Version: v1-2026-05-27 Last updated: 2026-05-27 Applies to: Clok PDF (staging), including clok.one and pdf.clok.one
This Privacy Policy explains how Lukman NURIAKHMETOV (staging), tax / registration number 344222827378, registered at Staging environment β not a real entity, processes personal data when you use Clok PDF (staging).
(staging) self
support@stg.clok.team
For privacy requests, contact us at support@stg.clok.team.
1. Who we are
Lukman NURIAKHMETOV is the data controller for this EU deployment. We decide why and how personal data is processed for the service.
This EU deployment is operated separately from other regional deployments. We do not intentionally route EU uploaded files to non-EU/CIS processing infrastructure.
2. What the service does
Clok PDF (staging) lets you upload files and produce PDF-related outputs. Current operations include PDF compression, PDF merging, and conversion from supported office and text formats to PDF. Split PDF and PDF to JPG may be added later. Image-to-PDF conversion is not part of v1.
3. Personal data we process
| Data category | Purpose | Typical retention | | --------------------------------------------------------------------------- | ------------------------------------------------------------ | ---------------------------------------------------- | | Anonymous session identifiers, including pdf_session_id and pdf_user_id | Session continuity, quota enforcement, job ownership | 30 days | | Email address | Passwordless login, OTP delivery, receipts, service messages | Until account deletion or legal retention expiry | | Authentication session data | Keep you signed in after OTP login | Session or up to 30 days | | IP address and security logs | Rate limiting, abuse prevention, security diagnostics | 30 days where possible | | Uploaded files | Perform the operation you requested | Anonymous/free: 24 hours. Pro: 7 days | | Output files | Deliver processed files to you | Same as uploaded files | | Job metadata | Job status, history, debugging, support, abuse prevention | Up to 1 year unless a longer legal retention applies | | Audit and billing records | Security, billing reconciliation, legal/tax evidence | (staging) 13 months general, 7 years billing | | Payment identifiers | Manage paid plans and job credits | As needed for billing and legal/tax records | | Browser error reports | Debugging and reliability | 30 days | | Analytics identifiers | Usage analytics, conversion measurement, product improvement | According to the Cookie Policy and your consent |
We do not store card numbers. Payment providers process card data directly. We receive only identifiers such as customer ID, subscription ID, payment ID, status, amount, and billing metadata.
We do not manually inspect uploaded files except when you explicitly ask support to investigate a failed job.
4. Legal bases
We process personal data under GDPR Article 6 on the following bases:
| Processing | Legal basis | | --------------------------------------------------------------------------- | ---------------------------------------------------------- | | Providing file processing, accounts, downloads, paid plans, and job credits | Contract | | Security logs, rate limiting, fraud prevention, service diagnostics | Legitimate interests | | Required legal, tax, accounting, and billing records | Legal obligation | | Analytics cookies and similar technologies | Consent | | Support requests | Contract or legitimate interests, depending on the request |
You can withdraw consent for analytics cookies at any time through the cookie banner or browser settings.
5. Uploaded files
Uploaded and output files may contain personal data or confidential information. You are responsible for ensuring that you have the right to upload and process files through the service.
The service is not intended for special-category personal data, highly confidential documents, or data about other people unless you have a valid legal basis.
6. Subprocessors
We use the following processors for this EU deployment.
| Processor | Purpose | Data shared | Processing location | | ---------------------------------------- | ------------------------------------------------- | ------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- | | Beget | VPS, managed Postgres, object storage, Redis | Server-side application data, uploaded files, output files, logs | Riga, Latvia for EU infrastructure | | Resend | Transactional email, including OTP and receipts | Email address and message content needed to deliver the email | EU sending region where configured; account and operational data may be processed outside the EEA under the provider's transfer terms | | Stripe | Payments, subscriptions, checkout | Email, payment metadata, customer ID, payment ID, country, payment-method token handled by Stripe | International | | GitHub | Source code hosting and CI | Operator team data only; no intended end-user file content | United States / international | | Self-hosted GlitchTip at mon.clok.team | Error tracking | Stack traces, browser metadata, user ID where available, URLs, breadcrumbs | Operator-controlled infrastructure | | Google Analytics 4 | Analytics after consent | Pseudonymous client ID, page paths, product events; no file content | International | | Hotjar | Heatmaps and sampled session replay after consent | Pseudonymous session data and page interactions; no file content or email by default | EU / international according to provider settings |
We require processors to process data only under our instructions and to apply appropriate security measures.
7. International transfers
Some processors may process data outside the EEA. Where this happens, we rely on appropriate transfer mechanisms such as the European Commission's Standard Contractual Clauses, adequacy decisions, or equivalent safeguards.
8. Security
We use TLS in transit, access control, signed download URLs, short file retention, least-privilege operational access, and deletion jobs for expired files. We do not claim ISO 27001, SOC 2, or similar certification unless explicitly published.
9. Your rights
Depending on your location and circumstances, you may have the right to access, correct, delete, export, restrict, or object to processing of your personal data. You may also withdraw consent where processing is based on consent.
You may complain to your local data protection authority. For the French deployment, this may include the CNIL. For other EU users, you may contact your local supervisory authority.
10. Children
The service is not intended for children under 16. We do not knowingly collect data from children.
11. Breach notification
If a personal data breach creates a legal notification obligation under GDPR Article 33, we will notify the competent supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify affected users under GDPR Article 34.
We follow the same containment and investigation procedure used for the CIS deployment; see pdf-tools/docs/runbooks/incident-152fz-breach.md for the operational steps.
12. Changes
We may update this policy. For material changes, we will provide reasonable notice, usually by email for registered users or through the service.
13. Contact
Privacy requests: support@stg.clok.team Controller: Lukman NURIAKHMETOV, staging, 344222827378, Staging environment β not a real entity
Acceptance Required
By using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
Questions About This Document?
If you have any questions or concerns about this Privacy Policy, please don't hesitate to contact us.