Privacy Policy

Privacy Policy

This Privacy Policy explains how OkFarsi PDF Tools (https://okfarsi.com) collects, uses, stores, and shares information when you visit the site or use one of our PDF tools. It covers file handling, cookies, advertising through Google AdSense, analytics, and your legal rights under the GDPR, the UK GDPR, the ePrivacy rules, and similar data-protection frameworks worldwide.

Uploaded files are processed only to deliver the tool you chose and are deleted automatically after the retention window.
Uploads are scanned for malware before processing, and oversized uploads above 100 MB are rejected.
Operational logs and security controls are used to keep the service available, prevent abuse, and investigate incidents.
Advertising or analytics technologies must be handled with user consent where required, especially in the EEA, the UK, and Switzerland.

1. Who we are

The controller responsible for the processing described in this policy is OkFarsi, operator of https://okfarsi.com. For privacy questions, data-subject requests, or complaints, contact us at [email protected].

2. Summary: what actually happens to your files

When you use a tool, your file is uploaded over HTTPS to a processing worker. The tool performs the requested operation (merge, split, compress, convert, OCR, and so on), produces an output file, and makes it available for you to download. Both the uploaded source file and the generated output are deleted from our servers automatically a short time after your download completes, or within about one hour if you never download the result. We do not open, read, index, or retain the contents of your documents. We do not share them with advertisers, analytics providers, or machine-learning training pipelines.

3. Data we process

  • Uploaded files and conversion inputs you submit to use a tool.
  • Processed outputs produced by the tool for your download.
  • Contact details and message contents when you use the contact form or email us directly.
  • Technical data such as IP address, browser user-agent, approximate location derived from IP, timestamps, referrer URL, and request diagnostics.
  • Cookie and local-storage identifiers, including those placed by third-party services such as Google AdSense and consent-management tooling.
  • Advertising and measurement data that Google AdSense or other advertising partners may collect about the pages you view and the ads you see.

4. Why we process this data (legal bases)

We process personal data only where a lawful basis applies:

  • Contract / pre-contractual necessity — to accept your upload, run the selected tool, and deliver the output you requested.
  • Legitimate interests — to secure the service, prevent abuse, detect malware, enforce fair-use limits, debug failures, and maintain uptime.
  • Consent — for non-essential cookies, personalized advertising, and other non-essential tracking technologies. You give or withdraw consent via the cookie consent banner and the Cookie Settings link in the footer.
  • Legal obligations — where retention or disclosure is required by applicable law.

5. File processing and retention

Uploaded files are processed only to deliver the tool result you requested. The file is handled on an isolated worker instance, scanned for malware, and then removed under the following retention rules:

  • Completed output files are kept available for about one hour if you never download them, and are then deleted automatically.
  • Once you start a download, the file is removed from the server within about one minute.
  • If a tool job fails or is cancelled, temporary upload data is cleared within the same short retention window.
  • The only data we retain longer-term about a job is an anonymous job identifier and basic operational metadata (timestamp, file size, tool slug, success or error status) used for capacity planning and abuse prevention.

We do not back up your files to long-term storage. We do not transfer the contents of your files to advertisers, analytics platforms, or AI training datasets.

6. Cookies and similar technologies

Like most modern websites, we use cookies and similar technologies for different purposes. We split them into categories and only non-essential categories require consent:

  • Strictly necessary cookies — required to operate the site, maintain session state, support security features, and remember your cookie preferences. These do not require consent.
  • Functional cookies — remember non-essential settings such as UI preferences.
  • Analytics cookies — help us understand which tools are used and where visitors experience errors, in aggregate.
  • Advertising cookies — set by Google AdSense and any other advertising partners to deliver, frequency-cap, measure, and in some cases personalize the ads you see.

Where consent is legally required (for example, for visitors in the European Economic Area, the United Kingdom, and Switzerland), non-essential cookies and personalized advertising are blocked until you make a valid choice through the consent banner. You can change or withdraw your choice at any time from the Cookie Settings link in the footer.

7. Google AdSense and advertising

This site is supported in part by advertising served through Google AdSense. Google AdSense is an advertising program operated by Google LLC and Google Ireland Limited. When AdSense is active on a page, Google and its partners may use cookies, device identifiers, or similar technologies to:

  • serve ads based on page content or prior visits to our site and others;
  • measure ad performance and frequency-cap repeat impressions;
  • detect and prevent click fraud or invalid traffic;
  • deliver personalized advertising where the visitor has given consent (or where personalization is permitted under local law).

Third-party vendors, including Google, use cookies to serve ads based on your prior visits to this site or other websites. Google's use of advertising cookies enables it and its partners to serve ads to our visitors based on their visits to this and other sites on the internet. Visitors can opt out of personalized advertising by visiting Google Ads Settings. You can also learn more and manage personalized advertising across participating networks through aboutads.info (Digital Advertising Alliance) and youronlinechoices.eu (European Interactive Digital Advertising Alliance).

Google's own privacy practices are described in the Google Privacy Policy, and their use of data from sites that integrate Google services is described in the Google partner sites policy. For visitors in the EEA, the UK, or Switzerland, we rely on Google-certified Consent Management Platforms aligned with the IAB Transparency & Consent Framework to collect and transmit valid consent signals.

8. Analytics

We may use privacy-respecting analytics to understand aggregate usage patterns, identify broken tools, and plan capacity. Where analytics cookies or similar identifiers are used, they are subject to the same consent rules described in the Cookies section. We do not link analytics data to uploaded document contents.

9. Security measures

We apply technical and organizational measures appropriate to the risk, including:

  • TLS / HTTPS encryption for all uploads, downloads, and page views.
  • Isolated processing workers per job.
  • Automatic malware scanning of uploads.
  • Upload-size limits (currently 100 MB per file) to protect infrastructure.
  • Short, automatic retention windows for processed files.
  • Restricted administrative access, logged operations, and standard server hardening.

No system connected to the internet can be guaranteed completely secure, but these controls significantly reduce risk and minimize the amount of data sitting on our servers at any time.

10. Recipients and processors

We may share data with vetted service providers that help us operate the platform:

  • Hosting, infrastructure, storage, and content-delivery providers.
  • Security and malware-scanning services.
  • Google AdSense and related consent-management providers for ad serving and compliance.
  • Analytics providers where enabled.
  • Professional advisers, auditors, or public authorities where disclosure is legally required.

Each processor is bound by contractual obligations to process personal data only on our instructions and in compliance with applicable law.

11. International data transfers

Some of our service providers — including Google — process data outside the country where you live. Where personal data is transferred internationally, we rely on appropriate safeguards recognized under applicable data-protection law, such as adequacy decisions, Standard Contractual Clauses, or equivalent transfer mechanisms.

12. Your rights

Depending on your jurisdiction, you may have the right to:

  • request access to your personal data;
  • request correction of inaccurate data;
  • request deletion of data in certain circumstances;
  • request restriction or object to certain processing;
  • request data portability where applicable;
  • withdraw consent at any time for processing based on consent;
  • opt out of personalized advertising;
  • lodge a complaint with your local supervisory authority.

To exercise any of these rights, email [email protected]. We may need to verify your identity before acting on a request.

13. Children

The service is not directed to children under the age of digital consent in their jurisdiction. Do not submit personal data if you are below the applicable age. If you believe a child has provided personal data through the service, contact us and we will take appropriate steps to remove it.

14. Changes to this policy

We may update this policy to reflect changes to our service, to third-party integrations such as Google AdSense, or to legal and regulatory requirements. When we make material changes, the updated version will be posted on this page with a new last-updated date. Continued use of the service after an update constitutes acceptance of the revised policy, except where applicable law requires us to obtain fresh consent.

Last updated: March 20, 2026