Privacy Policy
Last updated: July 9, 2026
This page describes how PDFko processes personal data in connection with user accounts, uploaded PDF documents and operation of the web application. We aim to process data only to the extent necessary for the service to function.
1. Data controller
The data controller for PDFko is SmartLeads.
Contact email: info@smartleads.sk
2. What data we process
2.1 User account data
When you register and sign in, we may process:
- email address,
- identity provider data if you use Google login,
- user identifier in the authentication system,
- basic account metadata required for sign-in and account operation.
2.2 Uploaded document data
When you upload and manage PDF documents, we may process:
- document title,
- PDF file name,
- file size,
- storage path,
- generated public slug and link,
- creation and last update dates,
- document activity status (active / inactive),
- view count, if available.
PDFko stores uploaded PDF files so the public link and QR code can work. You are responsible for uploaded content — make sure your PDF does not contain data you are not authorized to publish or share.
2.3 PDF content
Uploaded PDF files may contain personal data depending on what you put in them. PDFko does not routinely review or approve document content during normal operation. You are responsible for uploaded content.
Do not upload sensitive health records, financial data, identity documents, passwords or confidential materials unless you have a legal basis and understand the risks of public or semi-public sharing.
2.4 Public links and QR codes
Documents are accessible to anyone who has the public link or scans the QR code, unless additional access restrictions are applied. You may print and share the QR code publicly. When you replace a PDF, the public link stays the same — only the document behind it changes.
2.5 Technical and operational data
When you use the service, we may process:
- IP address as part of hosting and security infrastructure,
- browser information (user agent) in server logs,
- request timestamps,
- basic document view counts,
- referrer, if captured,
- technical logs for security, debugging and abuse prevention.
2.6 Communication data
If you contact us at info@smartleads.sk, we process your email address and message content, and any other data you include (for example in support, feedback or complaint messages).
2.7 Cookies and local storage
Necessary cookies or local storage may be used for sign-in, security and application functionality (for example session cookies).
The current version may also use basic anonymized analytics via Vercel Analytics to understand service traffic. If we later add marketing cookies or extended analytics, we will update this policy and obtain consent where required.
3. Purposes of processing
- creating and managing user accounts,
- providing PDF upload, public links and QR codes,
- displaying public documents,
- replacing documents while keeping a stable public link,
- communication and support,
- security, abuse prevention and debugging,
- legal and accounting obligations if paid plans are introduced,
- improving the service in a privacy-respecting way.
4. Legal basis (GDPR)
Depending on the purpose, processing may rely on:
- contract performance or provision of the requested service,
- legitimate interests in operation, security and abuse prevention,
- legal obligations where applicable,
- consent for optional marketing or analytics beyond essential operation.
5. Retention
- account data is kept while the account exists,
- document metadata is kept while the document or account exists,
- uploaded PDFs are kept while you keep them in the service,
- support communication is kept as long as needed to handle requests,
- technical logs are kept for a limited time per infrastructure settings.
6. Processors and technology providers
PDFko may use trusted technology providers for hosting, database, storage, authentication, email, DNS and error monitoring. Where used in the current version, these may include:
- Supabase — authentication, database and file storage,
- Vercel — application hosting and deployment,
- Vercel Analytics — basic anonymized traffic analytics.
The exact list of processors may change as the service evolves. We aim to update this page when significant providers change.
7. Transfers outside the EU/EEA
If a provider processes data outside the European Union or European Economic Area, we aim to ensure an adequate level of protection where required — for example through standard contractual clauses or equivalent mechanisms.
8. Your rights
Where GDPR applies, you may have rights including access, rectification, erasure, restriction, objection, portability and withdrawal of consent. You may also lodge a complaint with your supervisory authority.
Send requests to info@smartleads.sk.
9. Security
We use reasonable technical and organizational measures including HTTPS, access control, authenticated dashboard and limited administrative access. No online system is completely secure.
10. User responsibility
- you decide which PDF documents to upload,
- you must not upload unlawful content or content that infringes third-party rights,
- upload personal data in documents only when you have a legal basis,
- a public link or QR code means anyone with access can open the document.
11. Changes to this policy
We may update this policy. The current version is always published on this page with the last updated date.
12. Contact
Privacy questions: info@smartleads.sk
Related: Terms of Use, About PDFko