Privacy Policy
This policy supplements the general terms and conditions of the Site, which it forms an integral part of, to inform you about the processing of personal data carried out on the Site.
The terms with an initial capital letter refer to the following definitions:
The "Company" or "we" refers to the company DANDELION DIGITAL MEDIA LTD, Suite 2997, Unit 3a, 34-35 Hatton Garden, London, England, EC1N 8DX immatriculée sous le n°10953180 - contact@online-file-converter.com.
The "Site" refers to the website(s) accessible via the URL link https://online-file-converter.com and any sub-sites they may have, which allow access to a content consultation area, a space reserved for clients, etc., provided by the Company.
"You" refers to the persons concerned by the Processing carried out on the Site (users, prospects, clients...).
The "Policy" refers to this privacy policy.
A "Data" refers to any information relating to an identified or identifiable natural person (the "data subject") directly or indirectly, particularly by reference to an identifier (name, identification number, location data, online identifier...) or one or more elements specific to that person’s identity.
A "Processing" refers to any operation applied to Data (collection, recording, organization, storage, adaptation, communication by transmission, distribution, deletion...).
A « Data Controller » is the entity that, alone or jointly with others, determines the purposes and means of the processing, and a « processor » is the entity that processes Data on behalf of the controller. On the Site, unless stated otherwise, we are the Data Controller of the Data.
A « Recipient » is the natural or legal person, public authority, agency or any other body to which personal data is disclosed, whether a third party or not.
The « Regulation » refers to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data ("GDPR"); Law No. 78-17 of 6 January 1978 relating to information technology, data files, and civil liberties; the rules applicable to commercial prospecting provided by the Postal and Electronic Communications Code, and more generally the laws and regulations applicable to the Data Processing we carry out.
The Site presents the activities of our Company and various forms (contact, newsletter subscription...). By completing the forms and communicating with us via the Site, you transmit the following categories of information to us:
- Identity Data: title; name; first name; and optionally, we may ask you for your date of birth to offer birthday deals;
- Contact and correspondence Data: e-mail address; postal address (address, zip code, city); telephone number; In case of a request to customer service, the nature of your request and the content of your correspondence.
- Data from reviews and contributions: pseudonym, date of the review, content of the review, product or service concerned, where applicable profile picture attached to the review; The Company may enrich its Site by collecting and republishing reviews and contributions issued about its deals by its customers on other sites (particularly social networks) when these contributions are freely accessible to the public;
- Data necessary for carrying out loyalty actions, prospecting, surveys, product testing, and promotions;
- Data related to the organization and processing of contests, lotteries and any promotional operation;
- Data collected through the exercise of rights provided by the Regulation.
In accordance with our legitimate interest, and where necessary for the execution of pre-contractual measures taken at your request or a contract, we carry out Processing on the aforementioned Data for the following purposes:
- Presentation of products and services of the Company;
- Management, processing and follow-up of requests and exchanges with the Company, via the Site (if applicable by offering you a chatbot, a call reservation tool...);
- Management of the relationship with prospects;
- Management of individuals' reviews on products, services or content of the Company;
- Prospecting and/or sending information, management of technical operations of prospecting, selection of individuals to carry out loyalty, prospecting, surveying, product testing actions;
- Organization of contests, lotteries or any promotional operation on the Site.
Data used for commercial prospecting management are kept for a maximum of three years from the last active contact from the prospect or client, and before if you withdraw your consent to receive messages from us. Data from reviews and contributions are retained for as long as the review is publicly accessible on the Site.
In accordance with our legal obligations, identity and contact data will also be processed for the following purposes:
- Updating of our prospecting files by the organization responsible for managing the no-call list, in accordance with provisions of the consumer code
- Management of requests for the right to access, rectification and opposition, and more generally the rights described in the Policy.
The Site enables the online subscription of memberships, leading us to carry out Processing on the following Data:
- Identity and contact Data
- Data related to the contractual and commercial relationship: Details of the order; Pre-contractual exchanges and related to the order (subject, date...); Communications with the Company.
- Payment and transactional Data: transaction date, amount, payment method, order number, billing data;
This information is necessary for the management of our client-prospect files, and more specifically for the following purposes in accordance with our Terms and Conditions accepted upon ordering on the Site and our legal obligations:
- Carrying out operations related to the management of files concerning: subscriptions; orders; delivery of the product or service; legal and commercial guarantees; invoices; accounting and the follow-up of the commercial relationship (customer service) including for reviews on the Company's offers;
- Prevention and fight against fraud in payment methods, especially against credit card fraud;
- Management of unpaid debts and litigation, provided it does not involve offenses and/or does not lead to exclusion of the individual from the benefit of a right, service, or contract.
Secure payment. All transactions made on our Site are secure. Credit card payments are provided by our payment service provider ("PSP"), as indicated in our general terms or in the product and service ordering page. We thus use an SSL encryption system to protect your personal data and the payment methods used. At no time do we directly possess your bank details thanks to this process.
Retention periods. The personal data that we process are kept for the durations presented in the table below.
Data concerned | Retention period |
---|---|
Data processed for commercial prospecting purposes | 3 years from the last active behavior of the prospect or from the collection of the Data |
Data necessary for processing your order and for managing contractual and commercial relations | 3 years from the last active behavior of the client, or failing that, from the end of the contractual relationship. For accounting documents (purchase orders, delivery notes, customer invoices): 10 years from the closure of the fiscal year |
Purchase contracts for an amount less than 120.00 euros | 5 years from the conclusion of the contract. |
Purchase contracts for an amount higher than 120.00 euros | 10 years from the date of delivery or performance of service. |
Bank details: in case of a one-time payment | 13 months for immediate debit cards and 15 months for deferred debit cards from the date of the charge (to respond to any dispute) |
Bank details: in the case of a subscription with automatic renewal | 13 months for immediate debit cards and 15 months for deferred debit cards from the date of the last payment installment at the end of the subscription (to respond to any dispute) |
A personal account is automatically created based on the information provided when you place an order on the Site.
For the provision and management of the account, the following information will be processed:
- Identity and contact Data
- Account login Data: username, password; which may be saved automatically on the Site only if you consent through your browser settings;
- Data on access and use of the account: IP address, connection time, duration of connection, account settings, data related to the use of any account features.
Processing will be carried out for the purpose of managing authentication procedures, lost username or password procedures, and to meet the requirements of executing the order pursuant to the purposes set out for online sales.
The Identity and contact Data provided when creating the account will be used with your consent to inform you about the Company's products and services.
The Company may provide tools for creating a profile by adding optional information to your account (identity, social networks, age, profile picture, profession...).
You can convert files on the Site.
The legal basis for Processing aimed at providing digital services is contractual.
For this purpose, we will need to process the following Data:
- Account Data for accessing services: Username and password, which may be saved automatically on the Site only if you consent through your browser settings and connection information to the access area (IP address, connection time, duration of connection, use of any tools available from this dedicated area...).
- Data related to file conversions: Information related to the converted files (initial format, conversion format, size, time of conversion...).
For security purposes, files converted on the Site are permanently deleted from the Company's servers within one hour after conversion.
In accordance with our legitimate interest, these Data may also be analyzed for the purpose of improving our services.
For any request to exercise the aforementioned rights or for more information, you can contact the Company at contact@online-file-converter.com or by postal mail at the Company's head office address indicated at the top.
According to the Regulation, you have the following rights regarding your Data:
- Right of access to your Data, including the right to request a copy, and to the information provided in this privacy policy (art. 15 GDPR). When the legal basis of data processing is our legitimate interest, you have the option to request information on the balancing we have carried out between our clients' interests and that of the Company prior to this processing.
- Right to rectification (art. 16 GDPR) and to update of your Data that we hold.
- Right to erasure of your Data (art. 17 GDPR) when the data is no longer necessary for us, you have withdrawn your consent to their Processing (if it was based on our consent) or you oppose the Processing based on our legitimate interest or the Processing carried out for prospecting purposes or profiling related to prospecting.
- Right to withdraw your consent at any time (art. 13-2c GDPR) for all data processing based on the legal ground of your consent. Furthermore, in terms of commercial prospecting, you have the option to unsubscribe at any time from our distribution lists by clicking the unsubscribe link in our communications or by contacting us to stop receiving solicitation messages.
- Right to restriction of Processing, which, unless for compelling reasons, may only be carried out with your consent (art.18 GDPR) when:
- You contest the accuracy of the data, for a duration necessary to verify it,
- If the processing of data is unlawful but you oppose the erasure of the data and instead choose to limit the processing,
- When we no longer need the data but it is still necessary for you for the establishment, exercise or defense of your legal claims.
When you have objected to processing based on our legitimate interest, for the duration necessary to balance our respective interests.
- Right to data portability of Data directly provided by the data subject when they are processed by automated means based on your consent or on a contract (art. 20 GDPR). This right means that you can request the communication of these data in a structured, commonly used and machine-readable format so that they can be communicated to another data controller.
- Right to object (art. 21 GDPR) to the processing of your data when this Processing has our legitimate interest as its legal basis.
- Right to define the fate of your Data after your death (art. 40-1 of Law No. 78-17 of January 6, 1978) and possibly choose a trusted third party to whom the Company should entrust them.
You can also obtain more information on the CNIL website.
In the event of a request for exercise, the Company reserves the right to ask you to specify your request and to provide an identity document (which will be kept for one year in case of exercising the right of access or rectification, and for three years in case of exercising the right of opposition). If our response does not fully satisfy you, you always have the possibility to lodge a complaint with the competent data protection authority in your jurisdiction (in France, the CNIL).
Commitments. Effective means of deletion of Data are put in place once the retention or archiving period necessary for the accomplishment of the determined or imposed purposes is reached, especially after deletion of your account with our Company or at the end of the contract with our Company.
Minimization. In any case, the Data subject to Processing should not be kept beyond the time necessary to fulfil the obligations defined at the conclusion of the contract, or as posed by current legislation. Beyond this, they may be anonymized and kept for statistical purposes, including in an aggregated form.
Litigation. Similarly, we may archive information demonstrating the fulfilment of our contractual obligations until the expiration of the limitation periods applicable to legal actions, to properly defend our interests before the jurisdictions in case of subsequent disputes. This includes but is not limited to durations provided by the commercial code, civil code, and consumer code.
Commitments. We commit that any recipient of data provides sufficient and appropriate contractual guarantees to respect your rights, so that the processing meets the requirements of the GDPR when this regulation applies (notably in terms of subcontracting). Based on our legal obligations, your Data may be disclosed pursuant to a law, regulation, or by virtue of a decision of a competent regulatory or judicial authority.
The information you provide us is for internal use by authorized persons, it is strictly confidential and cannot be disclosed to third parties, except under the conditions provided by the Regulation in case of express agreement or if you have decided to make it public.
Subcontracting. Our external providers (e.g.: suppliers, carriers...) may, as part of the processes described above, be the recipients of personal data when necessary for the execution of their mission.
Transfers outside the EU. We commit to ensuring compliance with the applicable regulation relating to data transfers to countries outside the European Union, particularly under the following terms:
- We will transfer the data of visitors, prospects, and clients to countries recognized as providing an adequate level of protection; - When the destination country does not offer an adequate level of protection, we will organize the flows using transfer tools in compliance with the regulation (standard contractual clauses of the European Commission, in particular).
Aggregation of non-personal data. We may publish, disclose and use aggregated information (information about site users, prospects, clients...) that we combine so that no individual person can be identified. This Processing is carried out in accordance with our legitimate interest for statistical purposes, sector and market analysis, presentation of our activities, for promotional and advertising purposes, and other commercial purposes.
Commitments. We commit to implementing appropriate technical and organizational measures through physical and logical security means to limit the risks of accidental, unauthorized, or illegal access, disclosure, alteration, loss, or destruction of your personal data.
Warnings. We encourage you to be cautious about what you decide to make public on the internet. Regarding personal data including data pertaining to your private life or sensitive data made public by your initiative or deduced from your contributions, comments, and any kind of stances on the Site, or social networks on groups and/or conversations with other users of the Site.
Https protocol. The Site's URL is accompanied by a closed padlock or a key appears at the bottom right of your browser, signalingthe existence of the Https security protocol, applicable to data storage, among other things. This means that you are in a secure browsing area, especially when your credit card number is requested.
Violation of data. In the event of an incident leading to the realization of the risks of alteration, disappearance, or unauthorized access to Data, we commit to:
- Investigate the causes of the incident;
- Take the necessary measures to limit the negative effects and harms that may result from said incident;
- Notify the incident to the competent authority and/or to the persons concerned as soon as possible when required by law.
In no case can the commitments defined in the point above be seen as any acknowledgment of fault or responsibility for the occurrence of the incident.
Mandatory or optional nature. On the Site, you are informed of the mandatory nature of answers by the presence of an asterisk or any other type of indication. In case of an incomplete request (for example: registration or online order, information request, etc.), the Company reserves the right to request additional information or to discard the completion of the concerned form by any technical means.
Hyperlinks. The Site may provide links to other sites, applications, and services than its own, which may be operated by third-party companies. We are not responsible for the data processing carried out by these third-party sites, or the sites pointing to our Site, and users are invited to read the data protection policies of these sites for more information. The Policy is only applicable to the activities of the Company, which cannot be held responsible for the failings of a third party in fulfilling their obligations regarding personal data protection.
Scope of application. The Policy is not exhaustive of all processing and we reserve the possibility to complete it by any means.
Language. The Policy is drafted in French. In the event that it is translated into one or more languages, only the French text shall prevail in case of dispute.
Non-waiver. The temporary or permanent non-application of one or more clauses of the present document shall not be considered a waiver of the other clauses of this document which continue to have their effect.
Modifications - Updates. We reserve the right to modify this privacy policy. Concerned parties will be notified when required by applicable regulation. The update date is indicated at the top and we invite you to consult it regularly.
Response in less than 24 hours
Response in less than 24 hours