not). We employ Google Signals on our Site, enabling Google Analytics to link session data collected from our site and apps with Google's information from signed-in, consented users. You retain the right to access and delete any such data through Google's My Activity feature.

For more information about how Google uses your Personal Data, please see here.

The information generated by the cookie about your use of the Site(s) (including your IP address) will be transmitted to Google in the USA.

You may prevent Google from collecting and using data (cookies and IP address) by downloading and installing the browser plug-in here.

Follow these links for further information concerning the terms and conditions of our use of Google analytics External reference, the information that Google provide on data privacy and security, and Google’s data privacy notice.

The information stored on the User's browser used to identify the User and to enable traceability, as well as the raw data on the User's use of the Site associated with an identifier, will only be kept by us for a maximum period of thirteen (13) months. After this period, the data is either deleted or made anonymous.

It is possible to configure your browser so that cookies are stored in the terminal or rejected, either systematically or according to the sender, or so that you are informed when a cookie is stored in the terminal, allowing you to accept or reject it.

However, deleting all cookies used by the browser, including those used by other websites, may lead to the alteration or loss of certain settings or information.

The configuration of each browser is different. It is your responsibility to follow the instructions of your browser's publisher as follows (links available at the time of updating this page):

If you use Internet Explorer: https://support.microsoft.com/fr-fr/help/278835/how-to-delete-cookie-files-in-internet-explorer
If you use Firefox: https://support.mozilla.org/fr/kb/protection-renforcee-contre-pistage-firefox-ordinateur?redirectslug=enable-and-disable-cookies-website-preferences&redirectlocale=en-US
If you use Safari: https://support.apple.com/fr-fr/105082
If you use Chrome: https://support.google.com/chrome/answer/95647?hl=fr

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control.

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or Twitter logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, and profile picture, as well as other information you choose to make public on such a social media platform.

We will use the information we receive only for the purposes that are described in this Privacy Policy or that are otherwise made clear to you on the relevant Services.

Please note that we do not control, and are not responsible for, other uses of your Personal Data by your third-party social media provider. We recommend that you review their privacy notice to understand how they collect, use and share your Personal Data, and how you can set your privacy preferences on their sites and apps.

7. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We will only keep your Personal Data for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this Privacy Policy will require us keeping your Privacy Policy for longer than the period of time in which users have an account with us.

In particular, we apply the following retention periods for these few main categories of Personal Data:

For Identification Data,
- when you create an account, we keep your Personal Data for as long as your account is active;
- when you do not create an account:
30 days when you use the Services anonymously (i.e. when your email address has not been provided)
60 days after the account is suspended when you are identified with your email address.
For Financial Data, the data is kept until the last payment due date of the subscription.

When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymize such information, or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any Personal Data we process such as encryption. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot guarantee the security of your Personal Data transmitted to us using unsecured means. Although we will do our best to protect your Personal Data, transmission of Personal Data to and from our Services is at your own risk. You should only access the Services within a secure environment.

9. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that Personal Data from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at [email protected]

10. INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA

When we share your Personal Data with companies with whom we contract, such companies may be located outside the European Union in countries with different laws for protection of Personal Data than the laws in your country of residence.

Before transferring your Personal Data outside the European Union, we will take steps to ensure that such data will be afforded the same level of protection as under applicable data protection laws within the European Union. For data transfers outside of the European Union, we use applicable safeguards, including the standard contractual clauses adopted by the European Commission and will make available a copy to you upon request.

11. WHAT ARE YOUR PRIVACY RIGHTS?

Under the Applicable Law, you have the following rights with respect to your Personal Data:

i. The right to request access and obtain a copy of your Personal Data;
ii. The right to request rectification of your Personal Data. If you would at any time like to review or change the information in your account, you can log in to your account settings and update your user account or contact us;
iii. The right to request the erasure of your Personal Data; If you would at any time like to terminate your account, you can log in to your account settings and update your user account or contact us;
iv. The right to request the restriction of the processing of your Personal Data in accordance with the applicable laws;
v. the right to object to our processing of your Personal Data;
vi. under certain circumstances, the right to demand data portability;
vii. To withdraw any consent you have given. However, please note that this will not affect the lawfulness of the processing before its withdrawal, nor when applicable law allows, will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent;
viii. to direct how your Personal Data should be used after your death.

You can exercise these rights by contacting us by using the contact details provided in the section “HOW CAN YOU CONTACT US ABOUT THIS PRIVACY POLICY?” below.

If you believe we are unlawfully processing your Personal Data, you also have the right to file a complaint with the CNIL (https://www.cnil.fr/).

12. DO WE MAKE UPDATES TO THIS PRIVACY POLICY?

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective on the Site as soon as it is accessible. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your Personal Data.

13. HOW CAN YOU CONTACT US ABOUT THIS PRIVACY POLICY?

If you have questions or comments about this notice, you may email us at [email protected] or by post to: Softflakes, Inc 9450 Southwest Gemini Drive, Beaverton, OR 97008 United States.

This Privacy Policy was last updated on the 06/05/2024