Privacy

Handling your data is a serious responsibility, and we want you to know how we go about doing that.

• This policy is effective from 15th November 2024
• This policy was last modified on 15th November 2024

Introduction

The File Converter website at file-converter.org is owned and operated by Zamzar Limited. Zamzar Limited is a provider of file conversion services based in England. Our company number is 06463494 and our registered office is at The Courtyard, Shoreham Road, Steyning, West Sussex, BN44 3TN. All references in this policy to "File Converter", "Zamzar", "our", "us" or "we" refer to Zamzar Limited, or our suppliers which provide services to us, as appropriate.

This Privacy Policy lets you know what happens to any personal data that you give to us or that we collect from you. We collect only the minimum amount of personal information necessary for you to make use of our Services; we ensure that we meet our responsibilities under the General Data Protection Regulation (GDPR) and the retained EU law version of the GDPR (UK GDPR) that applies in the UK, along with the Data Protection Act 2018 (DPA 2018); and we will only ever use your data as this Privacy Policy describes. We are registered with the UK Information Commissioner's Office (ICO) in the Register of Data Controllers (registration number Z1127652). MCF Legal Technology Solutions Limited is our appointed EU Representative and can be contacted at zamzar@mcf.ie or MCF Legal Technology Solutions Limited, Riverside One, Sir John Rogerson's Quay, Dublin 2, Ireland.

Applicability of This Privacy Policy

This Privacy Policy applies to the File Converter website at file-converter.org (the "website"), our web application available on the website (the "Services") and other interactions (e.g. customer service inquiries, live chat etc.) you may have with us.

This Privacy Policy does not apply to any third party applications or software that integrate with the Services, or any other third party products, services or businesses, where we are not the controller of your personal data.

This Privacy Policy is separate to our Terms of Service, which set out the legal terms governing delivery, access and use of the Services (the "Terms of Service").

1. How We Handle Your Data

1.1 Information We Collect

Information from website browsers

What do we collect?

If you are browsing the website, we collect the same basic information that many other websites collect. We use common Internet technologies, such as cookies and web server logs. This is information we collect from everybody who visits our website, whether they have an account or not. More information on cookies may be found here.

The information we collect about all visitors to our website includes the visitor's browser type ("User Agent"), language preference, referring site, and the date and time of each visitor request. We also collect potentially personally-identifying information like Internet Protocol (IP) addresses.

Why do we collect this?

We collect this information to better understand how our website visitors use the website, to monitor and protect the security of the website and to protect against abuse of the Services. We also use this information to recognise you when you return to our website, to store information about your preferences, and to allow us to customise the website according to your individual interests.

Information from users converting files

What do we collect?

If you convert a file using our services we may collect your email address (if you provide it) along with details of the filename or file URL.

Why do we collect this?

We collect this information in order to provide our file conversion services to you – without this information we are not able to convert your files or provide you with a link to download your converted files.

People who contact us with enquiries

What do we collect?

If you contact us with an enquiry, we will collect the information provided when you correspond with us, such as your name, your address, your email address and your telephone number.

Why do we collect this?

We will collect, use and store the personal information listed above to deal with any enquiries or issues you have about our Services, including any questions you may have about how we collect, store and use your personal information, or any requests made by you for a copy of the information we hold about you.

1.2 Information We Do Not Collect

We do not intentionally collect or store special categories of personal data, such as genetic data, health information, or religious information. Although we do not request or intentionally collect any special categories of personal data, we realize that you may transmit this kind of information in your in the files that you convert.

If you ask us to convert or store any files containing special categories of personal data on our servers, located in the United States, we will only do so on your instructions as a data processor and in accordance with our Data Processing Agreement with you. You are the controller of this data and you must ensure that you have a legal basis to share this data with us.

1.3 How We Use Your Information and our Legal Basis for doing so

We use the information you provide to us in a number of ways and we have set out our legal basis for processing your information below:

To provide, update and maintain the Services we offer to you

This is the most common usage of your information. We use your personal information to provide various file conversion Services to you, in accordance with our Terms of Service. In particular, we will use your data to: convert the files that you provide us with into different formats; and if you provide us with an email address, send you links to download those files to that email address.

Our use of your personal information in this way is necessary to perform our obligations to provide the Services to you, under our Terms of Service.

To communicate with you by responding to your requests, comments and questions

If you contact our support team we may use the information that you provide to us in order to help us respond to your enquiry.

Our use of your personal information in this way is necessary to perform our customer service obligations to you, under our Terms of Service.

If we do not have a contract with you, we may process your personal information for these purposes where it is in our legitimate interests to do so for customer services purposes.

As required by applicable law, legal process or regulation

We may use your information to comply with court orders and similar legal or regulatory obligations which apply to us.

This may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others to comply, as well as where we are legally required to do so.

To investigate and help prevent abuse or security issues

We may use information such as your IP address to help us prevent abuse of the Services we provide and investigate any potential unauthorized use of those Services or other security breaches.

In these circumstances, we believe we have a legitimate interest in handling your data, and do not believe that this storage and use of your data will be of particular concern to you.

If we rely on our (or another person's) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person's) legitimate interests are not outweighed by your interests or fundamental rights and freedoms which require protection of the personal information. You can ask us for information on this balancing test by using the contact details at section 5.5.

We also collect and use data which is aggregated or anonymised for certain business purposes, such as creating aggregate statistics or reporting. However, no single individual will be identifiable from the anonymised details we collect for these purposes.

1.4 Cookies

What are cookies?

Cookies are small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. They allow a website to recognize a particular device or browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.

For further information on deleting, disabling, blocking and controlling cookies please visit http://www.allaboutcookies.org

Does File Converter use cookies?

Like many sites, we use cookies to make interactions with our Services easy and meaningful. We also use cookies to keep you logged in, remember your preferences and allow us to provide a more convenient service to you.

When you use our Services, we and certain partners may use cookies to recognize you and to otherwise customize your online experiences and other content. We and certain partners may also use cookies to measure the effectiveness of promotions; and mitigate risk and prevent potential fraud across the Services. Certain aspects and features of the Services are only available through the use of Cookies, so if you choose to disable or decline Cookies, your use of the Services may be limited or not possible.

Where possible, security measures are set in place to prevent unauthorized access to our cookies.

How do I control my cookies?

You can update your preferences in cookie settings.

What cookies does File Converter use?

We use the following cookies:

What can you do if you don't want any cookies to be set or want them to be removed?

Some people prefer not to allow cookies, which is why most browsers give you the ability to manage cookies to suit you. In some browsers you can set up rules to manage cookies on a site-by-site basis, giving you more fine-grained control over your privacy. What this means is that you can disallow cookies from all sites except those that you trust.

Browser manufacturers provide help pages relating to cookie management in their products. Please click on the links below for more information on how to manage your cookie settings.

• Google Chrome
• Internet Explorer
• Mozilla Firefox
• Safari (Desktop)
• Safari (Mobile)
• Android Browser
• Opera
• Opera Mobile

1.5 Tracking

Website Analytics

We use Google Analytics and Plausible Analytics as third party tracking services, but do not use it to track you individually. We use these services to collect information about how our website performs and how our users, in general, navigate through and use the website to help us evaluate our users' use of the services; compile statistical reports on activity; and improve our content and website performance.

We look to protect your privacy by anonymizing your IP address prior to sending it to these services and we only gather certain basic information, such as your browser type, referring and exit pages, time stamp, and similar data about your use of the website. We do not link this information to any of your personal information.

Google provides further information about its own privacy practices and offers a browser add-on to opt out of Google Analytics tracking.

Other Tracking

We may integrate functionality from third party social media websites (such as Facebook or X - formerly Twitter) into our Services, for example by providing "like" or "share" buttons on some pages. These buttons may enable those services to track your visit to the website.

2. How We Share Data

2.1 Sharing Your Information

We may share personal information with a limited number of third-party vendors who process it on our behalf in order to provide or improve our Services, and who have agreed to privacy restrictions and security obligations consistent with this Privacy Policy.

We will share your personal information with the following third-party vendors:

• Amazon Web Services, Inc who provides server hosting and content distribution networks (CDN's) services;
• CookieYes Ltd, who provide compliance services
• Google LLC, WeTransfer B.V., and Habla, Inc, who provide customer support tooling;
• IBM SoftLayer Technologies. Inc who provides server hosting services;
• MacStadium, Inc who provides server hosting services;
• Plausible Insights OÜ and Slack Technologies Inc, who provide business support services.
• The Rocket Science Group, LLC who provide email sending services;

When we transfer your data to our vendors, we remain responsible for it. We try to ensure that any third parties with whom we share your personal information are limited (by law and by contract) in their ability to use your personal information for any purpose other than to provide services for us.

We may share personal information where it is in our legitimate interests to do so to run, grow and develop our business if we are involved in a merger, sale, or acquisition, including a bankruptcy sale. If any such change of ownership happens, we will ensure it is under terms that preserve the confidentiality of personal information, and we will notify you on our website or by email before any transfer of your personal information.

2.2 Third Party Advertising

We do not host any third party advertising at file-converter.org.

2.3 Legal Disclosures

We may disclose personally-identifying information or other information we collect about you in response to a valid subpoena, court order, warrant, or similar government order, or when we believe in good faith that disclosure is reasonably necessary to protect our property or rights, or those of third parties or the public at large. This may include exchanging personal information with other organisations for the purposes of fraud protection and credit risk reduction.

We will also disclose your personal information to third parties in order to enforce or apply our terms and conditions or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity.

2.4 Notice for Nevada Consumers

We do not sell your personal information within the scope of, and according to the defined meaning of a “sale” under, NRS 603A.

3. How We Manage Data

3.1 Security

We take the security of data very seriously, and we work hard to protect any information you provide to us from loss, misuse, and unauthorized access or disclosure. We take all reasonable precautions to safeguard the confidentiality of your personal information, including through use of appropriate organisational and technical measures. These measures take into account the sensitivity of the data we collect, process and store, and the current state of technology.

Given the nature of communications and information processing technology, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, but we do our utmost to protect it. Once we have received your personal information, we will use strict procedures and security features to prevent unauthorised access to it.

As a minimum we take the following measures to secure your data:

• Physical Security - Our infrastructure is only hosted in data centres which meet rigorous security standards. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilising video surveillance, intrusion detection systems, and other electronic means.
• Data Transfer Integrity - All traffic to and from our servers is secured by transport level security (TLS) sent over a Secure Socket Layer (SSL), and secured using an AES 256-bit SSL certificate. This ensures that data sent between your systems and ours is encrypted using military grade encryption.
• Firewalls - We enforce network level control for access to infrastructure by using multiple different firewall technologies to ensure that different components of its systems are logically isolated from one another.
• Operational Access Controls - Our employees require access to production services for operational reasons. We employ multiple authentication mechanisms to ensure that production systems are accessed only by authorised members of staff and are protected from unauthorised access.
• Software Updates - We regularly applies software patches to production infrastructure in order to ensure a strong security posture to known software vulnerabilities.
• External Accreditation - We take a pro-active approach to security by employing an external company to perform monthly security scans of our infrastructure.
• Bug Bounty Program - We operates an informal "bug bounty" program that encourages security researchers to perform limited and authorised testing of the integrity of our systems.

3.2 Data Retention and Deletion

We will store any files you submit to us for conversion, and their converted outputs on our systems for no longer than 7 days following receipt. After this time they are permanently removed from our storage systems.

We will retain personal information such as your IP address, email address (if provided by you) and browser details for no longer than 30 days. After this time we permanently delete your browser data and anonymise your IP address and email address (if provided by you) so that we can no longer personally identify you.

3.3 International Data Transfers

We may transfer your personal data to countries other than the one in which you live, including to our file server suppliers located in the United States.

If we provide any personal information about you to any entity outside of the European Economic Area or the United Kingdom, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this Privacy Policy. These measures may include:

• entering into European Commission and/or UK Government approved standard contractual arrangements with them;
• ensuring that there is a European Commission and/or UK Government approved adequacy decision in place permitting the personal data transfers;
• putting in place appropriate safeguards recognised by the GDPR, UK GDPR or DPA as applicable; and
• taking all reasonable precautions to ensure that your personal information is treated securely and in accordance with this Privacy Policy

Further details on the steps we take to protect your personal information, in these cases is available from us on request by contacting us by email at info@file-converter.org at any time.

4. Your Rights

If you have any questions about your personal data please contact us by email at info@file-converter.org.

Individuals located in certain countries, including the United Kingdom, the European Economic Area and Switzerland, have certain statutory rights in relation to their personal data. While some of these rights apply generally, certain rights apply only in certain limited circumstances. We describe these rights below.

Please note that we may ask you to verify your identity before taking further action on your request. Additionally your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we are permitted by law or have compelling legitimate interests to keep.

4.1 Right to be Informed

You have the right to be provided with information about the data we hold, our data processing activities and whether we transfer personal data outside of the EAA if you are resident in the EEA, or whether we transfer personal data outside of the UK if you are resident in the UK, along with the methods we use to safeguard such data.

4.2 Right to Access

In some jurisdictions, applicable law may entitle you to request copies of your personal information held by us.

4.3 Right to Rectification

You have the right to ask us to correct inaccurate, out of date or incomplete personal information concerning you (and which you cannot update yourself within the Services).

4.4 Right to Erasure

We generally retain any personal information for as long as is necessary for the performance of the contract between you and us and to comply with our legal obligations. If you no longer want us to use your information to provide the Services to you, you can request that we erase your personal information and (if you have one) close your user account. Please note that if you request the erasure of your personal information:

• We may retain some of your personal information as necessary for our legitimate business interests, such as fraud.
• We may retain and use your personal information to the extent necessary to comply with our legal obligations.
• Because we maintain the Services to protect from accidental or malicious data loss and destruction, residual copies of your personal information may not be removed from our backup systems for a limited period of time.

4.5 Right to Object / Restrict Processing

In some jurisdictions, applicable law may entitle you to request us not to process your personal information for certain specific purposes where such processing is based on our (or another party's) legitimate interests. If you object to such processing we will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise or defence of legal claims.

4.6 Right to Data Portability

You may be entitled to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible). This right only applies where we use your personal information on the basis of your consent or performance of a contract; and where our use of your information is carried out by automated means.

5. Other Important Information

5.1 Data Processing Agreement

Zamzar Ltd will be the controller of personal data provided to, or used in connection with our Services, as described in this Privacy Policy.

To the extent that we act as a data processor on your behalf in connection with the performance of our Services, we will enter into a separate "Data Processing Agreement" with you. You can find out more information on this Data Processing Agreement by emailing us at info@file-converter.org.

5.2 Lodging Complaints with the Data Protection Authority

If you are a resident of the European Economic Area and believe we are the controller of your personal data within the scope of the General Data Protection Regulation (GDPR), you have the right to lodge a complaint with your local data protection authority. If you are a resident in the United Kingdom and believe we are the controller of your personal data within the scope of the UK GDPR and the DPA 2018, you may send complaints to:

UK Information Commissioner
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
United Kingdom

Phone: +44 1625 545 745
Fax: +44 1625 524 510
Email: casework@ico.org.uk

5.3 Age Limitations

If you're a child under the age of 13, you may not use our Services. We do not knowingly collect information from or direct any of our content specifically to children under 13.

5.4 Changes to This Privacy Policy

We may change this Privacy Policy from time to time. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We will post the changes to this page and update the "last modified date" when we do. We would encourage you to review our Privacy Policy to stay informed. If we make changes that materially alter your privacy rights, we will provide additional notice, such as via email or through the Services. If you disagree with the changes to this Privacy Policy, you should cease use of the Services.

5.5 Do Not Track Signals

California and Delaware law require us to indicate how we respond to Do Not Track ("DNT") browser signals. We do not respond to Do Not Track ("DNT") browser signals. For more information on DNT settings generally, please visit https://allaboutdnt.com.

5.6 Contacting Us

Please feel free to contact us if you have any questions about this Privacy Policy or complaints about our practices relating to your personal information, or if you are seeking to exercise any of your rights described in this Privacy Policy. You may contact us at info@file-converter.org or at our mailing address below.

If you are resident in the UK we can be contacted at the following address:

Zamzar Ltd
The Courtyard
Shoreham Road
Steyning
West Sussex
BN44 3TN
United Kingdom

If you are resident in the European Economic Area, you may contact our EU Representative at zamzar@mcf.ie or at our mailing address below:

MCF Legal
Technology Solutions Limited
Riverside One
Sir John Rogerson's Quay
Dublin 2
Ireland