Privacy Policy

Introduction

Welcome to PagesToMD ("we," "our," or "us"). We operate the website pagestomd.com (the "Service"), a document conversion tool that transforms various document formats into Markdown.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this Privacy Policy carefully. By accessing or using PagesToMD, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

If you do not agree with the terms of this Privacy Policy, please do not access the Service.

1. Information We Collect

We collect information in the following ways:

1.1 Information You Provide Directly

Account Information

• Email address (required for account creation and authentication)
• We use magic link authentication, meaning we do not store passwords

Payment Information

• When you subscribe to a paid plan, payment information (credit card details, billing address) is collected and processed directly by our payment processor, Stripe. We do not store your complete payment card details on our servers.
• We receive and store limited payment information from Stripe, including: the last four digits of your card, card type, billing name, and billing address for record-keeping purposes.

Uploaded Documents

• Documents you upload for conversion (PDF, DOCX, ODT, Apple Pages, and other supported formats)
• These files are processed temporarily to perform the conversion service

Support Communications

• Information you provide when contacting our support team
• Feedback and suggestions you submit

1.2 Information Collected Automatically

Usage Data

• Pages visited and features used
• Conversion history and usage patterns
• Number of conversions performed
• File types converted

Device and Technical Information

• IP address
• Browser type and version
• Operating system
• Device type
• Referring URLs

Cookies and Similar Technologies

• Session cookies for authentication
• Functional cookies for preferences
• Analytics cookies for service improvement

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 To Provide and Maintain Our Service

• Process your document conversions
• Authenticate your identity and manage your account
• Process subscription payments and manage billing
• Provide customer support
• Send transactional emails (account verification, password resets, conversion notifications)

2.2 To Improve Our Service

• Analyze usage patterns to enhance features
• Monitor and analyze trends and usage
• Identify and fix technical issues
• Develop new features and functionality

2.3 To Communicate With You

• Send service-related announcements
• Respond to your inquiries and support requests
• Send promotional communications (with your consent, where required)

2.4 For Security and Compliance

• Detect, prevent, and address fraud or abuse
• Enforce our Terms of Service
• Comply with legal obligations

2.5 AI-Powered Features

• When you use our AI-powered conversion features, your documents may be processed using artificial intelligence to improve conversion accuracy and quality
• We do not use your document content to train AI models
• AI processing is performed in real-time and document content is not retained after conversion

3. Data Storage and Retention

3.1 Where We Store Your Data

Your data is stored using the following services:

• InstantDB: User account data and authentication information
• Stripe: Payment and billing information (on their secure servers)
• Cloud Infrastructure: Temporary file storage for document processing

3.2 How Long We Keep Your Data

Account Information

• Retained for as long as your account is active
• Upon account deletion, personal data is removed within 30 days, except where retention is required by law

Uploaded Documents

• Processed temporarily for conversion purposes only
• Automatically deleted within 24 hours of upload, or immediately after download, whichever comes first
• We do not retain copies of your converted documents

Payment Records

• Transaction records are retained for 7 years to comply with tax and accounting regulations

Usage Analytics

• Aggregated, anonymized analytics data may be retained indefinitely
• Identifiable usage data is retained for up to 2 years

Support Communications

• Retained for up to 3 years to provide consistent support

4. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist us in operating our Service:

Stripe (Payment Processing)

• Processes your payment transactions
• Privacy Policy: https://stripe.com/privacy
• Stripe is PCI-DSS compliant

Resend (Email Communications)

• Delivers transactional emails on our behalf
• Privacy Policy: https://resend.com/legal/privacy-policy

InstantDB (Database and Authentication)

• Stores user account data and manages authentication
• Privacy Policy: https://instantdb.com/privacy

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any change in ownership.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Cookies and Tracking Technologies

5.1 Types of Cookies We Use

Strictly Necessary Cookies

• Essential for the Service to function
• Enable authentication and session management
• Cannot be disabled

Functional Cookies

• Remember your preferences and settings
• Improve your user experience

Analytics Cookies

• Help us understand how visitors use our Service
• Collect information about page views and feature usage
• Data is aggregated and anonymized where possible

5.2 Managing Cookies

Most web browsers allow you to control cookies through their settings:

• You can set your browser to refuse cookies
• You can delete cookies that have already been set
• Note that disabling certain cookies may affect the functionality of the Service

5.3 Do Not Track

Some browsers offer a "Do Not Track" feature. Our Service does not currently respond to "Do Not Track" signals, but we limit tracking to what is necessary for Service operation and improvement.

6. Your Rights and Choices

6.1 Rights for All Users

Regardless of your location, you have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate personal data
• Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Objection: Object to certain processing of your data
• Data Portability: Request your data in a portable format

6.2 Rights Under GDPR (European Economic Area Residents)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to Restriction: Request restriction of processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: File a complaint with a supervisory authority

Legal Basis for Processing (GDPR)

We process your data based on:

• Contract Performance: To provide you with our Service
• Legitimate Interests: To improve our Service and for security purposes
• Consent: For marketing communications (where applicable)
• Legal Obligations: To comply with applicable laws

6.3 Rights Under CCPA (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected
• Right to Delete: Request deletion of your personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
• Right to Opt-Out of Sale: We do not sell personal information, so this right does not apply

Categories of Personal Information Collected

• Identifiers (email address, IP address)
• Commercial information (subscription and transaction data)
• Internet or electronic network activity (usage data, browsing history on our Service)

6.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: support@pagestomd.com

We will respond to your request within 30 days (or within the timeframe required by applicable law). We may need to verify your identity before processing your request.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

7.1 Security Measures

• Encryption: Data transmitted to and from our Service is encrypted using TLS/SSL
• Secure Authentication: Magic link authentication eliminates password-related vulnerabilities
• Access Controls: Access to personal data is restricted to authorized personnel only
• Infrastructure Security: Our infrastructure providers maintain industry-standard security certifications
• Regular Audits: We regularly review and update our security practices

7.2 Your Responsibilities

• Keep your email account secure, as it is used for authentication
• Log out of your account when using shared devices
• Report any suspicious activity to us immediately

7.3 Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law, typically within 72 hours of becoming aware of the breach.

8. International Data Transfers

If you are accessing our Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For users in the EEA, we ensure appropriate safeguards are in place for international transfers, including:

• Standard Contractual Clauses approved by the European Commission
• Processing by service providers with adequate data protection certifications

9. Children's Privacy

Our Service is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@pagestomd.com.

10. Third-Party Links

Our Service may contain links to third-party websites or services that are not operated by us. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

Notification of Changes

• We will post the updated Privacy Policy on this page
• We will update the "Last Updated" date at the top of this Privacy Policy
• For material changes, we will notify you by email or through a prominent notice on our Service before the changes become effective

We encourage you to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have questions about this Privacy Policy, your personal data, or would like to exercise your rights, please contact us:

Email: support@pagestomd.com