1. General
This Privacy Policy ("Policy" or "Privacy Policy") explains how we ("Company", "we", "our" or "us"), the developer and provider of "Paperline" webapp ("App"), collects, stores, uses, discloses, and otherwise processes Personal Data related to you when you ("you", "your" or "Users") install, access, use, or otherwise engage with the App and any of our other online activities made available by us in connection with the App. This Privacy Policy forms an integral part of our End User License Agreement or any other agreement that references this Privacy Policy.
Any terms not specifically defined in this Policy shall have the meanings assigned to them in the EULA.
This Policy explains what information the Company may process in connection with your use of the App, the purposes for which such information is processed, the circumstances under which it may be shared, and the rights available to you in relation to your Personal Data. Before downloading, installing, accessing, or using the App, we encourage you to review this Policy in full. You acknowledge that the provision of Personal Data is voluntary. Where required under applicable law, processing of your Personal Data will be based on your consent. You are not legally obligated to provide Personal Data to us; however, if you choose not to provide certain Personal Data, or do not allow us to process it, certain features or functionalities of the App may not operate properly or may not be available.
Where applicable law distinguishes between privacy roles (for example, a "Controller" under the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR") or a "Business" under certain U.S. state privacy laws), we act as the party that determines the purposes and means of the processing described in this Policy in connection with the App.
This Policy applies worldwide to any individual who downloads, accesses, or otherwise uses the App. Certain jurisdictions, including the European Economic Area and U.S. states such as California, provide additional privacy rights and require additional disclosures (see section 12 below for additional disclosures).
2. Policy Updates & Modifications
We may update and amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be accessible from our website — https://paperlineapp.com/ ("Website"). The "Last Updated" date at the top of this document indicates when it was most recently revised. We encourage you to review this Policy periodically to remain informed about how your information is handled.
3. Data Collection
When you use the App, including by accessing it, we may collect and process the following categories of information:
"Non-Personal Data" means information that does not identify you as an individual and cannot reasonably be linked to you. This may include aggregated or anonymized technical information such as:
- Operating system type and version
- Device characteristics and general configuration
- Language preferences and general performance indicators
This information is typically collected automatically and is used to support service stability, functionality, analytics, and optimization.
"Personal Data" means any information that can directly or indirectly identify an individual, such as IP addresses, search history, or other online identifiers. Where the Company processes Personal Data, it does so in accordance with applicable data protection laws, including data minimization and purpose limitation.
Such processing may include the processing of certain categories of Personal Data and the use of such Personal Data for the purposes described in Section 5 below.
Please note that the Product is not intended to collect or process "Sensitive Data" as defined under applicable laws (including equivalent terms such as "highly sensitive information", "special categories of personal data", or "sensitive personal information"). Accordingly, you are requested not to submit or upload any Sensitive Data through the Product. Depending on the jurisdiction and applicable laws, Sensitive Data may include information relating to racial or ethnic origin, religious or philosophical beliefs, sexual orientation, health-related information, and certain financial information, etc.
4. Personal Data Processed, Purpose and Legal Basis
The following describes how the Company and its service providers process Personal Data in connection with your use of the Product, including the categories of Personal Data processed, the purposes of processing, and, where the GDPR applies, the applicable legal bases for such processing:
Unique Identifiers: When you use the App (including any tools and features made available through the App), we, or our third-party partners, may collect and process unique identifiers associated with your device (including mobile identifiers), IP addresses, cookie ID, and similar identifiers ("Unique Identifiers"). We use Unique Identifiers for analytics and operational purposes, to detect, prevent, and address errors and bugs, to secure the App and related systems, to enable you to use the App and its functionalities, and to improve the user experience. Where applicable, we process such data based on our legitimate interests in operating, maintaining, securing, and improving the App, including for authentication and understanding how the App is used.
Usage Data: We further process, directly or indirectly through our third-party service providers, usage data, including information regarding your interaction with the Product, features used, time stamp and duration of use, click stream data, errors that occurred (collectively, "Usage Data"). We will use Usage Data and inferred data for statistical and analytical purposes and internal development. These data sets are processed based on legitimate interest in operating, maintaining, enhancing, and improving our App.
Support: When you contact us for support, we will process your contact details and any information you choose to share as part of our communications. We use this information to respond to your request, provide support, and communicate with you. We may retain our communications to maintain records of the support provided, address future requests, and improve the App and our support operations, based on our legitimate interests. To the extent applicable, we also process such data as necessary to fulfil our contract with you.
Personal Data Included in Inputs: We, or service providers acting on our behalf, process the inputs you upload, submit, transmit, or otherwise make available through the App ("Input"), together with related metadata and any other information you voluntarily choose to provide, to generate the content, results, files, or other materials generated, returned, or made available through the App in response ("Output"), to provide and operate the services included in the App, and to enable your use of the App and any related services and features, including generating AI-based Outputs (including print-ready PNG files) and providing related features and services, as further described in the EULA. We process Inputs (and any Personal Data included in them) on the basis of your consent and as necessary to fulfil our contract with you. We may also process Inputs to improve the quality of Outputs and to support product development and enhancement of the App, based on our legitimate interests, where applicable. Personal Data that may be included in Inputs may include the following:
Images: To enable certain features of the App, you may import photos and other content into the App. Such content may be processed, including using AI technology provided by third-party service providers, as Inputs (as applicable) solely to provide and operate the services and features included in the App, including generating print-ready Outputs (for example, PNG files) made available to you for download directly to your device, subject to applicable agreements and safeguards.
Internal personal use and local storage: Your Outputs (including your created work) are stored locally on your device, and we do not store your creations or the Inputs uploaded to generate them on our servers. We or service providers act on our behalf to process such data to provide the services included in the App and perform our contract with you. To the extent you have the required authorization, you may include through Inputs Personal Data relating to other individuals (for example, if an uploaded photo includes other people). If you are not authorized or do not have the required consent to do so, please do not upload any Personal Data that does not relate solely to you.
5. How We Collect Your Personal Data
Depending on the nature of your interaction with us, we may collect the Personal Data described above as follows: (i) automatically, when you interact with the Website, including through cookies and similar tracking technologies (as further described below); and (ii) directly from you, when you voluntarily choose to provide it, including when you upload images that contain Personal Data.
7. Disclosure of Personal Data to Third Parties
We share Personal Data relating to you with third parties, including our partners and service providers that help us provide the App. When we share data with service providers and partners, we ensure they have access only to information that is strictly necessary for us to provide the App. These parties are required to secure the data they receive and to use it only for pre-agreed purposes, in compliance with applicable data protection laws (such service providers may use other non-personal data for their own purposes).
Information regarding the categories of these third-party recipients is set out below.
Service Providers: Service providers process Personal Data on the Company's behalf and are restricted from using such Personal Data solely as necessary to provide their services to the Company, specifically:
- General Service Providers: We use third-party service providers that process Personal Data on our behalf, including cloud hosting, content delivery networks (CDNs), internet connectivity, operating systems and platforms, data security and cybersecurity, and fraud detection.
- Third-Party AI System Providers: In addition, the processing of content included in Input and Output is performed by third-party providers of artificial intelligence tools on which the App is based, and User's content may be transmitted to and processed by such provider(s) to (i) process the Input for the purpose of generating the Output, and (ii) perform the services and enable the App's AI-related functionality.
Trackers and Analytics Providers: Process Unique Identifiers and Usage Data to provide us with analytics and insights regarding use of the App, including to identify crashes and errors.
Subsidiaries and Affiliated Companies: We may share Personal Data within the Company and with our subsidiaries and affiliated companies, including in connection with a corporate transaction (for example, a sale of a substantial part of our business, a merger, a consolidation, or an asset sale). In such event, the relevant recipient (including any acquiring entity) will assume the rights and obligations described in this Policy. Such recipients may process all categories of Personal Data described in this Policy, except for data stored locally on your device.
Authorities, Security Providers, Governmental Agencies: This may include disclosures for legal and law enforcement purposes, including in response to a valid and binding request in connection with terrorism, criminal investigations, alleged unlawful activity, or other activity that may expose us, you, or any other user to legal liability, and only to the extent necessary for such purposes. Such disclosure may occur where we believe in good faith that: (a) we are legally required to do so; (b) disclosure is appropriate to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) disclosure is necessary to protect our legitimate business interests, including the security or integrity of the App. The Personal Data disclosed may include any category of Personal Data described in this Policy, except for data stored locally on your device, depending on the purpose and circumstances.
8. Your Rights
Depending on your relationship with us, your location, and applicable data protection laws, you may have certain rights and choices with respect to Personal Data relating to you. We usually provide individuals with the rights to exercise the rights under the GDPR as a benchmark; these rights include rights to access Personal Data, portable Personal Data, delete Personal Data, or opt-out, and withdraw consent for processing Personal Data, among others. For more information, please see: https://commission.europa.eu/law/law-topic/data-protection/information-individuals_en.
You may also have certain rights under other applicable privacy laws, with certain differences, as described in section 12. If you believe you may be entitled to such disclosures or rights, please contact us at [email protected]. We will provide the relevant information and instructions on how to exercise your rights, as required by applicable law.
9. Data Retention
We retain Personal Data only for as long as necessary to fulfill the purposes described in this Policy, to comply with applicable legal and regulatory obligations, or to maintain an ongoing relationship with you.
Personal Data may be retained for longer periods where:
- Required by applicable legal, tax, or regulatory obligations;
- Necessary to maintain accurate records in connection with disputes, claims, or audits; or
- There is a reasonable anticipation of litigation or enforcement activity.
In some cases, information may be anonymized or aggregated so that it can no longer be associated with an identifiable individual. Such information is no longer treated as Personal Data under this Policy.
10. Data Security Measures
We implement reasonable technical and organizational measures designed to protect Personal Data against unauthorized access, loss, misuse, alteration, or disclosure. These measures are regularly reviewed and updated as appropriate. However, no system or method of transmission can be guaranteed to be completely secure. We will take necessary steps to ensure that sufficient safeguards are provided during the transfer of such Personal Data, in accordance with the provisions of the EU, UK, or Swiss Standard Contractual Clauses or, as applicable, the EU/UK-U.S. Data Privacy Framework. Thus, we will obtain contractual commitments or assurances from the data importer to protect Personal Data relating to you, using contractual protections that regulators have pre-approved to ensure Personal Data relating to you is protected.
If you believe that your information has been accessed or used in an unauthorized manner, please contact us promptly at [email protected].
11. Children's Privacy
The App is not intended for use by individuals under the age of 16, and we do not knowingly collect Personal Data from children under this age. If you believe that a minor has provided us with Personal Data, please contact us at [email protected]. Upon verification, we will take appropriate steps to delete such information in accordance with applicable law.
12. Additional Notices, US States
Consumer Rights Related to Their Personal Data:
Section 8 under this Privacy Policy "Your Rights" provides additional information regarding your principal rights. Residents of certain U.S. states may have additional rights under applicable privacy laws, subject to certain limitations, which may include:
- Access — the right to confirm whether we are processing their Personal Data and to obtain a copy of their Personal Data in a portable and, to the extent technically feasible, readily usable format.
- List of Third Parties — the right to receive a list of the specific third parties to which we have disclosed either Personal Data relating to you or any Personal Data.
- Delete — the right to request us to delete their Personal Data provided to or obtained by us.
- Correct — the right to request us to correct inaccuracies in their Personal Data, considering the nature and purposes of the processing of the Personal Data.
- Opt-Out — the right to opt out of certain types of processing, including: (i) to opt out of the "sale" of their Personal Data; (ii) to opt out of targeted advertising by us; and (iii) to opt out of any processing of Personal Data for profiling in furtherance of making decisions that produce legal or similarly significant effects. However, we do not engage in profiling in furtherance of legal or similarly significant decisions.
- Appeal — the right to appeal if we decline to act in response to your exercise of a privacy right.
- Non-Discrimination — the right not to be discriminated against for exercising your privacy rights.
For more information about rights for U.S. residents, please see: https://oag.ca.gov/privacy/ccpa
Exercising Consumer Privacy Rights: You may submit a request to exercise most of your privacy rights under U.S. state privacy laws by contacting us at: [email protected].
Further, certain rights can be exercised directly from our Product: you may correct, revise, and delete information using the Product settings at any time. Additionally, any consent provided may be easily withdrawn or you may opt out of certain features and tracking. Therefore, we recommend you use the technical solutions we have provided you with to exercise your rights.
We will respond to your request within the timeframe required under applicable law, and we reserve the right to extend the response time subject to applicable law requirements. If we refuse to act on a request, we will notify you, and our notification will include a justification for declining to take action and instructions on how you may appeal. Within the timeframe set out under applicable law upon our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the applicable authority or Attorney General of your jurisdiction.