Privacy Policy

Effective Date: May 8, 2025

This Privacy Policy (“Policy”) describes how AhaConvert (“Company,” “we,” “our,” or “us”) collects, uses, and protects information when you (“User,” “you”) access or use our online file conversion services worldwide.

By accessing or using our services, you agree to this Policy. If you do not agree, you must discontinue use immediately.

1. Applicability of This Policy

AhaConvert provides online tools for converting digital files, including but not limited to video, audio, image, and document formats. In the course of delivering these services, we process uploaded files only for the purpose of conversion and delete them automatically within a short retention period.

This Privacy Policy applies to all individuals worldwide who access or use our services, regardless of their place of residence. It governs the collection, use, storage, and disclosure of information associated with the use of our platform.

2. Information We Collect

We collect and process only the information that is strictly necessary to operate, maintain, and secure our platform:

  • File Data: Files uploaded for conversion are processed automatically for the sole purpose of providing the requested service. Files are deleted within two (2) hours of upload. We do not manually access, review, or permanently store file contents.
  • Technical Data: Device and connection details such as IP address, browser type, operating system, device identifiers, language settings, and similar information required to ensure compatibility and security.
  • Usage Data: Information about interactions with our tools, anonymized analytics, and error logs used for troubleshooting and service optimization.
  • Cookies: Essential cookies are required for basic functionality and cannot be disabled. Non-essential cookies (such as analytics) are implemented only with your explicit consent, where required by law, and may be managed or withdrawn by you at any time.

3. Use of Information

Your information is processed strictly for limited, lawful purposes, including:

  • Service Delivery: Processing and providing the file conversions you request.
  • Platform Integrity: Operating, maintaining, optimizing, and securing the platform and its underlying infrastructure.
  • Fraud and Abuse Prevention: Detecting, investigating, and preventing fraudulent activity, abuse of the services, or technical malfunctions.
  • Legal Compliance: Meeting obligations imposed by applicable laws, regulations, or binding governmental requests.

We do not sell, rent, trade, or otherwise exploit user data for marketing, profiling, or advertising purposes. Any use of information beyond these purposes requires your prior consent or will be carried out only where permitted by law.

4. Data Sharing

We may disclose limited categories of information to carefully selected third parties, but only where strictly necessary for the operation of our services or to comply with legal obligations:

  • Cloud Hosting Providers: For temporary file processing, secure storage, and delivery of conversions.
  • Analytics Providers: For anonymized, aggregated usage data that cannot reasonably identify individual users.
  • Support and Infrastructure Partners: For maintenance, troubleshooting, and ensuring service availability.
  • Legal and Regulatory Authorities: When disclosure is required by applicable law, regulation, legal process, or enforceable governmental request.
  • Business Transfers: Data may be transferred in case of merger, acquisition, bankruptcy, or sale of assets, subject to the same privacy protections.
  • Fraud Prevention: We may disclose data to prevent fraud, protect our legal rights, or ensure platform security.
  • Law Enforcement: Government requests will be evaluated for legitimacy and scope before compliance, and we will notify users when legally permitted.

All third-party providers engaged by us are contractually obligated to comply with strict confidentiality, security, and data protection standards. We do not authorize third parties to use personal data for their own purposes, and they may only process data on our instructions.

5. Data Retention

We retain information only for as long as is strictly necessary to fulfill the purposes outlined in this Policy or to comply with applicable legal requirements. Retention periods are as follows:

  • Files: Uploaded files are processed automatically and deleted within two (2) hours of upload, regardless of whether the conversion was completed.
  • Logs: Technical and usage logs are retained in anonymized form for no longer than twelve (12) months for the purposes of monitoring, troubleshooting, and improving service performance.
  • Support and Billing Data: Retained only for the duration required to resolve issues, maintain accurate records, or meet statutory compliance obligations.

Extended Retention Circumstances:

  • Data may be retained longer if required for ongoing legal proceedings, regulatory investigations, or dispute resolution.
  • We may anonymize data for statistical analysis with indefinite retention, ensuring no personal identification is possible.
  • Backup copies may exist temporarily during system maintenance but are automatically purged according to our data lifecycle policies.
  • In cases of account suspension for violations, relevant data may be retained for the period necessary to resolve the matter.

Once data is no longer required, it is irreversibly deleted, securely destroyed, or fully anonymized in a manner that prevents re-identification.

6. Security Measures

We implement reasonable and industry-recognized safeguards designed to protect information against accidental loss, unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to, HTTPS encryption, firewalls, access controls, and ongoing monitoring of system vulnerabilities.

Disclaimer: While we take commercially reasonable steps to safeguard information, no method of transmission over the internet or method of electronic storage is fully secure. By using the services, you acknowledge and accept that file uploads and data transmissions are carried out at your own risk, and we disclaim liability for any unauthorized access, alteration, disclosure, or loss of data that occurs beyond our reasonable control.

  • We cannot guarantee protection against all security threats, including sophisticated cyber attacks, insider threats, or zero-day vulnerabilities.
  • Use at Your Own Risk: You acknowledge that internet-based services inherently carry security risks, and you use our services at your own risk.
  • Sensitive Data Warning: We strongly recommend against uploading sensitive, confidential, or personally identifiable information of third parties.
  • No Liability for Breaches: Any security breach resulting from circumstances beyond our reasonable control, including but not limited to advanced persistent threats, nation-state attacks, or force majeure events, is not our responsibility.
  • Third-Party Security: We are not responsible for the security practices of third-party services you may use in connection with our platform.

7. User Responsibilities

As a condition of using AhaConvert’s services, you explicitly agree to the following:

  • You are solely responsible for ensuring that all files uploaded for conversion are lawful and that you have full legal rights to process them, including intellectual property rights, consent, or licenses.
  • The service must not be used for any unlawful, infringing, malicious, or deceptive purposes, including but not limited to distributing malware, hosting pirated content, or bypassing digital rights controls.
  • You bear full responsibility for any consequences stemming from the content you upload, including legal claims, regulatory penalties, or damages related to data misuse or violations of third-party rights.
  • Any misuse or violation of these terms may result in immediate suspension or termination of your access to the platform, at our discretion, without prior notice.
  • Legal Reporting: You acknowledge that we may be required to report suspected illegal activity to law enforcement authorities without prior notice to you.
  • Investigation Cooperation: You agree to cooperate fully with any lawful investigation regarding your use of our services, including providing requested information and documentation.
  • Legal Consequences: You understand that violation of these responsibilities may result in civil or criminal legal action against you, independent of any action we may take.
  • Indemnification: You agree to indemnify and hold us harmless from any claims, damages, or expenses arising from your use of our services or violation of this Policy.
  • Content Screening: While we do not routinely monitor content, we reserve the right to scan files for malware, illegal content, or violations of our terms without prior notice.

8. International Data Transfers

Your data may be processed and stored in any country where we or our service providers operate. These countries may have data protection laws that differ from those of your jurisdiction.

Whenever we transfer data across borders, we take appropriate measures to ensure an adequate level of protection, including:

  • relying on recognized legal safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission,
  • requiring our providers to implement robust security and confidentiality commitments, and
  • applying internal policies designed to prevent unauthorized access, disclosure, or misuse of data.

By using the services, you acknowledge and agree that your data may be transferred and processed outside of your country of residence, subject to the safeguards described above.

9. User Rights

European Economic Area (GDPR) / UK GDPR

Right

Description

Right to Access

Request confirmation whether we process your data and receive a copy.

Right to Rectification

Correct inaccurate or incomplete data.

Right to Erasure

Request deletion of your data, unless retention is legally required.

Right to Restrict Processing

Limit how your data is used under certain circumstances.

Right to Portability

Obtain your data in a machine-readable format and transfer to another controller.

Right to Object

Object to processing based on legitimate interests, including profiling.

Right to Withdraw Consent

Withdraw consent at any time without affecting prior processing.

Right to Lodge a Complaint

File a complaint with your Data Protection Authority.

United States (CCPA/CPRA & State Laws)

Right

Description

Applies to

Right to Access

Know what categories of data we collect and how we use it.

CA, CO, CT, VA, UT, TX, others

Right to Correct

Request correction of inaccurate data.

CA, CO, CT, VA, TX

Right to Delete

Request deletion of personal data, subject to legal exceptions.

CA, CO, CT, VA, UT, TX, others

Right to Portability

Request a copy of your data in portable format.

CA, CO, CT, VA, UT, TX

Right to Opt Out of “Sale/Sharing”

Stop the transfer of data for advertising/marketing. (We do not sell data.)

CA, CO, CT, VA

Right Against Automated Decisions

Prevent being subject to decisions made solely by algorithms.

CA, CO, CT, VA

Non-Discrimination

No disadvantage for exercising your rights.

CA (explicit), others implied

Canada (PIPEDA & Provincial Acts)

Right

Description

Right to Access

Request details about the processing of your data.

Right to Rectification

Correct inaccurate or incomplete data.

Right to Deletion

Request deletion of your data, unless retention is required by law.

Right to Data Portability

Obtain and reuse your personal data.

Right to Object

Object to processing under specific circumstances.

Right to Withdraw Consent

Withdraw consent to processing at any time.

Right to Lodge a Complaint

File a complaint with the Office of the Privacy Commissioner of Canada.

How to exercise your rights:

Requests may be submitted to [email protected]. We may require identity verification before processing. Requests will be answered within the legally required timeframe (e.g., 30 days under GDPR, up to 45 days under CCPA, extendable if permitted by law).

10. Children’s Privacy

Our services are not directed at children under:

  • 13 years (United States),
  • 16 years (European Union/UK, unless local law sets a lower minimum age).

We do not knowingly collect personal data from minors. If such data is discovered, it will be deleted promptly.

11. Policy Updates

We may update this Policy at any time. Updates will be posted with a new effective date. Continued use of the services constitutes acceptance of the revised Policy.

15. Contact Us

If you have any questions, concerns, or requests related to privacy or data protection, feel free to contact us:

📧 [email protected]
🌐 https://aahh.10smt.com

We’re happy to help.