Legal
Privacy Policy
Last updated: May 18, 2026
1. Introduction
anyformat.ai ("anyformat", "we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at anyformat.ai or use our document automation platform (collectively, the "Service").
We process data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.
2. Data Controller
anyformat.ai acts as the data controller for personal data collected through our website and platform. For questions about this policy or your personal data, please contact us at:
anyformat.aiEmail: info@anyformat.ai
3. Information We Collect
We collect the following categories of personal data:
- Account information: Name, email address, company name, and job title when you register or contact us.
- Usage data: Pages visited, features used, time spent on the platform, and interaction logs collected automatically.
- Device and technical data: IP address, browser type, operating system, and referring URLs.
- Communications: Emails, support requests, and other messages you send us.
- Document data: Documents and files you submit for processing through the Service. This data is processed solely to deliver the Service and is not used for other purposes.
4. How We Use Your Information
We use your personal data for the following purposes:
- To provide, maintain, and improve the Service.
- To authenticate your identity and manage your account.
- To process documents and execute automated workflows on your behalf.
- To communicate with you about your account, updates, and support requests.
- To send marketing communications where you have given consent (you may opt out at any time).
- To detect, investigate, and prevent fraudulent transactions and other illegal activities.
- To comply with legal obligations.
5. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your personal data on the following legal bases:
- Contractual necessity: Processing required to perform our contract with you (providing the Service).
- Legitimate interests: Processing for security, fraud prevention, analytics, and improving our Service.
- Consent: Marketing communications and non-essential cookies (you may withdraw consent at any time).
- Legal obligation: Processing required to comply with applicable law.
6. Data Sharing and Disclosure
We do not sell your personal data. We may share your information with:
- Service providers: Trusted third-party vendors who assist us in operating the platform (cloud infrastructure, analytics, customer support), bound by data processing agreements.
- Business partners: Only with your explicit consent.
- Legal authorities: Where required by law, court order, or governmental authority.
- Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.
7. Data Retention
We retain your personal data for as long as your account is active or as needed to provide the Service. Document data is retained only for the period necessary to process and deliver results, and can be configured for zero-retention at the Enterprise tier. Account data is deleted within 30 days of account termination upon request.
8. Data Security
We implement industry-standard security measures to protect your data, including AES-256 encryption at rest, TLS 1.2+ encryption in transit, role-based access controls, and regular security audits. We are currently undergoing ISO 27001 certification. However, no transmission over the internet is 100% secure, and we cannot guarantee absolute security.
9. International Data Transfers
Your data may be transferred to and processed in countries outside your country of residence. For transfers from the EEA to third countries, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data remains protected.
10. Your Rights
Under applicable data protection law, you have the right to:
- Access: Request a copy of the personal data we hold about you.
- Rectification: Request correction of inaccurate or incomplete data.
- Erasure: Request deletion of your personal data ("right to be forgotten").
- Restriction: Request that we restrict processing of your data in certain circumstances.
- Portability: Receive your data in a structured, machine-readable format.
- Objection: Object to processing based on legitimate interests or for direct marketing.
- Withdraw consent: Where processing is based on consent, withdraw it at any time.
To exercise these rights, contact us at info@anyformat.ai. You also have the right to lodge a complaint with your local data protection authority.
11. Cookies
We use cookies and similar tracking technologies to operate and improve the Service. Please see our Cookie Policy for detailed information about the cookies we use and how to manage your preferences.
12. Children's Privacy
The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.
14. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at info@anyformat.ai.
Practical guide
Protecting your personal data
A guide to understanding how your phone reached us and how to protect yourself.
A note from anyformat. We take your privacy very seriously. If you received a call from us on your personal number and you would prefer that we don't contact you again, we completely understand. Write to info@anyformat.ai and we'll remove you immediately.
15. How your phone reached us
Your number was likely obtained through one of these sources, without you having any direct interaction with us:
Professional networks (LinkedIn and similar)
LinkedIn and similar platforms are the main source of B2B data. Even if your number isn't public, third-party tools can access it through API integrations.
Data and enrichment providers
Companies like ZoomInfo, Apollo.io or Lusha compile data from public records, social networks and acquired datasets. A company may only have your name and email, and an "enrichment" tool automatically adds your phone — with no direct contact with you.
Events and business cards
When you sign up for conferences, webinars or trade fairs, your registration data is often shared with sponsors. Scanning your badge at a booth is equivalent to giving marketing consent.
Public records
Business registries, domain WHOIS records, professional licenses and other public documents may contain contact data that gets indexed by data providers.
16. How to prevent future data collection
LinkedIn privacy settings
- Go to Settings & Privacy → Visibility → Profile viewing options
- Under "Who can see your email address", choose Only me
- Remove or restrict the visibility of your phone in the Contact info section
- Disable Partner programs under data privacy settings
Separate professional contact
- Use a dedicated business number (Google Voice, second SIM)
- Create a separate email for subscriptions and downloads
- Don't use your personal phone on business registries or public forms
Caution at events
- Read the privacy policy before signing up for events or webinars
- Opt out of sponsor communications whenever possible
- Ask what data will be collected before handing over your card
17. How to request data deletion
You have the right to request the deletion of your personal data (GDPR in Europe, CCPA in the US). Here are the main providers:
| Provider | Link / Contact | Notes |
|---|---|---|
| ZoomInfo | zoominfo.com/privacy | Search your profile, then choose 'Manage my profile' |
| Apollo.io | apollo.io/privacy/delete | Enter your email to request deletion |
| Lusha | lushaprivacy.com | Verify your email to opt out |
| Cognism | cognism.privacy.saymine.io | 'Do Not Sell' form to request deletion |
| RocketReach | rocketreach.co/delete-profile | Enter your email to submit an opt-out request |
| Clearbit | clearbit.com/trust | Retrieve your profile and manage data preferences |
| Hunter.io | claim@hunter.io | Email requesting deletion of your data |
| Seamless.AI | privacy@seamless.ai | CCPA/GDPR deletion request by email |
| LeadIQ | leadiq.com/request-removal | Submit the removal request form |
Email template to request deletion
18. Apps to block unwanted calls
iPhone (iOS)
- Native feature: Settings → Phone → Silence Unknown Callers
- Truecaller (free): identifies and blocks spam calls
- Hiya — Caller ID: similar to Truecaller, also free
- RoboKiller: uses bots to waste spammers' time (subscription)
Android
- Native filter (Pixel): Phone → Settings → Caller ID and spam
- Truecaller: the most popular option with a large spam database
- Should I Answer?: privacy-focused, doesn't upload your contacts to servers
Note: most apps work by uploading your contact list to their servers to compare against spam databases. If you care about privacy, use "Should I Answer?" or your phone's native features.
19. Do Not Call registries
- Spain: Lista Robinson → listarobinson.es
- EU: your country's national exclusion registry (GDPR also guarantees the right to opt out)
- US: donotcall.gov (registration may take up to 31 days to take effect)
- UK: Telephone Preference Service → tpsonline.org.uk
We sincerely apologise for any inconvenience caused by receiving a call on your personal number. At anyformat we work hard to respect everyone's privacy. If you want us to delete your data, write to info@anyformat.ai and we'll do it straight away.