At Formatr, LLC, referred to as the “Company,” as a data controller, hereby adopts this Privacy Policy regarding the personal data of users located within the European Economic Area (EEA), United Kingdom (UK), and Switzerland (collectively, the “EEA+ Region”). This Privacy Policy informs users (the “Data Subjects”) about the Company’s methods of collecting and processing personal data in connection with its website and services (the “Website and Services”). It describes the categories of personal data processed, the purposes and legal basis for such processing, and the rights and options Data Subjects retain concerning their personal data.

If you are located within the EEA, your personal data is processed under the EU General Data Protection Regulation (GDPR). For individuals in the UK, the UK General Data Protection Regulation governs the processing of personal data. References to “GDPR” throughout this document refer to the applicable General Data Protection Regulation based on your location. If you are located in Switzerland, the Swiss Federal Data Protection Act (FDPA) governs the processing of your personal data, and any references to the GDPR in this document should be understood analogously for the purposes of applying the FDPA.

If you have questions about this policy or your data rights, please contact us at hello@formatr.ai.

To provide, enhance, and secure our Services, we collect the following types of information:

1. Personal Information: This includes information you directly provide to us, such as your name, email address, account information, and any additional details needed for account creation or support.

2. Usage Data: We collect information automatically about your interactions with our Services, including IP addresses, browser type, device information, pages viewed, and other activity data. This helps us optimize the functionality and performance of our Services.

3. Document and Content Data: When you upload documents to our platform for analysis, we may temporarily store and process the document content to perform requested tasks, always in line with our Privacy Policy and applicable data laws.

4. Transactional Data: If you purchase services or subscribe to our platform, we collect payment details, billing information, and transaction records. Payment data is processed securely through trusted third-party processors who adhere to industry standards.

Under GDPR and similar laws, we process your data based on the following legal grounds:

1. Contractual Necessity: To provide you with Services as agreed in our Terms and Conditions, per Article 6(1)(b) GDPR ("Contract Performance Legal Basis").

2. Legitimate Interests: For our business purposes, including data analysis, platform security, and improving user experience. We ensure this processing does not override your data protection rights, per Article 6(1)(f) GDPR ("Legitimate Interest Legal Basis").

3. Consent: For certain processing activities (e.g., marketing communications), we rely on your explicit consent, which you may withdraw at any time, per Article 6(1)(a) GDPR ("Consent Legal Basis").

4. Legal Obligation: To comply with applicable laws, respond to legal requests, or safeguard user rights and our legal standing, per Article 6(1)(c) GDPR ("Legal Obligations Legal Basis").

We collect and use personal data to:

1. Deliver and Improve Services: Enable access to our document formatting tools, deliver features, and continuously improve our Services.

2. Personalize User Experience: Customize content, settings, and responses based on user preferences.

3. Ensure Security: Monitor activity to detect and prevent fraud, enhance security, and protect user accounts.

4. Communicate Updates: Notify you of important updates, account activity, security alerts, and Service changes.

5. Fulfill Legal Obligations: Comply with applicable regulations, respond to legal requests, and enforce our agreements.

We retain your personal data only as long as necessary for the purposes it was collected or as required by law. When data is no longer needed, it will be securely deleted or anonymized. Upon account termination or upon request, we will delete your data unless legal obligations require further retention.

As an EEA+ user, you have the following rights under GDPR and related regulations:

1. Right of Access: Request access to the personal data we hold about you and obtain a copy of it.

2. Right to Rectification: Correct inaccuracies or incomplete data.

3. Right to Erasure (“Right to be Forgotten”): Request deletion of data if it is no longer needed, if you withdraw consent, or if it has been unlawfully processed.

4. Right to Data Portability: Receive a copy of your data in a structured, commonly used format, allowing you to transfer it to another service provider.

5. Right to Object: Object to data processing, particularly for direct marketing purposes.

6. Right to Restriction of Processing: Limit data processing in specific situations, such as during a dispute over data accuracy.

7. Right to lodge a complaint with a supervisory authority (only for EEA and UK).

8. In some jurisdictions such as France and Portugal, you also have the right to provide us with guidelines as to the processing of your personal data after your death.

To exercise any of these rights, please contact us at hello@formatr.ai with “Data Protection Request” in the subject line. We may require verification of your identity before processing your request. We will respond to valid requests within the legal timeframes required by GDPR.

Your personal data may be transferred and processed outside the EEA+, including in countries that may not have equivalent data protection laws. When such transfers occur, we use legally recognized safeguards, including Standard Contractual Clauses and Data Processing Agreements with third parties, to ensure compliance with GDPR and protect your data.

We prioritize data security and implement strict measures to protect your data, including:

1. Encryption: We use advanced encryption protocols to protect your data at rest and in transit.

2. Access Controls: We limit access to your personal data to authorized personnel who need it to perform their jobs.

3. Routine Security Audits: We conduct regular security audits and assessments to identify potential vulnerabilities.

4. Incident Management: In the unlikely event of a data breach, we will notify affected users and the relevant authorities as required by law.

We only share your personal data with trusted third parties in limited circumstances:

1. Service Providers: We engage third-party vendors, such as data storage providers, analytics firms, and payment processors, to help us deliver our Services. These providers are contractually bound to protect data confidentiality and to use data only for the purposes authorized by Formatr, LLC.

2. Legal Requirements: We may disclose data when legally required to comply with regulations, court orders, or other legal processes.

3. Business Transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred to the new entity under terms consistent with this Privacy Policy. You will be notified of such changes and given options regarding your data.

Our website and Services use cookies and similar tracking technologies to provide a seamless experience, analyze usage, and collect information about interactions. The types of cookies used include:

1. Essential Cookies: Necessary for site functionality, enabling secure access and navigation.

2. Performance and Analytics Cookies: Collect data on how users interact with our site to help improve usability and performance.

3. Functional Cookies: Remember your preferences to enhance your experience.

4. Advertising and Targeting Cookies: Used by us and our partners to deliver relevant ads based on your interests (where applicable).

For detailed information, please review our Cookies Policy. You can control your cookie preferences through your browser settings; however, disabling cookies may affect certain features.

We do not engage in fully automated decision-making that significantly affects users. Our Services may include AI-driven suggestions to enhance document formatting, but all decisions to apply AI-generated changes remain at the user’s discretion.

We may update this EEA+ Privacy Policy to reflect changes in our practices or in response to legal developments. If significant changes occur, we will notify you via email or through a prominent notice on our site. We encourage you to review this policy periodically to stay informed of our data practices.

If you have any questions, concerns, or requests regarding this policy or your data, please reach out to us at hello@formatr.ai or via postal mail at Formatr, LLC, 1111B S GOVERNORS AVE STE 28478, DOVER, DE 19904 U.S.A.

or via postal mail at Formatr, LLC, 1111B S GOVERNORS AVE STE 28478, DOVER, DE 19904 U.S.A.