Privacy Policy

Effective Date: January 1, 2026 | Last Updated: January 23, 2026

At SimpleFileTools ("we," "us," or "our"), we are committed to protecting your privacy and ensuring transparency in how we handle your data. This Privacy Policy explains our practices regarding the collection, use, disclosure, and protection of your information when you use our website and services at https://simplefiletools.com (the "Service").

1. Information We Collect

1.1 Files and Content You Upload

When you use our file processing tools (PDF conversion, compression, image conversion, etc.), you may upload files to our servers. We want to make it clear:

• Temporary Processing Only: Files are uploaded solely for the purpose of processing your request (e.g., converting, compressing, merging)
• Automatic Deletion: All uploaded files are automatically and permanently deleted from our servers within 10 seconds after processing is complete
• No Content Access: We do not view, read, analyze, or use the content of your files for any purpose other than performing the requested operation
• No Backup or Archival: Files are never backed up, archived, or stored in any long-term storage systems
• Secure Transmission: All file uploads and downloads are encrypted using SSL/TLS

1.2 Automatically Collected Information

We automatically collect certain technical information when you visit our website:

• Device Information: Browser type, operating system, device type, screen resolution
• Usage Data: Pages visited, time spent on pages, features used, click patterns
• IP Address: Your Internet Protocol (IP) address for security, fraud prevention, and regional analytics
• Cookies and Similar Technologies: See Section 5 for detailed information

1.3 Information We Do NOT Collect

• Personal identification information (name, email, phone number) unless you voluntarily provide it
• Payment information (our services are completely free)
• Social media profiles or login credentials
• Precise geolocation data
• Biometric data

2. How We Use Your Information

We use the collected information for the following legitimate purposes:

2.1 Service Delivery

• Processing your file conversion, compression, and other tool requests
• Delivering processed files back to you
• Ensuring service functionality and performance

2.2 Service Improvement and Analytics

• Understanding how users interact with our tools
• Identifying popular features and tools
• Improving user interface and experience
• Developing new features based on usage patterns
• Conducting A/B testing and performance optimization

2.3 Security and Fraud Prevention

• Detecting and preventing abuse, spam, and malicious activities
• Implementing rate limiting to prevent service overload
• Protecting against unauthorized access and security threats
• Maintaining system integrity and availability

2.4 Legal Compliance

• Complying with applicable laws and regulations
• Responding to legal requests and court orders
• Enforcing our Terms of Service

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share limited information only in the following circumstances:

3.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our website and services, including:

• Cloud Hosting Providers: For server infrastructure (files deleted within 10 seconds)
• Analytics Services: Google Analytics for understanding website usage (anonymized data)
• Content Delivery Networks (CDN): For faster content delivery globally
• Security Services: For DDoS protection and threat detection

All service providers are contractually obligated to protect your information and use it only for the specific purposes we authorize.

3.2 Legal Requirements

We may disclose information when required by law or in response to valid legal processes, including:

• Court orders or subpoenas
• Government or regulatory investigations
• Protecting our legal rights or defending against legal claims
• Preventing fraud, security threats, or illegal activities
• Protecting the safety of our users or the public

3.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and provide choices regarding your information.

4. Advertising and Third-Party Content

4.1 Google AdSense and DoubleClick

We participate in the Google AdSense advertising program, operated by Google LLC. This means we display advertisements on our website that are served by Google and its advertising partners. Here's what you need to know:

What Information Google Collects:

• Cookie Data: Google uses cookies (small text files) to identify your browser and track your visits
• Device Information: Your device type, operating system, and browser
• IP Address: Your internet protocol address (may be used to approximate your general location)
• Browsing Activity: Pages you visit on our site and other websites in the Google Display Network
• Ad Interaction: Which ads you view, click, or interact with
• Demographic Inferences: Google may infer your age range, gender, and interests based on browsing patterns

How Google Uses This Information:

• Personalized Advertising: To show you ads that are more relevant to your interests based on your browsing history across websites
• Ad Measurement: To measure the effectiveness of ads and provide reports to advertisers
• Frequency Capping: To limit how many times you see the same ad
• Fraud Prevention: To detect and prevent invalid clicks and ad fraud
• Ad Auction: To determine which ads to show and in what order

Third-Party Cookies and DoubleClick:

• Google uses the DoubleClick cookie to enable personalized advertising across the Google Display Network
• This cookie allows Google to track your browsing across multiple websites (not just ours)
• Google's advertising partners may also set their own cookies when ads are displayed
• These cookies typically remain on your device for up to 13 months

Your Control and Opt-Out Options:

• Google Ads Settings: Visit www.google.com/settings/ads to turn off personalized ads or manage your ad preferences
• AdSense Partner Vendors: View and manage third-party advertising vendors at Google's Authorized Buyers List
• Google Analytics Opt-Out: Install the Google Analytics Opt-out Browser Add-on
• Industry Opt-Out Tools: Visit aboutads.info or youronlinechoices.com (EU users)
• Network Advertising Initiative: Opt out of interest-based advertising at NAI Opt-Out Page
• Browser Cookie Controls: Configure your browser to block third-party cookies (note: this may affect website functionality)
• Mobile Advertising: iOS users can enable "Limit Ad Tracking" in Settings; Android users can opt out via Google Settings app
• Our Cookie Banner: Use our cookie consent banner to decline advertising cookies when you first visit our site

Data Sharing with Google:

When you visit our website, we share certain information with Google AdSense automatically:

• The URL of the page you're visiting
• Your IP address (masked in some regions for privacy)
• Device and browser information
• Cookie identifiers (if you haven't opted out)
• Timestamp of your visit

This sharing is necessary for ad serving to function. We do not share any personal information you provide to us (like email addresses) with Google for advertising purposes.

Google's Privacy Policy:

• Google Privacy Policy - Complete privacy policy
• How Google Uses Cookies in Advertising - Detailed information about advertising cookies
• How Google Uses Data from Sites That Use Google Services - Information about partner site data usage

4.2 Third-Party Advertising Partners

Besides Google AdSense, Google's advertising partners within the AdSense network may also serve ads on our website. These partners may include:

• Ad Exchanges: Platforms where advertisers bid to show ads on our site
• Demand-Side Platforms (DSPs): Services that help advertisers buy ad inventory
• Ad Networks: Companies that connect advertisers with publishers
• Measurement Partners: Services that measure ad viewability and engagement

Each partner operates under Google's policies but may have their own privacy policies. These partners may also use cookies and similar technologies for ad serving and measurement.

4.3 Non-Personalized Ads

If you opt out of personalized advertising, you will still see ads on our website, but they will be:

• Based on the content of the page you're viewing (contextual targeting)
• Based on your general location (city or region level)
• Based on the current time of day
• Not based on your browsing history or interests

Non-personalized ads still generate revenue to support our free tools while respecting your privacy preferences.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and understand how our service is used.

5.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and improve functionality.

5.2 Types of Cookies We Use

Essential Cookies (Required):

• Session management and user authentication
• Security and fraud prevention
• Load balancing and service functionality
• These cookies are necessary for the website to function and cannot be disabled

Analytics Cookies (Optional):

• Google Analytics for understanding visitor behavior
• Page performance monitoring
• Feature usage tracking
• These cookies are anonymized and do not identify you personally

Advertising Cookies (Optional):

• Google AdSense and partner advertising cookies
• Used to serve relevant advertisements
• Track ad performance and effectiveness
• May be used for personalized advertising based on your interests

5.3 Managing Cookies

You have several options to manage or disable cookies:

• Browser Settings: Most browsers allow you to refuse or delete cookies through settings
• Opt-Out Tools: Use industry opt-out tools like NAI Opt-Out or DAA Opt-Out
• Google Ads: Visit Google Ads Settings to manage personalized ads

Note: Disabling essential cookies may affect website functionality.

For more detailed information about cookies, please read our dedicated Cookie Policy.

6. Data Security

We implement robust security measures to protect your information:

6.1 Technical Security Measures

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols
• Secure Servers: Our servers are hosted in secure facilities with physical and digital access controls
• Firewall Protection: Advanced firewalls protect against unauthorized access
• DDoS Protection: Distributed Denial of Service attack mitigation
• Regular Security Audits: Periodic security assessments and vulnerability testing
• Automatic File Deletion: Uploaded files are automatically deleted within 10 seconds

6.2 Organizational Security Measures

• Access controls limiting employee access to user data
• Security training for all personnel
• Incident response procedures
• Regular security policy reviews

6.3 Limitations

While we implement strong security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

7. Data Retention

We retain different types of data for different periods based on the purpose of collection and legal requirements:

7.1 File Data Retention

• Uploaded Files: Automatically and permanently deleted within 10 seconds after processing is complete
• File Metadata: Temporary processing metadata (file size, type) is deleted immediately after processing
• No Backup or Recovery: Once deleted, files cannot be recovered and are not stored in any backup systems

7.2 Analytics and Usage Data Retention

• Google Analytics Data: Retained for 26 months (default Google Analytics retention period)
• Server Access Logs: Retained for up to 90 days for security monitoring and troubleshooting
• Error Logs: Retained for up to 30 days for debugging and service improvement
• Performance Metrics: Aggregated and anonymized data retained indefinitely for long-term trend analysis

7.3 Cookie Data Retention

• Essential Cookies: Session cookies deleted when you close your browser; persistent cookies expire after 1 year
• Analytics Cookies: Google Analytics cookies expire after 24 months
• Advertising Cookies: Google AdSense cookies expire after 13 months (DoubleClick DART cookie)
• Preference Cookies: Cookie consent preferences stored for 12 months

7.4 Communication Records

• Support Inquiries: Email correspondence retained for up to 3 years for customer service purposes
• Privacy Rights Requests: Records of data subject access requests retained for 6 years to demonstrate compliance
• Legal Communications: Retained as required by applicable law (typically 7 years)

7.5 Retention Extension

We may retain data for longer periods if:

• Required by law or legal obligation
• Necessary for pending litigation or investigation
• Needed to resolve disputes or enforce agreements
• You have provided explicit consent for extended retention

7.6 Data Deletion

When retention periods expire, we securely delete or anonymize data using industry-standard methods including:

• Secure file deletion algorithms that overwrite data
• Database record purging with cryptographic erasure
• Backup system purging following retention schedules

8. Your Privacy Rights

We respect your privacy rights and are committed to providing you with control over your personal information. Depending on your location, you may have the following rights:

8.1 Universal Privacy Rights

All users, regardless of location, have the following rights:

• Right to Access: Request confirmation of whether we process your personal data and obtain a copy of the data
• Right to Rectification: Request correction of inaccurate, incomplete, or outdated information
• Right to Deletion (Right to be Forgotten): Request deletion of your personal information, subject to legal retention requirements
• Right to Object: Object to processing of your personal data for specific purposes
• Right to Data Portability: Request your data in a structured, commonly used, machine-readable format
• Right to Withdraw Consent: Withdraw consent for processing activities that require consent, without affecting prior lawful processing
• Right to Opt-Out: Opt out of personalized advertising, analytics, and non-essential cookies

8.2 European Union & EEA Residents (GDPR)

Under the General Data Protection Regulation (GDPR), EU/EEA residents have additional rights:

Enhanced Rights:

• Right to Restriction of Processing: Request restriction of processing your personal data in certain circumstances (e.g., while we verify data accuracy)
• Right to Object to Automated Decision-Making: Object to decisions made solely by automated means, including profiling, that produce legal or significant effects
• Right to Lodge a Complaint: File a complaint with your local data protection authority (supervisory authority) if you believe your rights have been violated
• Right to Data Protection Officer Contact: Contact our Data Protection Officer for privacy-related inquiries

Legal Basis for Processing (GDPR Article 6):

We process your personal data based on the following legal grounds:

• Consent (Article 6(1)(a)): For advertising cookies, analytics, and optional data collection
• Legitimate Interests (Article 6(1)(f)): For service improvement, security, fraud prevention, and essential analytics
• Contractual Necessity (Article 6(1)(b)): For providing the file processing services you request
• Legal Obligation (Article 6(1)(c)): For compliance with applicable laws and regulations

EU Representative: For GDPR-related matters, contact us at contact@simplefiletools.com

EU Data Protection Authorities: You can find your local supervisory authority at EDPB Member List

8.3 California Residents (CCPA/CPRA)

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have specific rights:

Your California Rights:

• Right to Know: Request disclosure of the categories and specific pieces of personal information we collect, use, disclose, or sell about you
• Right to Delete: Request deletion of personal information we collected from you, subject to certain exceptions
• Right to Opt-Out of Sale/Sharing: Opt out of the "sale" or "sharing" of your personal information (Note: We do not sell personal information for monetary consideration)
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit Use of Sensitive Personal Information: Limit the use of sensitive personal information (we do not collect sensitive personal information)
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising your privacy rights
• Right to Opt-Out via "Do Not Sell or Share" Link: Use our opt-out mechanism for advertising cookies

California Personal Information Categories We Collect:

As required by CCPA, here are the categories of personal information we collect:

• Identifiers: IP address, device identifiers, cookie identifiers
• Internet Activity: Browsing history on our site, search history, interaction with advertisements
• Geolocation Data: Approximate location based on IP address (city/region level only)
• Inferences: Preferences and characteristics derived from browsing activity

Categories of Third Parties We Share With:

• Advertising networks (Google AdSense and partners)
• Analytics providers (Google Analytics)
• Cloud hosting providers
• Security and fraud prevention services

Retention Period: See Section 7 for detailed retention periods by data type.

Verification Process: To protect your privacy, we verify your identity before fulfilling CCPA requests using email verification or other reasonable methods.

Authorized Agent: California residents may designate an authorized agent to make requests on their behalf. The authorized agent must provide written authorization.

8.4 UK Residents (UK GDPR)

UK residents have the same rights as EU residents under UK GDPR:

• All GDPR rights listed in Section 8.2 apply to UK residents
• UK Supervisory Authority: Information Commissioner's Office (ICO) - ico.org.uk
• UK Representative: Contact us at contact@simplefiletools.com

8.5 Other Regional Rights

Canada (PIPEDA):

• Right to access, correct, and delete personal information
• Right to withdraw consent
• Right to file a complaint with the Privacy Commissioner of Canada

Australia (Privacy Act):

• Right to access and correct personal information
• Right to file a complaint with the Office of the Australian Information Commissioner (OAIC)

Brazil (LGPD):

• Right to confirmation of processing, access, correction, anonymization, deletion, portability, and information about data sharing
• Right to withdraw consent and lodge a complaint with ANPD (National Data Protection Authority)

8.6 How to Exercise Your Rights

To exercise any privacy rights, follow these steps:

Step 1: Submit Your Request

• Email: Send your request to contact@simplefiletools.com
• Subject Line: Include "Privacy Rights Request" in the subject line
• Include: Your name, email address, description of your request, and specific right you're exercising
• Contact Form: Use our contact form at simplefiletools.com/contact

Step 2: Identity Verification

• We will verify your identity to protect your privacy and prevent unauthorized access
• Verification may require email confirmation or additional information
• For California residents, we use a two-step verification process for deletion requests

Step 3: Request Processing

• Response Time: We will respond within 30 days (45 days for complex requests)
• Extension: If we need more time, we will notify you and explain the reason
• Free of Charge: The first request per year is free; excessive requests may incur a reasonable fee
• Format: We will provide information in a commonly used electronic format (PDF, CSV, JSON)

Step 4: Follow-Up

• If you're not satisfied with our response, you may escalate to our Data Protection Officer
• You have the right to lodge a complaint with your local data protection authority

Limitations and Exceptions:

We may deny or limit requests in certain circumstances:

• Legal obligations require us to retain the information
• Information is necessary for legal claims or defense
• Request is manifestly unfounded or excessive
• Information is required for exercising freedom of expression
• Compliance would adversely affect others' rights and freedoms

If we deny or limit a request, we will explain the reason and your right to appeal.

9. Children's Privacy (COPPA Compliance)

We are committed to protecting the privacy of children and complying with the Children's Online Privacy Protection Act (COPPA) and similar international laws.

9.1 Age Restrictions

Our Service is not directed to children and we do not knowingly collect personal information from children under the following ages:

• United States: Under 13 years of age (COPPA)
• European Union: Under 16 years of age (or lower age set by member state, typically 13-16)
• United Kingdom: Under 13 years of age
• Other Jurisdictions: Minimum age of digital consent as defined by local law

9.2 No Intentional Collection from Children

• No Targeted Collection: We do not knowingly collect, use, or disclose personal information from children
• No Registration Required: Our service does not require account creation, reducing risk of child data collection
• No Behavioral Advertising to Children: We do not knowingly serve personalized ads to children
• No Age Verification: We do not implement age verification because we do not intentionally collect personal information

9.3 Parental Rights and Controls

If you are a parent or legal guardian and believe your child under the applicable age has provided us with personal information:

• Contact Us Immediately: Email contact@simplefiletools.com with subject "Child Privacy Concern"
• Provide Details: Include your child's name, age, and the nature of information provided
• Verification: We may request verification of your parental relationship
• Prompt Action: We will promptly delete the information upon verification

9.4 Parental Rights Under COPPA

Parents of children under 13 have the right to:

• Review personal information collected from their child
• Request deletion of their child's personal information
• Refuse to allow further collection or use of their child's information
• Consent to collection and use of child's information without consenting to disclosure to third parties

9.5 Data Deletion for Minors

• Immediate Deletion: Upon discovering or being notified that we have collected information from a child, we will delete it within 48 hours
• No Data Retention: We do not retain any information collected from children, even in backups
• Third-Party Notification: We will notify any third parties (like Google Analytics) to delete the child's information

9.6 Educational Resources

We encourage parents and guardians to:

• Monitor their children's online activities
• Use parental control tools and browser filters
• Educate children about online privacy and not sharing personal information
• Review privacy policies of websites their children visit

9.7 School and Educational Use

If schools or educators wish to use our tools for educational purposes with students under 13:

• Schools must obtain verifiable parental consent as required by COPPA
• Schools act as the parent's agent and can consent on behalf of parents
• Contact us at contact@simplefiletools.com to discuss appropriate safeguards

10. International Data Transfers

SimpleFileTools operates globally, and your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from the laws of your country.

10.1 Where Your Data May Be Transferred

Your data may be transferred to and processed in:

• United States: Our servers and cloud infrastructure are located in the U.S.
• Google Servers: Google Analytics and AdSense data is processed on Google's global infrastructure
• Content Delivery Networks: CDN providers may cache content in multiple countries for faster delivery
• Third-Party Service Providers: Various service providers operating in different jurisdictions

10.2 Legal Mechanisms for Data Transfers

We ensure lawful data transfers using the following mechanisms:

For EU/EEA to Third Countries:

• Standard Contractual Clauses (SCCs): We use European Commission-approved Standard Contractual Clauses (EU SCCs) for transfers to countries without adequacy decisions
• Adequacy Decisions: We transfer data to countries recognized by the European Commission as providing adequate protection
• Supplementary Measures: We implement additional technical and organizational measures to protect data transferred outside the EU/EEA
• Article 49 Derogations: In specific situations, we rely on GDPR Article 49 derogations (e.g., necessary for contract performance)

For UK to Third Countries:

• UK International Data Transfer Agreement (IDTA): We use UK-approved transfer mechanisms for data leaving the UK
• UK Adequacy Regulations: We transfer to countries recognized by the UK as providing adequate protection

For Other Jurisdictions:

• We comply with applicable cross-border data transfer requirements in your jurisdiction
• We use appropriate contractual safeguards with service providers

10.3 Safeguards for International Transfers

We implement the following safeguards to protect your data during international transfers:

Technical Safeguards:

• Encryption in Transit: All data transfers use SSL/TLS encryption
• Encryption at Rest: Data stored on servers is encrypted using industry-standard encryption
• Pseudonymization: Where possible, we pseudonymize data to reduce identification risk
• Access Controls: Strict access controls limit who can access transferred data

Organizational Safeguards:

• Vendor Due Diligence: We carefully vet all service providers handling data
• Data Processing Agreements: Contractual obligations require service providers to protect data
• Regular Audits: We periodically audit service providers' security practices
• Data Minimization: We transfer only the minimum necessary data

Legal Safeguards:

• Binding Agreements: Standard Contractual Clauses create legally enforceable obligations
• Government Access Protocols: We assess and mitigate risks of government surveillance in destination countries
• Data Subject Rights: We ensure you can exercise your privacy rights regardless of where data is processed

10.4 Google Services and Data Transfers

Google Analytics and Google AdSense process data globally:

• Google's SCCs: Google uses Standard Contractual Clauses for EU data transfers
• Google's Data Processing Terms: Google Data Processing Terms
• Google's Privacy Shield (Historical): While Privacy Shield was invalidated, Google has implemented alternative safeguards
• Data Localization Options: Where available, we use data localization features to keep data in specific regions

10.5 Your Rights Regarding International Transfers

• Right to Information: You have the right to know where your data is transferred and under what safeguards
• Right to Object: You may object to transfers to specific countries, though this may limit service availability
• Right to Obtain Copies: You can request copies of the safeguards in place for your data transfers (e.g., SCCs)
• Right to Complain: You may lodge a complaint with your local data protection authority regarding international transfers

10.6 Contact for International Transfer Questions

If you have questions about international data transfers, where your data is processed, or the safeguards we use, contact us at:

Email: contact@simplefiletools.com

Subject: "International Data Transfer Inquiry"

11. Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) signal. Our website does not currently respond to DNT signals, as there is no industry standard for how to interpret and respond to these signals. We respect your privacy choices and encourage you to use the opt-out mechanisms described in this policy.

12. Third-Party Links

Our website may contain links to third-party websites, plugins, or applications. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

• Notification: We will notify you of material changes by posting the updated policy on this page
• Effective Date: Changes become effective on the date indicated at the top of the policy
• Review: We encourage you to review this Privacy Policy periodically
• Continued Use: Your continued use of the Service after changes constitutes acceptance of the updated policy

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

15. Data Protection Officer

If you have questions about how we process your personal data or wish to exercise your privacy rights, you may contact our Data Protection Officer at:

Email: contact@simplefiletools.com

16. Consent

By using our Service, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree with this Privacy Policy, please do not use our Service.