Privacy Policy

Last updated: March 18, 2026

This Privacy Policy explains how Hyperionai Ltd collect and process personal data when you use the website at https://pdfocused.com/ (the "Website") and the services and products we provide through it (collectively, the "Service").

You are not required by law to provide us with any personal data. However, we require certain information in order to be able to provide the Services. If you choose not to provide us with your personal data, we may not be able to provide you with some or all of the Services. By using the Services and/or providing us with your personal data, you agree to the collection and use of your personal data in accordance with this Privacy Policy.

BY USING OUR SERVICE, YOU CONFIRM THAT (I) YOU HAVE READ, UNDERSTOOD, AND AGREED TO THIS PRIVACY POLICY, (II) YOU ARE AT LEAST 18 YEARS OF AGE (OR HAVE YOUR PARENT OR GUARDIAN'S CONSENT IF YOUNGER), AND (III) YOU ARE LEGALLY PERMITTED TO DISCLOSE ANY PERSONAL INFORMATION IN CONNECTION WITH YOUR USE OF THE SERVICE. If you cannot make this confirmation, you must stop using the Service, cancel any subscriptions, and contact us to request data deletion.

In case of discrepancies between translated versions and the original English Privacy Policy available at https://pdfocused.com/privacy-policy, the English version shall prevail.

1. Personal Data Controller

This Privacy Policy applies when Hyperionai Ltd, a company registered in Nicosia, Cyprus (the "Company", "we", "our" or "us"), provides its Services directly to an individual or when the Company collects usage data from individual users of Company's enterprise customers, in which events the Company acts as the data controller of your personal data.

In contrast, the Company is considered the "data processor" and not the data controller when enterprise customers use the Company's Services to support their own provision of products and services to individuals since the Company acts at the direction of these enterprise customers regarding any collection or processing of data on their behalf. Therefore, this privacy policy does not apply to the data such enterprise customers may collect from individuals or their uses of that data.

2. Categories of Personal Data We Collect

We collect various categories of personal data in connection with the provision of our Services. Such data may be collected directly from you, generated through your use of the Services, or obtained from third-party sources, in accordance with applicable law.

The categories of personal data we collect may include:

• Identifiers and contact information, such as your name, email address (for example, when you create an account or contact customer support), telephone number, mailing address, and account information such as login credentials and user ID.
• Commercial and transaction information, such as billing and payment-related information (processed by our payment service providers, we do not store full payment card details) and records of the Services or subscriptions purchased.
• Content and information provided through our Services, including documents uploaded when using our Services, as well as information contained in customer support interactions and other communications with us (for example, recorded customer or technical support calls, feedback, and the contents of correspondence via our website, chat features, phone or video calls, emails, and other communication channels).
• Analytics and electronic network activity information, including automatically collected data such as device information, IP address, language settings, browser type, usage data, referral URLs, and advertising identifiers. For further information about our use of cookies and similar tracking technologies, please see our Cookie Policy.

In addition, we may collect or derive information relating to your preferences and interests, such as those inferred from your prior purchases, interactions with our services, or communications, as well as information about the organization you work for and related business details, where you have provided your company name.

We may obtain certain information from third-party sources, including professional networking platforms, information service providers, business partners, data brokers, service providers and publicly available sources. In certain cases, we may also infer or generate insights based on the information available to us.

We may also operate pages on social networking platforms. When you interact with these pages, we may collect information that you have made publicly available on your social media profile, such as your name and interests in our services. Social media platforms may also provide us with aggregated statistics and insights regarding interactions with our pages to help us understand user engagement.

3. Purposes of Processing

We process your personal data for the following purposes:

Providing and Operating the Services

• Providing you with the Services for which you have registered, including document scanning and related services, and delivering any other services that you request.
• Verifying your identity, managing your account, and processing payments (including through third-party payment service providers).
• Sharing account information associated with a business email address with the relevant employer or organization for account management or migration purposes.
• Ensuring the proper functioning, security, and administration of our Services.
• Sending you administrative or service-related communications, such as notices relating to payments, billing issues, subscription status, or expiration of your subscription.

Customer Support and Service Improvement

• Providing customer support and responding to your inquiries, comments, or complaints.
• Analyzing interactions with our customer support agents and sales representatives in order to improve our services, increase customer satisfaction, evaluate sales performance, and identify sales opportunities.
• Diagnosing technical issues and improving the functionality and performance of our Services and related software.

Analytics and Service Optimization

• Analyzing how users interact with and use our Services in order to understand usage patterns, measure effectiveness, improve functionality, and enhance user experience.
• Conducting analytics related to navigation, profile information, and interactions with our communications (excluding the content of the uploaded documents), including to detect, prevent, and address fraudulent, deceptive, illegal, or unauthorized activities or misuse of the Services.
• Combining information with other data we may have regarding your interactions with our Services, in order to provide a more seamless experience and improve our Services.

Marketing and Research

• Sending you information about our Services, special offers, and similar communications, where permitted by applicable law or where you have provided consent. You may opt out of marketing communications at any time.
• Personalizing marketing communications or advertisements relating to our Services, where permitted by applicable law.
• Conducting surveys, market research, and analytics relating to our customers, their interests, customer satisfaction, and the effectiveness of our marketing campaigns, where required with your consent.

You may opt-out of this service at any time by clicking UNSUBSCRIBE at the bottom of each email or by submitting a request to [email protected].

Legal and Compliance Purposes

• Enforcing our Terms of Service and other agreements.
• Complying with legal, regulatory, and compliance obligations.
• Establishing, exercising, or defending legal claims.
• Responding to lawful requests from public authorities, courts, or regulators, or in connection with investigations, legal processes, or litigation.

4. Legal Basis

We will only collect and process personal data about you where we have lawful basis. We rely on the following legal grounds.

If you reside or interact with us from a jurisdiction where privacy laws mandate consent as the sole legal basis for processing personal data, by providing us with your information, you automatically consent to its processing for all purposes outlined in this Privacy Policy.

• Performance of a Contract. Mainly, in order to provide you with the services, information or support that you request from us.
• For the pursuit of our Legitimate interests. To the extent necessary, we may process your personal data beyond the performance of the actual services, in order to protect the legitimate interests of the Company or third parties. This includes our commercial interests, including our interest in improving the Services and protecting the security and integrity of the Services and internal record keeping.
• Due to legal obligation. We may be obligated to process some of your personal data to comply with applicable laws and regulations.
• Based on your consent. When you provide your consent, you are granting us permission to process your personal data for specific purposes that are set forth in this Privacy Policy and clearly explained to you at the time of data collection. You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

5. Disclosure of Your Personal Data

We may share personal data with third parties where necessary to operate our Services, fulfill the purposes described in this Privacy Policy, and comply with applicable law.

• Service Providers and Processors. We engage trusted third-party service providers, contractors, and processors to perform services on our behalf and support the operation of our Services, such as providers of cloud hosting, payment processing, analytics, communications tools, customer support systems, our lawyers and other professional advisors. Where necessary, we may share the categories of personal data described above, including identifiers and contact information, commercial or transaction information, content and communications data, and analytics or electronic network activity information, with these providers in order to operate and maintain the Services, process payments, communicate with users, provide customer support, diagnose technical issues, analyze usage patterns, and improve our Services and marketing activities. These providers may also process certain technical information, such as IP addresses and device identifiers, to help administer the Services and analyze general usage trends.
• Analytics and Marketing Partners. We may work with analytics and marketing partners that help us understand how users interact with our Services and measure the effectiveness of our advertising campaigns. These partners may process certain identifiers (such as IP address or device identifiers) to provide aggregated insights about service usage and advertising performance, subject to applicable law and their respective privacy policies.
• Customer Support and Communication Providers. We use third-party tools to facilitate communications with users, including email, helpdesk systems, and live-chat services. These providers may process personal data that you provide when contacting us for support or communicating with us through our Services or other channels.
• Cloud Hosting and International Transfers. Our Services rely on third-party cloud infrastructure providers to host and store data. As a result, personal data may be processed or stored on servers located in multiple jurisdictions, including the United States and countries within the European Economic Area. Where required, we implement appropriate safeguards to ensure that such transfers comply with applicable data protection laws.
• Legal and Business Transfers. We may disclose personal data if required to comply with applicable law, legal process, or governmental request, to enforce our agreements, or to protect our rights or the safety of others. Personal data may also be transferred as part of a merger, acquisition, financing, or sale of assets, subject to appropriate safeguards.
• With your Consent. We may disclose personal data with your consent or at your direction.

6. Your Rights

Under applicable data protection laws, you may have the following rights with respect to your personal data. To exercise any of these rights, please contact us at [email protected].

• Access: Request information about the personal data we hold about you.
• Rectification. Request correction of inaccurate or incomplete personal data. If you have the ability to update certain information yourself (for example, through an online account), you are responsible for making these changes. Inaccurate or outdated information may affect your use of our Services.
• Erasure. Request deletion of your personal data, where we are not legally required to retain it. Please note that backup systems may prevent immediate deletion, and certain data may need to be retained for legal, organizational, or fraud-prevention purposes. All deletion requests will be recorded.
• Restriction of Processing. Request that processing of your personal data be restricted under certain circumstances.
• Objection. Object to the processing of your personal data, including for direct marketing purposes or processing based on legitimate interests.
• Data Portability. Request that data you have submitted be provided in a structured, commonly used, and machine-readable format.

To exercise any of these rights, we may need to verify your identity to ensure that your personal data is not disclosed to unauthorized parties.

You also have the right to lodge a complaint with the relevant Data Protection Supervisory Authority.

We do not charge for correcting your personal data. For other requests, we may charge a reasonable fee to cover administrative costs or decline requests that are repetitive, require disproportionate effort, compromise others' privacy, or are otherwise impractical.

7. Cross-Border Data Transfers

Our Services are supported by cloud-based infrastructure and third-party service providers located in various countries. As a result, personal data may be processed or stored outside the country from which you access the Services, including in the United States and countries within the European Economic Area (EEA). For example, we use cloud hosting providers to store data and support backup and disaster recovery, and third-party providers to deliver services such as payment services, email and other communication services.

Where personal data is transferred internationally, including from the EEA to countries that may not provide the same level of data protection, we implement appropriate safeguards in accordance with applicable data protection laws. These safeguards may include the use of Standard Contractual Clauses approved by the European Commission or reliance on European Commission adequacy decisions where applicable.

8. Data Retention

Personal data will not be retained for longer than is necessary in relation to the purposes for which such personal data was collected or otherwise processed, including for the purpose of ensuring the documents you uploaded are saved and backed up so that you can easily retrieve them if needed (e.g., for the provision of the Services).

In the event you withdraw your consent and there are no more legitimate grounds for the processing, your personal data will be removed within the time period required by applicable laws.

Unless otherwise provided in this Privacy Policy, we will keep your personal data while you have an account with us or while we are providing Services to you. Thereafter, we will keep your personal data for as long as is necessary:

• To respond to any questions, complaints or claims made by you or on your behalf.
• To provide Services as contracted by you.
• Please be aware that if you remove or delete data from your account, you will no longer see it, but some backups of the data may remain in our archive servers.
• To comply with legal obligations and to enforce our rights.
• To show that we treated you fairly.
• To keep records required by law.

We will not retain your personal data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of personal data. When it is no longer necessary to retain your Personal Information, we will delete or convert it to non-personal data.

9. Data Security

We use industry-standard physical, electronic, and procedural safeguards to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our servers and databases are secured with appropriate technologies, and access to personal information is limited to employees, contractors, and service providers who need it to perform their job functions.

While we strive to use commercially reasonable measures to protect your data, no method of transmission over the Internet or electronic storage is completely secure. You can also help protect your information by keeping your account credentials confidential and choosing strong passwords.

If you believe your personal information is no longer secure, for example, if your account may have been compromised, please contact us immediately using the information provided in the "Contact Us" section.

10. External Links

Our Services may include integrations with third-party services or links to websites, apps, platforms, or other services that are not owned or controlled by the Company. This Privacy Policy applies only to our processing of your personal data and does not cover the practices of these third parties. We are not responsible for the privacy practices, content, or terms of such third parties. We recommend that you review their privacy policies before using their services or providing any personal information.

11. Changes to the Policy

We may update, amend, or modify this Privacy Policy from time to time. Any changes will take effect immediately upon posting and will apply to any actions occurring after the effective date. You are responsible for reviewing this Privacy Policy regularly to stay informed of updates. You can easily see if changes have been made by checking the "Last Updated" date at the top of this Policy.

13. Contact Us

You can address any question or concern you may have with regard to this Privacy Policy, or if you have a reason to believe that your privacy has been compromised by sending an email to: [email protected] or by postal mail at: Agias Elenis, 36 GALAXIAS COMMERCIAL CENTRE, 4th floor, Flat/Office 403, 1061, Nicosia, Cyprus

You can also contact your local data protection authority for any inquiry or complaint.

Effective as of: March 18, 2026