Last Modified: May 20, 2022
PDFTron is committed to protecting and respecting your privacy. A reference to "PDFTron", "we", "us" or "our" is a reference to PDFTron Systems Inc. and its affiliates, and we are a 'controller' for the purposes of the data protection laws that apply to us. A list of our relevant affiliates, their websites and associated products we offer can be found by clicking here. We ask that you read this Privacy Notice carefully as it contains important information about our processing and your rights.
This notice further describes how we may collect personal data, with whom we may share it, as well as the choices you have regarding our collection of information and our use and disclosure of that information to other parties.
Note for Xodo users: If you are using Xodo with Google Drive, please note that Xodo`s use and transfer to any other application of information received from Google`s APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements therein.
This notice is provided in a layered format for ease of access. Click on the table of contents to jump to a specific section.
We believe that you should always know what data we collect from you, how we use it, and that you should have meaningful control over both. This notice describes how we use personal data, with whom we share it, your rights and choices, and how you can contact us about our privacy practices.
We collect, use, store, transfer and process different types and categories of personal data about you as follows:
Identity Data includes first name, last name, company name, user pictures and profile pictures (if supplied), username or similar identifier, marital status, title, date of birth and gender.
Contact Data includes postal address, email address and telephone numbers.
Financial Data includes bank account details, credit card information, tax payer identification numbers and billing addresses.
Transaction Data includes details about payments to and from you and other details of any services you have purchased from us.
Technical Data includes internet protocol (IP) address, media access control (MAC) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Product Data includes your information and content you may submit in a PDF, details about any licences you may have with us, preferences, feedback and survey responses.
Usage Data includes information about how you use our website and products.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We do not collect any special categories of personal data about you (such as health data, political opinion, religious beliefs etc). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
3.1. PERSONAL DATA WE COLLECT DIRECTLY FROM YOU
We collect personal data directly from you in the following situations:
3.1.1. DIRECT INTERACTIONS
You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide:
3.2. INFORMATION WE AUTOMATICALLY COLLECT
3.2.1. IP ADDRESSES AND CLICK-STREAM DATA
With regard to each of your visits to our websites or usage of our apps we may automatically collect the following information:
The information collected cannot typically be used to identify you personally. However, if you have specifically informed us of your identity (for example by registering for something or providing us with your contact information), it may be possible for us to link certain information to information that identifies you personally.
3.2.2. Digital Markers (including Cookies), Online Tracking Technologies, Online Interest Based Advertising
A digital marker is created by a website visitor’s Internet browser to maintain certain pieces of information for the website to reference during the same or subsequent visits. Examples of digital markers are cookies or HTML5 Web storage. Among other things, digital markers can allow a website to recognize a previous visit each time the visitor accesses the website, and track what information is viewed on a website.
We use sessional and persistent digital markers on some portions of our websites. Digital markers are created when you visit our websites. Sessional markers exist while you remain on our websites, and persistent markers continue to exist after you have left our websites.
For information on the digital markers (including cookies) we use and the purposes for which we use them see the applicable Cookie Notice for the PDFTron website(s) you may visit.
Similarly, we or our third-party service providers/advertisers may also use "web beacons", "pixel tags" or other tracking technologies, which are typically small pieces of code placed on a web page to monitor behaviour and collect certain data regarding the actions of our visitors online.
These digital markers and other technologies may be used to track across time, sites, and devices. For example, these technologies can be used to analyze your online traffic patterns, to enhance your experience when using our products, to store information during your session, to personalize our websites for you based on your preferences and selections, to target advertising or content to you (as described further below), and to collect information about you and your usage of our websites or apps for other marketing and business purposes. You may adjust your privacy preferences regarding the use of digital markers, including cookies, and similar technologies through your browser. However, disabling cookies may impair your user experience and disable certain features of our websites.
Data about your activities online may be collected for use in providing advertising tailored to your individual interests, either by us, or third parties. We may work with third parties such as network advertisers and ad exchanges to serve advertisements across the internet and may use third party analytics service providers to evaluate and provide us and/or third parties with information about the use of these ads on third party websites and viewing of ads and of our content.
3.3. Information we receive from other sources
We may receive personal data about you if you use any of the other websites we operate or the other online projects or services we provide. We are also working closely with third parties (including, for example, business partners, technical and delivery services, advertising networks, analytics providers, search information providers) and may receive personal data about you from them. We may combine this personal data with personal data you give to us and personal data we collect about you to create combined personal data.
We use your personal data to:
We may also use such information for other purposes related to our business or that of our related entities, as well as for any other purpose described in this notice or any other agreement you may enter with us or otherwise as we may disclose to you or to which you consent from time to time, or for other purposes as required or permitted by applicable law.
We are allowed to process your personal data based on the following legal bases:
We may share your personal data with any member of our corporate group, which means our subsidiaries, our parent company and its subsidiaries.
We do not sell or rent personal data to marketers or unaffiliated third parties. We may share your information with selected third parties including:
7.1 WHERE DO WE STORE YOUR PERSONAL DATA?
PDFTron is based in Canada, other group companies are based in other jurisdictions, including in the US, New Zealand, Europe and the UK. The information (including any personal data) we collect is transferred, maintained, stored, and processed in Canada, the US, Europe and the UK and other countries outside Canada where our or our service providers’ facilities may be located. Regardless of where you are located, we carry out these transfers in compliance with applicable laws.
If you are based in Canada, you understand and agree that we may store and process the information you provide to us in Canada and other countries. The data protection and privacy laws in those countries may offer a lower level of protection than the data protection and privacy laws of your country. Also, this information may be subject to access requests from governments, courts, or law enforcement in Canada and foreign countries according to their laws.
If you are located in the UK, European Economic Area or Switzerland, your personal data is transferred outside of the UK, European Economic Area or Switzerland in order for our service providers to provide their services to us. The data protection and privacy laws in those other countries may offer a lower level of protection than the UK and European data protection laws. We ensure that we put mechanisms in place in order to transfer your personal data securely and in accordance with applicable data protection laws. If you want to know more about our international transfers, you can contact us.
7.2 IS MY PERSONAL DATA SECURE?
We implement appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. Among the steps we take in order to protect your information are:
Unfortunately, no transmission of information via the internet or storage of information is completely secure. Although we take commercially reasonable steps to protect your personal data, we cannot guarantee the security of your data transmitted to our websites or apps that we store.
7.3 RETENTION OF PERSONAL DATA
Personal data will be retained in accordance with this notice for as long as may be necessary or relevant for the purpose of collection, or as may be required or permitted by applicable law, after which time it may be made anonymous or destroyed unless you further consent to its continued retention.
7.4 INTEGRATED SERVICES
Our websites and apps may, from time to time, contain links to and from third party websites including those of our partner networks and advertisers. If you follow a link to any of those websites, please note that they have their own privacy notices and that we do not accept any responsibility or liability for those notices. Please check these notices before you submit any personal data to those websites.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Please be aware that there are exceptions that apply to some of these rights, which we will apply in accordance with applicable data protection laws.
|Your data protection rights||What does this mean?|
|Right to be informed||You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and what your rights are. This is why we are providing you this privacy notice.|
|Right of access|
You have the right to obtain access to your personal data we process and certain other information (similar to that provided in this privacy notice).
You may ask for:
To help us find the information, please give us as much information as possible about the type of personal data you would like to see.
|Right to rectification||You are entitled to have your information corrected if it is inaccurate or incomplete. If you would like us to do this, please contact us.|
|Rights to ask us to stop contacting you with direct marketing||You can ask us to stop contacting you for direct marketing purposes. If you would like to do so, please contact us. Alternatively, you can also click the ‘unsubscribe’ button at the bottom of the applicable emails you receive. It may take up to 7 days for this to take place.|
|Rights in relation to automated decision making||These rights are not applicable as we do not carry out any automated decision making.|
|Right to erasure|
This is also known as the ‘right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where:
|Right to restrict processing|
You have rights to ‘block’ or suppress further use of your information. When processing is restricted we can still store your information, but may not use it further. You may request that we stop processing your personal data temporarily if:
|Right to data portability||You have rights in certain circumstances to obtain and reuse your personal data for your own purposes across different services.|
|Right to object to processing||You have the right to object to certain types of processing, including processing based on our legitimate interests and processing for direct marketing.|
|Right to withdraw consent|
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, that does not mean anything we have done with your personal data with your consent up to that point is unlawful).
Please contact us if you wish to withdraw your consent to anything we do with your personal data.
In order to exercise these rights, you may contact us as described in the Contact Us section below. We will comply with your request to the extent required by applicable law. If you feel that you have not received a satisfactory response from us, you may consult with the data protection authority in your country. In the UK, you have a right to complain to the Information Commissioner's Office (ICO). Information about how to do this is available on its website at www.ico.org.uk.
Any changes we may make to our notice in the future will be posted on this page. The date this notice was last revised is identified on the top of this page. Please check back frequently to see any updates or changes to our notice.
If you have any questions, comments and requests regarding this notice, how we handle your personal data, or if you would like to exercise any of your rights, please email our Privacy team at Privacy@pdftron.com or send a letter to: 500-838 West Hastings Street, Vancouver BC V6C 0A6 Canada. If you live in the UK or Europe you can contact our European representative by mail at Osano International Compliance Services Limited, ATTN: IKOL, 25/28 North Wall Quay, Dublin 1, D01 H104, Ireland.
California residents may have additional rights under the California Consumer Privacy Act (“CCPA”) with respect to certain personal data that is not covered under a federal law. If you are a California resident, this section details your rights under the CCPA, how you may exercise those rights, and what we will do in response.
The CCPA requires us to disclose information regarding the categories of personal data we have collected about California consumers (as that term is defined in the CCPA) during the preceding twelve (12) months, the categories of sources from which the personal data was collected, the business or commercial purposes for collecting the personal data and the categories of personal data disclosed to third parties. The sources of identity, contact and financial data are from direct interactions with you, whereas the remainder of the data categories listed below are either automatically collected (including Hotjar) or come from digital markers and online tracking technologies. Please see section 2 and 3 above for further details. In the preceding 12 months, we collected and disclosed the following personal data about California consumers:
|Categories of personal data collected and disclosed to third parties||Examples of Uses/business purposes|
|Identity data||Collected to provide you the information, products and services you request; respond to enquiries from you; schedule meetings with you; manage our relationship with you; carry out agreements entered into between you and us. Disclosed to our other group companies, business partners and suppliers when this is necessary to provide our services to our users or for the performance of any contract we enter into with you.|
|Contact data||Collected to provide you the information, products and services you request; respond to enquiries from you; schedule meetings with you; manage our relationship with you; carry out agreements entered into between you and us. Disclosed to our other group companies, business partners and suppliers when this is necessary to provide our services to our users or for the performance of any contract we enter into with you.|
|Financial data||Collected to carry out any agreements entered into between you and us. Disclosed to our service providers who provide certain services on our behalf such as data hosting or processing services. We will use contractual arrangements to protect personal data disclosed to these service providers.|
|Transaction data||Collected to carry out any agreements entered into between you and us. Disclosed to service providers who provide certain services on our behalf such as data hosting or processing services. We will use contractual arrangements to protect personal data disclosed to these service providers|
|Technical data||Analytics and search engine providers that assist us in the improvement and optimisation of our products; our service providers who provide certain services on our behalf such as data hosting or processing services. We will use contractual arrangements to protect personal data disclosed to these service providers|
|Product data||Analytics and search engine providers that assist us in the improvement and optimisation of our products.|
|Usage data||Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. Such disclosures are typically aggregate information about our users and analyses of our server logs, traffic, or information relating to customer leads, including details regarding usage of our websites or apps and general information about our audience, and are not generally considered to be personal data; analytics and search engine providers that assist us in the improvement and optimisation of our products|
|Marketing & Communications data||Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. Such disclosures are typically aggregate information about our users and analyses of our server logs, traffic, or information relating to customer leads, including details regarding usage of our websites or apps and general information about our audience, and are not generally considered to be personal data; analytics and search engine providers that assist us in the improvement and optimisation of our products.|
PDFTron does not sell any personal data and does not have actual knowledge that it sells the personal data of users under 16 years of age.
In addition, we may share personal data of California consumers:
California residents have the right to access and request:
California residents have the right to request the deletion of their personal data. However, this right does not apply to personal data that we need in order to:
California residents have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights hereunder.
To exercise any of your rights as a consumer please submit a verifiable consumer request to us. You may submit a verifiable consumer request by emailing us at email@example.com or contact us via our website at https://www.pdftron.com/form/contact-us/. A California consumer may only make a verifiable request to exercise their rights twice within a 12-month period. The verifiable request must: (1) provide sufficient information for us to verify your identity, and (2) be in sufficient detail that we can reasonably understand the request, evaluate it, and respond. You may have an authorized agent submit a request to know, or a request to delete so long as you provide the authorized agent with written permission to submit the relevant request and you verify your own identify directly with us. Such restrictions do not apply where you provide your authorized agent with power of attorney pursuant to California Probate Code sections 4121 to 4130. If we are unable to verify your request then we will be unable to provide you with the information you seek or delete any personal data we retain.
Convert to PDF