Privacy Policy

Privacy Policy

Effective: June 24th, 2020

Welcome to the website of Nitro Software, Inc. (“Nitro”, “we”, “us” and/or “our”). Data privacy is important and we have prepared this Privacy Policy to explain how we collect, use, protect and disclose data when you use any Nitro services which includes this website and any site (“Site(s)”); software provided by Nitro (“Software”); or services offered by Nitro (collectively, “Services”). “You” refers to you as a user of the Site or Services. We draw your attention in particular to the sections entitled “International Data Transfer” and “Data Subject’s Rights”.

We will only process your personal data in accordance with applicable data protection and privacy laws. For the purpose of UK and European Union (“EU”) data protection legislation, the data controller is Nitro Software, Inc. of 150 Spear St STE 1500, San Francisco CA 94105.

We need certain personal data in order to provide you with access to the Services. If you created a profile, registered an account, downloaded software or provided information to us, you will have been asked to explicitly consent to our Terms of Service and Privacy Policy in order to access our Services, purchase our products and/or view our content. This consent provides us with the legal basis we require under applicable law to process your data. If you do not agree to our use of your personal data in line with this Policy, please do not use our Services.

Changes

We may update this Privacy Policy to reflect changes to our data practices. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest data on our privacy practices. Please note the effective date listed at the beginning of the Privacy Policy. If we make any material change(s) to the Privacy Policy, we will post a notice on our Site prior to such changes(s) taking effect.

If you disagree with any changes to the Privacy Policy and do not wish to be subject to the revised Privacy Policy, you need to deactivate your account and stop using Nitro services.

Data Collected

Personal Data:

We collect information about you in a range of forms, including personal data. As used in this Privacy Policy, “personal data” is as defined in the General Data Protection Regulation EU 2016/679 and any successor legislation, this includes any information which, either alone or in combination with other information we hold about you, identifies you as an individual, including, for example, your name, email address and telephone number.

Nitro collects personal data from users to provide services. Throughout standard use of the Site or Services, we collect some or all of the following:

  • Account Data: Name, business name, title, phone number, billing address, email, password, and avatar
  • Financial Data: Credit card data (number, expiration, and security code)
  • Single Sign-On: Nitro supports enterprise SSO with SAML 2.0-enabled identity providers. If your users log in through enterprise SSO, we collect data from the SAML provider regarding your account (with your express consent)

Sensitive Data

Nitro does not require or use sensitive data like: racial or ethnic origin, political affiliation or opinions, religious or philosophical beliefs, trade union membership, health data, sexual orientation, criminal convictions, or genetic or biometric data. Subject to the following paragraph, we ask that you not send us, and/or disclose, any such sensitive personal data.

If you send or disclose any sensitive personal data to us when you submit user generated content to our Services, you consent to our processing and use of such sensitive personal data in accordance with this Policy. If you do not consent to our processing and use of such sensitive personal data, you must not submit such user generated content to our Services.

Document Data

The Sites, Software, and Services provide capabilities to users to upload and manipulate documents. The user is responsible for and owns the content of the documents. Nitro does not alter the content of documents. By content, we are referring to text, graphics, and/or images within the document that are human readable and convey the meaning of the document to a person reading it. Occasionally, we will have to alter the formatting of the document to show it on the Sites (i.e. on Mobile devices) or in the Software, but there will be no material change to the content within the document.

You are responsible for who you choose to share documents with via the Site, Software, and/or Services’ collaboration functionality. When collaborating on documents, users you grant access to will be able to view that content and download the document (even if you delete that document at a later date). Additionally, if a collaborator signs, reviews, or marks-up the document, that collaborator owns a different version of that document which contains the collaborator’s changes. If you access or collaborate on a document owned by another individual, you are responsible for the content you provide on or about the document. Also, by sharing documents with other parties, those parties own a version of the document which mean they may then share and retain the document even after the original owner deletes the document.

When storing documents on the Sites, Software, and Services, Nitro collects the following data:

  • Document Metadata: Name, size, email address of user uploading document, meta data about the structure of the document, and standard metadata provided by the standard used to create the document (PDF, DOC, XLS, etc.).
  • Document Sharing: E-mail address and name of users who you wish to share the document.
  • Document Content: The contents of documents stored in the Site, Software, or Services.

User Generated Content

You may share personal data with us when you submit user generated content to our Services, including via our forums, message boards and blogs on our Sites. Please note that any information you post or disclose on our Site will become public information, and will be available to other users of our Site and to the general public. We urge you to be very careful when deciding to disclose your personal data, or any other information, on our Site. Such personal data and other information will not be private or confidential once it is published on our Site.

Use of Data

For the types of processing that are needed to provide the Services, we rely on the necessity of our processing of your information for the performance of the Services (governed by the Terms of Service) as a legal ground to collect and use your data in accordance with this Privacy Policy. For all other types of processing carried out under this Privacy Policy, we rely on our legitimate interests as a legal ground to collect and use your data in such ways.

Nitro uses data provided through the use of our Sites, Software, and Services to provide services for which Nitro was engaged. The data may be used for a variety of functions, including:

  • Provide, monitor, maintain and improve the Software, Site and Services
  • Register for and enable access to the Software, Site and Services
  • Purchase services and contact you in case a purchase request cannot be fulfilled
  • Manage documents (including upload, download, convert, and edit)
  • Collaborate and share files with others you designate which involves the Site sending emails on your behalf
  • Deliver services you request
  • Provide audit data to you and others who you grant access to via document collaboration
  • Recommend actions to you based on usage activity and document content; including testing and training algorithms used to provide these services
  • With your consent, personalize and customize the Site and Services by improving content, features, and/or advertisements based on your interests and preferences
  • Send push notifications that update you on activities initiated within the Site and Services
  • Send you related data (including confirmation of services requests and/or purchases)
  • Provide customer support (comments, questions, and requests for support along with support responses)
  • With your consent, provide data about services (newsletters, surveys, offers, promotions, contests, events, customer testimonials, case studies, and data about Nitro)
  • Monitor and analyze trends in connection with the Site and Services for marketing and advertising purposes
  • Investigate potential illegal activities (fraudulent transactions, unauthorized access, and/or other illegal activities)
  • With your consent, link or combine with other data from 3rd Parties to understand your needs and preferences
  • Diagnose unexpected issues that occur within the Site and Services

Activity Data

Activity Data includes data about how users interact with our Site, Software, or Services. Data in this category includes:

  • Browser Technologies: Cookies, beacons, tags and scripts
  • Device Data: Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. For mobile devices, we may additionally collect device identifiers. If printing, we may collect device data about the printer like: Driver, Printer ID, Brand, Make, Model, and other data accessible through the print driver. We may collect this information about you using cookies. Please refer to the sections on Cookies and Pixel Tags below.
  • Local Shared Objects: Cookie Preferences
  • Usage Data: We monitor user activity and collect data about the features you use
  • Information from Social Networking Sites. Our Services include interfaces that allow you to connect with social networking sites (each an “SNS”). If you connect to an SNS through our Services, you authorize us to access, use and store the information that you agreed the SNS could provide to us based on your settings on that SNS. We will access, use and store that information in accordance with this Privacy Policy. You can revoke our access to the information you provide in this way at any time by amending the appropriate settings from within your account settings on the applicable SNS.
  • Information We Get from Others. We may also get information about you from other sources, for example, if you have agreed to share information with one of our partners or other third parties, we may add this to information we get from our Services.

Cookies

What are cookies?

We may collect information using “cookies”. Cookies are small data files stored on the hard drive of your computer or mobile device by a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our Services.

We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which are used only by us to recognize your computer or mobile device when it revisits our Services; and (2) third party cookies, which are served by service providers on our Services, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.

Cookies we use

Our Services uses the following types of cookies for the purposes set out below:

Type of cookiePurpose
Essential CookiesThese cookies are essential to provide you with services available through our Services and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Services and help the content of the pages you request load quickly. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
Functionality CookiesThese cookies allow our Services to remember choices you make when you use our Services, such as remembering your language preferences, remembering your login details and remembering the changes you make to other parts of our Services which you can customize. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Services.
Analytics and Performance CookiesThese cookies are used to collect information about traffic to our Services and how users use our Services. The information gathered does not identify any individual visitor. The information is aggregated and therefore anonymous. It includes the number of visitors to our Services, the websites that referred them to our Services, the pages that they visited on our Services, what time of day they visited our Services, whether they have visited our Services before, and other similar information. We use this information to help operate our Services more efficiently, to gather broad demographic information and to monitor the level of activity on our Services.
We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is only used to improve how our Services works. You can find out more information about Google Analytics cookies here:
https://developers.google.com/analytics/resources/concepts/gaConceptsCookies.
You can find out more about how Google protects your data here
www.google.com/analytics/learn/privacy.html.
You can prevent the use of Google Analytics relating to your use of our Services by downloading and installing the browser plugin available via this link:
http://tools.google.com/dlpage/gaoptout?hl=en-GB
Targeted and advertising cookiesThese cookies track your browsing habits to enable us to show advertising which is more likely to be of interest to you. These cookies use information about your browsing history to group you with other users who have similar interests. Based on that information, and with our permission, third party advertisers can place cookies to enable them to show adverts which we think will be relevant to your interests while you are on third party websites.
You can disable cookies which remember your browsing habits and target advertising at you by visiting http://www.youronlinechoices.com/. If you choose to remove targeted or advertising cookies, you will still see adverts but they may not be relevant to you. Even if you do choose to remove cookies by the companies listed at the above link, not all companies that serve online behavioral advertising are included in this list, and so you may still receive some cookies and tailored adverts from companies that are not listed.
Social Media CookiesThese cookies are used when you share information using a social media sharing button or “like” button on our Services or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter or Google+. The social network will record that you have done this.

At this time, Nitro does not recognize “do not track” (DNT) signals.

You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings”, “help” “tools” or “edit” facility). Many browsers are set to accept cookies until you change your settings.

Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com.uk.

If you do not accept our cookies, you may experience some inconvenience in your use of our Services. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Services.

Pixel Tags

We may also use pixel tags (which are also known as web beacons and clear GIFs) on our Services to track the actions of users on our Services. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages. Pixel tags measure the success of our marketing campaigns and compile statistics about usage of the Services, so that we can manage our content more effectively. The information we collect using pixel tags is not linked to our users’ personal data.

Advertising

Generally. We may use other companies to serve third-party advertisements when you visit and use the Services. These companies may collect and use click stream information, browser type, time and date, subject of advertisements clicked or scrolled over during your visits to the Services and other websites in order to provide advertisements about goods and services likely to be of interest to you. These companies typically use tracking technologies to collect this information. Other companies’ use of their tracking technologies is subject to their own privacy policies.

Targeted Advertising. In order to serve offers and advertisements that may interest you, we may display targeted advertisements on the Services, or other digital properties or applications in conjunction with our content based on information provided to us by our users and information provided to us by third parties that they have independently collected. We do not provide personal data to advertisers when you interact with an advertisement.

Your Ad Choices. Some of the third-party service providers and/or Advertisers may be members of the Network European Interactive Digital Advertising Alliance (“EDAA”) Self-Regulatory Program for Online Behavioral Advertising. To learn more, visit http://www.edaa.eu/edaa-for-users which provides information regarding targeted advertising and the “opt-out” procedures of EDAA members.

Mobile. We may, from time to time, offer certain location or pinpoint based services, such as location assisted navigation instruction. If you elect to use such location-based services, we must periodically receive your location in order to provide such location-based services to you. By using the location-based services, you authorize us to: (i) locate your hardware; (ii) record, compile and display your location; and (iii) publish your location to third parties designated by you by means of location publication controls available within the applications (for example, settings, user preferences). As part of the location-based services, we may also collect and store certain information about the users who elect to use such location-based services, such as a device ID. This information will be used to provide you the location-based services. We may use third-party providers to help provide location-based services through mobile systems and we may give the information to such providers to enable them to provide their location-based services, provided that such providers use the information in accordance with this Policy.

International Data Transfer

Your information, including personal data that we collect from you, may be processed and transferred within and to the United States and other countries and territories which may have different privacy laws from your country of residence. Nitro follows industry best practices and is certified for US – EU Privacy Shield and US – Swiss Privacy Shield. Nitro is also compliant with the EU General Data Protection Regulation (GDPR).

Nitro follows industry best practices and is certified for US – EU Privacy Shield and US – Swiss Privacy Shield. Nitro is also compliant with the EU General Data Protection Regulation (GDPR).

Nitro takes data privacy seriously and monitors the regulatory landscape with regards to data privacy. As new regulations evolve, Nitro will evaluate those regulations and, in good faith, evolve our Data Privacy procedures appropriately.

Sharing and Disclosure

We will share or sell your personal data with third parties only in the ways that are described in this Privacy Policy. We do not sell your personal data to third parties except as described in this Privacy Policy (see the “Business Transfers” section below).

We may provide your personal data to companies that provide services to help us with our business activities, such as shipping your order or offering customer service. These companies are authorized to use your personal data only as necessary to provide these services to us. We may disclose personal data when the disclosure:

  • is required by law; or
  • has been consented to by you.

Other ways Nitro shares personal data are:

  • Collaboration and Sharing: Nitro offers collaboration features built into the Site and Services which allow you to share documents (read-only or full edit capabilities) with others you explicitly choose. Collaboration and sharing allows others to view the content of the document you choose to share in addition to the activity data pertaining to the shared document (views, edits, etc.). You can set permissions and revoke access through your Nitro account. If you share a document with another party, that party can download the document as long as they have access to it. Additionally, you may choose to create a public link and send that link to others. If you create a public link, anyone with that link can access in read-only mode and download it.
  • Business Accounts: If you are an individual user and the domain of your e-mail address associated with your account is owned by your employer and that employer has established a Nitro Business account, the data concerning use of your individual account (including access to personal data, usage data and document content) are accessible to that organization.
  • External Storage: The Sites, Software, and Services allow users to save documents to third party storage providers like: Box, Dropbox, OneDrive, SharePoint 365 and many others offering a storage API. When saving documents externally, Nitro sends document meta data (like, name and size) along with the contents of the document to the storage provider. If documents are saved externally to Nitro, you are subject to such third parties’ privacy policy and terms and conditions. We recommend you read their privacy policies before you submit any data to them.
  • Ads: We partner with third party ad networks to either display advertising on our Sites or to manage our advertising on other sites. Our ad network partner uses cookies and Web beacons to collect non-personally identifiable data about your activities on the Sites and other Web sites to provide you targeted advertising based upon your interests.
  • Business Transfers: In the event Nitro goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personal data will likely be among the assets transferred. You will be notified via email (sent to the e-mail address specified in your account) or prominent notice on our Site of any such change in ownership or control that affects your personal data.
  • Aggregated and Anonymized Data: We also share aggregated and anonymized data with partners which does not directly identify individuals. We may create anonymous data from the personal data we receive about you and other individuals whose personal data we collect. Anonymous data might include analytics information and information collected by us using cookies.  We make personal data into anonymous data by excluding information (such as your name) that makes the data personally identifiable to you.  We use this anonymous data to analyse usage patterns in order to make improvements to our Services.

Security

We will take reasonable precautions to protect your personal data from loss, misuse or alteration. This includes both physical and technological security measures. We follow generally accepted industry standards (e.g. encryption at rest and in transit, access control policies, etc.) to protect the personal data submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security and you agree that you submit data to us at your own risk. When you enter personal data on our order forms, we encrypt the transmission of that data using secure socket layer technology (SSL).

Consent and Opt-out

Promotional and Newsletters

We provide you the opportunity to consent to having your personal data used for certain purposes when we ask for this data. We will also give you the opportunity to ‘opt-out’ at any time. For example, if you purchase a product/service but do not wish to receive any additional marketing material from us, you can initially choose not to accept direct marketing from us, and at a later stage provide consent.

If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter.

Targeted Ads

If you wish to not have data used for the purpose of serving you targeted ads, you may initially withhold your consent to being subject to such ads, and at a later stage opt-out by contacting [email protected] (or if located in the European Union click here). Please note this does not opt you out of being served advertising. You will continue to receive generic ads.

Site Documents

Nitro provides promotional sites (commonly referred to the “conversion sites”) that provide services to convert documents from one format to another. By using the conversion sites, you allow Nitro to store, retain, and use personal data, document data, and document metadata per the ‘Use of Data’ section above. If you do not wish to provide this personal data, document data, and document metadata, then refrain from using the conversion sites.

Services and Software Documents

Outside of the conversion sites (above), you may delete your documents at any time from within the Services or Software via the User Interface. Any document you have shared explicitly with another user (via a sign, share, or review request) will still be available to that user with whom the document was shared if they downloaded it, copied it to a storage service like (Box, Dropbox, Google Drive, OneDrive, etc.), or added the document to the shared users’ Nitro account.

Account Data

We will retain your Personal, Document, and Activity Data for as long as your account is active or as needed to provide you Services. If you wish to cancel your account or request that we no longer use your personal data to provide you Services, please contact [email protected]. However, Nitro will retain and use your Personal, Document, and Activity Data as necessary to comply with our legal or other obligations, resolve disputes, and enforce our rights and agreements. Nitro reserves the right to delete any data for inactive accounts.

Out of Scope

Some actions initiated within the Site and Services link to external sites. Additionally, those actions may result in data appearing on forums that are public and/or not subject to the Privacy Policy.

  • Frames: Some of our pages utilize framing techniques to serve content from our partners while preserving the look and feel of our Sites. Please be aware that you are providing your personal data to these third parties and not to Nitro.
  • Social Media Widgets: Our Sites include social media features, such as the Facebook “Like” button and Widgets, the “Share this” button or interactive mini-programs that run on our Sites. These features may collect your IP address, which page you are visiting on our Sites, and may set a cookie to enable the feature to function properly. Social media features and Widgets are either hosted by a third party or hosted directly on our Sites. Your interactions with these features are governed by the privacy policy of the company providing it.
  • Customer Testimonials: We may post customer testimonials/comments/reviews on our Site which may contain personal data. We obtain the customer’s consent, prior to posting the testimonial, to post the customer’s name along with the customer’s testimonial. If you would like to have us remove any of your comments, please contact us.
  • Forum and Blog Content: Our Site may offer publicly accessible blogs or community forums. You should be aware that any data you provide in these areas may be read, collected, and used by anyone who has access to them. To request removal of your personal data from our blog or community forum, please contact us at [email protected].
  • Forum and Blog Comments: Our blog is also managed by a third-party application that may require you to register to post a comment. We do not have access to or control of the data posted to the comments. You will need to contact or login to the third-party application if you want the personal data that was posted to the comments section removed. To learn how the third-party application uses your data, please review the third party’s privacy policy.

Children’s Privacy

We do not knowingly collect personal data from children under the age of 16. By using the Site, Software, and/or Services, the user asserts they are over 16 years of age. If we become aware that we have inadvertently received personal data from a child under the age of 16, we will delete such data from our records.

Data Subject’s Rights

Nitro takes privacy seriously. If you have any concerns regarding our handling of your Personal, Sensitive, or Document Data, we encourage you to contact us (details below in the ‘Contact Us’ section). Additionally, Nitro acknowledges you have the following rights with regards to your personal data.

  • You may raise a complaint to the relevant supervisory authority in your EU Member State (and/or to the EU Data Protection Agency)
  • You have the right to object to or restrict the processing of your personal data. If you wish to restrict or object, please follow the procedures stated in the ‘Opt-out’ section above.
  • If consent to process is granted, you may withdraw your consent to process personal data. To withdraw consent follow the steps detailed in the ‘Opt-out’ section above.

Data Access Rights

Nitro collects a variety of information via the use of the Site, Software, and/or Services at the direction of users. If you have concerns about your personal data being processed, or if you seek access or want to correct, amend, or delete inaccurate data, please contact us at [email protected] and we will work with you to respond to your request in a reasonable timeframe.

Rectification

If you have concerns or inquiries regarding the handling of your personal, document, and/or activity data, please contact us at [email protected]. Nitro will respond within a reasonable timeframe. If, after contacting us, we fail to adequately address your concern please contact the dispute resolution provider, Data Protection Commissioner of Ireland at www.dataprotection.ie, at no cost to you.

For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.

Complaints

We are committed to resolve any complaints about our collection or use of your personal data. If you would like to make a complaint regarding this Privacy Policy or our practices in relation to your personal data, please contact us using the “Contact Us” section below. We will reply to your complaint as soon as we can and in any event, within 45 days.

Privacy Shield Statements

Nitro complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Nitro has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

In compliance with the Privacy Shield Principles, Nitro commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Nitro by going to the “Contact Us” webpage on this Site or contacting us at [email protected] or at the address below.

Nitro Software, Inc
150 California Street, STE 1500
San Francisco, CA 94105
Attn: Privacy

Nitro has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland.

  • Nitro is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
  • In instances where other redress possibilities have been exhausted under EU law, or where the complaint has not been resolved by any other means, Nitro will provide EU end users a binding arbitration option before the Privacy Shield Panel. Nitro acknowledges that any final decision by the Privacy Shield Panel is a legally binding decision, enforceable in US courts.
  • Nitro may disclose data in response to lawful requests by public authorities, and to meet national security or law enforcement requirements.
  • If required at some point in the future, to effectively process data on behalf of a client to serve the client’s needs, Nitro may need to share that data with certain third parties or sub-processors. In such instances, Nitro will execute any needed contracts, clauses or addendums to ensure that any third-party agents that it engages to process personal data does so in a manner that is consistent with the Privacy Shield Principles.
  • Nitro does not currently transfer personal data, received pursuant to the EU-U.S. Privacy Shield Framework, to third party agents. However, if personal information of EU individuals is transferred to third parties in the future, Nitro is potentially liable.

Contact us

If you require more detailed data about our data handling practices please let us know by going to the “Contact Us” webpage on this Site or contacting us at [email protected] or at the address below.

Nitro Software, Inc
150 Spear Street, STE 1500
San Francisco, CA 94105
Attn: Privacy