Privacy Policy
Effective Date: 01 July 2025
Last updated: 17 March 2026
OVR Technologies LLC (“OVR,” “we,” “our”) operates the Convert Webpage to PDF browser extension and https://convert-webpage-to-pdf.com (the “Service”). We respect your privacy and collect the minimum data needed to run the Service. This Policy explains what we collect, why, and how you can exercise control.
1. Who we are
OVR Technologies LLC
5830 E 2nd St, Ste 7000 #17374
Casper, WY 82609, USA
Data‑Protection Officer • dpo@convert-webpage-to-pdf.com
General contact • hello@convert-webpage-to-pdf.com
2. Scope
This Policy covers data handled by the Service. It does not apply to external websites or services you may reach via links.
3. What data we collect & why
| Category | What we receive | Purpose | Legal basis (GDPR) |
|---|---|---|---|
| Usage analytics |
| Understand usage & improve Service | Art 6 (1) (f) - legitimate interest |
| Support email | Email address & message | Answer questions, fix bugs | Art 6 (1) (b) - contract |
| Payment data | Order ID, amount, status (from Lemonsqueezy) | Provide Pro features & refunds | Art 6 (1) (b) |
| Google sign‑in (Pro) | Gmail address & Google account ID | Identify Pro subscribers | Art 6 (1) (b) |
| Facebook sign‑in (Pro) | Facebook account ID & email address | Identify Pro subscribers | Art 6 (1) (b) |
| Twitter/X sign‑in (Pro) | Twitter/X account ID & email address | Identify Pro subscribers | Art 6 (1) (b) |
| Email delivery | Recipient & metadata (via Amazon SES, eu‑central‑1) | Send receipts & notices | Art 6 (1) (b) |
| Session cookie | session_id - secure, HTTP‑only | Keep you logged in to Pro | Art 6 (1) (b) |
| Cloud sharing | PDF file uploaded directly from your browser to Google Drive, Dropbox, or OneDrive (OVR does not receive or store the file) | User‑initiated sharing | Art 6 (1) (a) - consent |
| Share‑link feature | PDF uploaded to OVR infrastructure (Cloudflare R2) | Generate a shareable link | Art 6 (1) (b) |
| PDF optimization | PDF file sent to OVR’s EU server, processed, and returned; not retained after response | Reduce file size (Pro) | Art 6 (1) (b) |
| Local browser storage |
| Extension functionality | Art 6 (1) (b) + Art 6 (1) (f) |
No page content leaves your browser during basic conversion. Optional cloud features are described above.
Social sign‑in providers (Google, Facebook, Twitter/X) act as independent identity providers. We do not send your data to them; we only receive your verified email address after you approve the sign‑in.
Cloud sharing (Google Drive, Dropbox, OneDrive) uploads files directly from your browser to the chosen provider. OVR’s servers are never in the data path for these uploads.
Persistent OAuth grants: Dropbox and OneDrive connections use offline access (refresh tokens stored in your browser’s local storage). Access persists until you revoke it via the provider’s account settings or clear the extension’s data.
4. How long we keep data
| Data | Retention |
|---|---|
| Usage analytics events | 1 year, then deleted |
| PDF optimization uploads | Deleted immediately after delivery |
| Share‑link files (R2) | 30 days, then auto‑deleted |
| Cloud sharing (Drive / Dropbox / OneDrive) | Stored by the provider per their own policies; OVR does not retain copies |
| Email address (Pro) | While subscription active +24 months |
| Payment & invoices | 7 years (legal duty) |
| Support email threads | Ticket closed +12 months |
| Local browser storage | Until you clear extension data or uninstall |
5. Sub‑processors & international transfers
| Processor | Role | Location | Safeguards |
|---|---|---|---|
| Hetzner Online GmbH | Dedicated server | Germany (EU) | Data stays in EU |
| Amazon Web Services – SES | Transactional email | Germany (eu‑central‑1) | Data stays in EU |
| Lemonsqueezy, Inc. | Merchant of Record & billing | EU & US | Standard Contractual Clauses |
| Cloudflare, Inc. | Object storage (share‑links) | Eastern North America | Standard Contractual Clauses |
If data leaves the EU/EEA we rely on GDPR Art 46 (Standard Contractual Clauses) and vendor security certifications.
6. Security
- TLS 1.2+ encryption in transit
- Disk encryption at rest
- Least‑privilege access controls
- Daily encrypted backups (EU)
- Regular patching & vulnerability scans
7. Your rights & data deletion
You may access, correct, erase, restrict, object to, or request portability of your personal data. To delete your data, email us from the same email address used for registration at dpo@convert-webpage-to-pdf.com or hello@convert-webpage-to-pdf.com. We will honour the request within 30 days (unless retention is required by law).
You may also lodge a complaint with your local supervisory authority.
8. California residents
OVR does not sell personal information. We do not share personal information for cross‑context behavioural advertising. We honour Do Not Track browser signals — the Service does not use tracking cookies.
If you are a California resident, you may exercise the right to know, delete, and opt out of sale (which does not apply, as we do not sell data) by emailing dpo@convert-webpage-to-pdf.com.
9. Google API Services
The Service’s use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.
10. Children’s privacy
The Service is not directed to children under 13. We do not knowingly collect their data.
11. Changes to this Policy
Material changes will be announced in‑extension or on our site at least 7 days in advance. The “Last updated” date will change accordingly.
12. Contact
OVR Technologies LLC
5830 E 2nd St, Ste 7000 #17374
Casper, WY 82609, USA
General • hello@convert-webpage-to-pdf.com
Privacy/DPO • dpo@convert-webpage-to-pdf.com
Legal/DMCA • legal@convert-webpage-to-pdf.com
Thank you for using Convert Webpage to PDF!