- Which types of personal data does ABBYY collect about you, and how do we collect it?
- Why and on what legal basis does ABBYY use your information?
- Google Analytics and other third-party analytics services
- With whom does ABBYY share information collected?
- Where does ABBYY store the personal data that we collect from you?
- Third-party links
- What do we do to protect the personal data we collect from you?
- How long do we store your personal data?
- What if a child sends ABBYY her/his personal data?
- Your rights
- How can you contact us?
- How and when does ABBYY change this Policy?
- Archived Policies
Effective Date: 21.08.2023
ABBYY Solutions respects your privacy and pays great attention to the protection of your personal data. When stating ”ABBYY,” ”we,” or ”us,” we are referring to ABBYY Solutions acting as controller with respect to the collection or processing of your personal data.
Conditions for the attention of business clients:
- What personal data we collect
- Why we collect it
- What we do with it
The information below will elaborate on these three topics. Please read it carefully as it is very important. Our goal is to present the description and the handling of your personal data concisely, using clear and simple language to make this policy quick and easy to read and understand.
If you need the definition of certain terms such as “Cookie”, or “IP,” please consult our vocabulary. We also marked certain parts of the document to better explain certain topics. Just click on the dot and you will receive more information. In any case, if you have a question or complaint, please contact us via the link here or by contacting us as outlined in section 11 (How can you contact us?).
Information you give ABBYY
Many of our products ask you to register with us. If you register, you will give us your personal dataAny information that can identify you or that is known to be information about you., including but not limited to your name or e-mail address for creating your account. If you choose to register with our blogs or forums, we might also ask you to create a publicly visible profile that may include your name, age and a photo. Providing this information will allow you to post reviews and to participate in our discussion forums.
Information for providing our products and services
We provide various products and services (e.g., technical support and professional servicesConsulting, training, support and project implementation services around ABBYY products and technologies to ABBYY clients and partners) with different methods of delivery. Some may be used as an on-premises or cloud solution. Some of the products can be used on mobile device only.
In general, when you use our products and services, you may send us information that may contain personal data such as name, e-mail address, etc. It is your responsibility to decide which information you want to send us and process via our products and services. Below, you can find more information on data collection in our products and services:
Cloud productsCloud products
• ABBYY Timeline
• ABBYY Vantage
• ABBYY FlexiCapture Cloud
• ABBYY FlexiCapture For Invoices
• ABBYY Cloud OCR SDK and professional services for business clients
ABBYY processes the data that is uploaded in its cloud product and provided to us during professional services on the basis of the DPA, as described above.
On-premise productsOn-premise products
• ABBYY Timeline
• ABBYY Vantage
• ABBYY FineReader Server
• ABBYY FineReader PDF products (for example, ABBYY FineReader PDF 16)
• ABBYY FlexiCapture
• ABBYY FlexiCapture For Invoices
• ABBYY FlexiCapture SDK
• ABBYY FineReader Engine (for example, ABBYY FineReader Engine 12)
ABBYY does not have access to any of the data in the documents that you process in our on-premise products. For example, when you digitize, convert, or recognize any document by using ABBYY FineReader PDF, ABBYY does not have access to any data in such document. ABBYY may only receive aggregate data about product usage (e.g., statistics) for billing, analytical, and fraud prevention purposes.
Mobile productsMobile products
ABBYY Business Card Reader
ABBYY Business Card Reader supports optical character recognition (OCR) function on the device (without sending it anywhere) and extracts information from business cards. The extracted data can be saved locally within the application or exported to the device’s contact list or a specific CRM using the credentials provided by the user.
ABBYY FineReader PDF Mobile
ABBYY FineReader PDF Mobile supports optical character recognition (OCR) function both on the device (without sending it somewhere) and using the cloud version of OCR (time-limited access during recognition). In the device recognition scenario, all documents are stored and processed on the device only. At user discretion, FineReader PDF Mobile allows sending data to third-party cloud services where a user has an account (the list of such third-party cloud services is presented in the FineReader PDF Mobile application).
Support and request information
You send us information that may contain personal data, such as your identity or contact info, when you request our help with one of our products/services, or to receive information about ABBYY and/or our products/services.
News and marketing information
We may collect and process marketing and communications data such as your preferences in relation to receiving marketing information from us and third parties. This also applies to the way we communicate with you when you give us your data by filling in forms and by corresponding with us by post, phone, email, or otherwise when you request marketing materials. We sometimes also give you the ability to take part in surveys where we ask you to give us such information as e-mail address and your feedback about our products and websites. We may also ask you to subscribe to receive newslettersExamples
news related to ABBYY products and technologies, invitations to events and webinars, and information about whitepapers and content related to ABBYY products and services. We will only process your data for the purposes in this paragraph if we are allowed to do so under applicable law (because you consented to it or otherwise).
Information that ABBYY receives from your use of our products and websites
We may collect and store information on your device using local storage of your browser or application.
DeviceA computer that you use to acquire our products or visit our websites. For example, it can be a desktop computer, notebook, smartphone or tablet. information
We collect information about your device (such as type and version of your browser and operating system, type and model of your device, and unique identifiersA combination of characters or symbols that is associated with your device by the manufacturer that can be used for identification of that device. There are many examples of such identifiers: Android_id or UDID (unique device identifier), IMEI (International Mobile Equipment Identity) for mobile phones or various identifiers of social networks or advertising companies. One device may have several unique identifiers. Unique identifiers have different lifespans. Some of them may be easily accessible to you, while others are not. Unique identifiers can be used for various purposes – from providing a mobile version of a website if you use a mobile phone to detect fraud, provide security and show relevant advertisement on the basis of analysis of your preferences and behaviour when you visit a website from you device. about your device). We may associate your identifiersThis helps us customize our products or websites to a specific device that you use and to your preferences. This also allows us to understand what types of devices users prefer so that we can focus on improving our products or websites for these devices with your other information that we have collected.
When you use our products, visit our websites, or review the information we send you, we automatically collect and store certain information in server logsWhen you visit our websites, our servers automatically record the page requests made. Usually such logs include your web request, Internet Protocol address, type and language of your browser, time of your request and text that can identify your browser. Here is an example of a typical log entry where the search is for “flexicapture”, followed by a breakdown of its parts:
05.02.2010 10:29:41 GET /search/ searchText=flexicaptureMozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/65.0.323252.181+Safari/537.36 https://www.abbyy.com/lp/sdk/licensing-pricing/1002.752.7.19434
∙ 05.02.2010 10:29:41 is the date and time of the query;
∙ GET /search/ searchText=flexicapture is the requested path, including method and the search query;
∙ Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/65.0.323252.181+Safari/537.36 is the browser and operating system being used;
∙ https://www.abbyy.com/lp/sdk/licensing-pricing/ is the URL-address of the webpage that linked to the resource being requested.
∙ 1002.752.7.19434 is the Internet Protocol address assigned to the user by the user’s ISP;
depending on the user’s service, a different address may be assigned to the user by their service provider each time they connect to the Internet.. This may includes:
- Information on how you used our products and websites
- Internet Protocol (IP) addressWhen you use a device online, it receives an Internet protocol address (IP). It looks like a combination of numbers (220.127.116.11.01) Usually, this combination depends on the location from where you use your device online. It means that the IP can also be used to identify your location.
- Technical informationExample
crashes, system activity, hardware settings, browser type and language, the date and time of your request and referral URL. about your device
A cookie is a small text file. When you visit our websites, they ask your browser to put and store a cookie on your device to remember such information as your language or location to understand your preferences and customize the design of our websites for you. Cookies cannot read data from your device and cannot download information from any other cookies created by other websites. that may uniquely identify your browser or your product account
We use your IP address and the other log information to help us understand which language to use for you and for statistical purposes to improve our products and websites.
Unique identification numbers
Our products usually have a unique identification numberExample
It can be Application_ID or License Serial Number, install_ID or uninstall_ID.
We use such identifiers to protect you and us. For example, you bought product to process 100 pages. When you used all 100 pages, such identifiers will tell us to stop providing you our product.
They also protect you from other persons who wants to use your version/copy of the product. Identifiers idenitfy your device and allow us to prohibit other persons from using or accessing your account from their devices. . This number can be sent to us from your device when you launch, register, and install or uninstall a specific product. Some of our products periodically connect to our servers for automatic updates or send statistical informationWe may receive such details as how often you use our product or the amount of product you have used. We use it to understand what features of our product we should improve, how to improve your experience and for fraud detection. We can also use statistical information for calculating your payments for our different products you have used. about your use of our product. For example, in the course of limited license activation, re-activation, and deactivation, ABBYY may collect pseudonymized information about a) user device’s hardware configuration and operating system configuration (e.g., version of operating system), and/or b) user usage of licenses and/or information about number of pages recognized through the use of a license (if applicable).
Information that ABBYY receives from third parties
ABBYY may receive personal data such as contact, financial, and transaction data about you from our partner e-stores, product resellers, or marketing partners if and in so far as allowed by applicable law.
For some products and services, including social networks, we receive and store sign-in information, as well as other information that you allow us to receive when you connect our product and services with social networks.
We may further receive technical data from analytics providers such as Google.
Failure to provide personal data where requested
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you do not provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with products or services). As a result, we may have to cancel the contract.
We may use your personal data for or in connection with the following purposes and based on the following legal basis:
a. Where necessary to establish and perform your contract with us, such as where you buy products directly from us or our partners or to provide you information, products, and technical support that you request from us.
b. Where necessary to comply with a legal obligation such as
- To comply with laws and regulations that are applicable to us in the country located at the EEA; and
- disclosures to law enforcement agencies or in connection with legal claims, compliance, regulatory, investigative, and disciplinary purposes (including disclosure of such information in connection with legal process or litigation) and informal requests from law enforcement or other governmental authorities.
c. Where necessary for ABBYY’s legitimate interests in connection with the purposes listed below, and where our interests are not overridden by your data protection rights:
- To let you know about changes to our products and websites
- To provide you information about other similar products we have
- To supportExample
When you have a question about the functionality of our product, you send us that question with information about faults, errors or bugs to fix. We also check our servers to work properly. If a server has shut down or has errors, unusual work peaks, we can look at server logs to understand what caused the problem and fix it., improve, and check our websites, products, and services
- To monitor potentially illegal activities and securityExample
We collect install identifier to protect us from fraud. We collect account details to protect your access to products and your information. (e.g., fraud prevention)
- To enable you take part in interactive features of our websites when you choose to do so
- To keep our websites and products safe and secureExample
We collect IP addresses to protect our products and websites against online attacks like Distributed Denial of Service (DDoS) attacks. We can also check server logs to analyze the roots of such attack.
- To measure or understand the effectiveness of advertising we send you and others, and to deliver relevant advertising to you
- To make suggestions and recommendations to you and other users of our websites about our products
- To test and analyze statistics and survey results
- For statistical (e.g., billing and analytical) purposes
- To provide product and services management and research and development (e.g., product improvementExample
We use information for training our products to better understand existing font types or languages contained within your information during your use of our products. We can also use it to train our products to understand new information we receive from you to provide new functions in our products., new product features or versionsExample
When you send information to use products, we analyze it to understand what new products we should create to satisfy your needs).
d. Processing for marketing and communication purposes is based on our legitimate interests or your consent as required by applicable law. You have the right to withdraw your consent at any time (to “opt out”). You can opt-out by using the link here or emailing email@example.com, or, in case of electronic direct marketing, by following the instructions in the communication.
We will not use or otherwise process your personal data for any other purposes, unless we have legal grounds to do so (e.g., you provide us with your additional consent before such use).
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of our websites. You can also prevent the data generated by cookies about your use of our websites (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the Disable Google AnalyticsExample
['ga-disable-UA-XXXXX-Y'] = true; should be implemented. Please note that this script must be included on every tracked page, as this is the only way to check for an opt-out for each visit of the user. link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google AnalyticsExample
Please see a reference to the above value at https://developers.google.com/analytics/devguides/collection/analyticsjs/user-opt-out#opt-out_of_measurement_for_your_site.. For more information about how Google Analytics handles user data, see: https://policies.google.com/technologies/partner-sites?hl=en and https://support.google.com/analytics/answer/6004245?hl=en.
Other third-party analytics services
We may share your personal data to comply with laws and regulations that are applicable to us for the abovementioned purposes with the following third parties, in each case always only in accordance with applicable data protection laws:
We may disclose your personal data to current or future affiliatesThe following legal entities that belong to the ABBYY Group of companies:
• ABBYY USA Software House, Inc. located in the United States of America
• ABBYY Australia Pty Ltd. located in Australia
• Tri-Pod LLC located in Ukraine
• ABBYY Japan Co., Ltd. located in Japan
• ABBYY Solutions Ltd. located in Germany , representative officesRepresentative Office of ABBYY Europe GmbH in Ukraine, or subsidiaries for business administration, support purposes, improvement, research and development of our products and websites, and any other abovementioned purposes.
Service providers for external processing
We may provide personal data to our partners for their own for marketing and promotional purposesExample
• To understand what languages should be used in marketing materials
• To target the location of our advertising based on statistics
• To show manufacturers that our products are popular in a location and encourage them to work with ABBYY in that location provided that we have legal grounds to do so.
Government authorities/law enforcement officials
In some circumstancesWhen it is necessary under the applicable law, we must share information with law enforcement bodies such as courts, police and tax bodies. Our lawyers review such requests and we sometimes do not share information when a request is overbroad, not specific or violates the official procedure., it may become necessary for us to share your information with government authoritiesExample
Courts, police, tax bodies., law enforcement officials, or regulatory bodies as required by law or for administrative purposes and to the extent that local law allows and/or requires this:
- To comply with applicable lawsWhen it is necessary under the applicable law, we must share information with law enforcement bodies such as courts, police and tax bodies. Our lawyers review such requests and we sometimes do not share information when a request is overbroad, not specific or violates the official procedure., legal actions or lawful request of state authorities
- To protectExample
We may share information about you with courts and other state bodies to protect us and others against fraud. We may also defend safety and security of our users against somebody who wants to crash our websites or products. We may also share information when we sell or buy a business or in the case of bankruptcy. our rights, property or safety, our users or others under the applicable laws
- To fulfil our obligationsExample
If you do not pay for a not-for-free product, we may enforce our rights in court. under our agreement with you
- To check, prevent, and investigate fraud, security, or technical issues
Potential buyers and advisers in connection with corporate transactions
In the event that the business is sold or integrated with another business, we may (subject to the applicable laws) disclose your personal data to our advisers and any prospective purchaser’s adviser and will pass this data to the new owner of the business.
ABBYY group is a businessWe have offices throughout the world. with a global presence, therefore ABBYY Solutions may share your personal data with its affiliatesNext entities that belong to ABBYY Group of companies:
• ABBYY USA Software House, Inc. located in the United States of America
• ABBYY Australia Pty Ltd. located in Australia
• ABBYY Japan Co., Ltd. located in Japan
• Tri-Pod LLC located in Ukraine
In these cases, after these data transfers, your personal data may be subject to the laws of other countries, where the data protection may not be as comprehensive as your country of residence. Before we will send your personal data outside of the EEA, we and our affiliates and partners ensure that the country has an adequate level of protection which is approved by the European Commission. If a country does not have adequate protection, will use the following appropriate legal safeguards to protect your personal data so that these data transfers are in full compliance with applicable data protection lawsExample
To ensure that the service providers provide adequate data protection if they store your personal data in the United States.:
Click on any of the items above to receive additional information. For further information or to request a copy of the aforementioned safeguards, please email firstname.lastname@example.org.
Your personal data may be disclosed in response to inquiries or requests from government authorities in the countries in which we operate.
We strive to maintain the highest standards of security, and ABBYY has put in place robust technical and organizational measures for the protection of your data in accordance with the current, general state-of-the-art technologies, especially to protect the data against loss, falsification, or access by unauthorized third persons:
- We use reasonable security measuresExample
• We limit access to personal data to our employees and service providers who need to use it for their duties only and who are subject to confidentiality requirements. Our employees have passwords and cards for access to information. If they fail their duty of confidentiality, we can terminate their services or control their subsequent access and/or impose fines on them.
• We use firewall and malware protection to protect information against various attacks and viruses. Although we take reasonable precautions to assess the reliability of such technology, we rely on the statements of the technology vendors as part of its security evaluation. to protect the information we have against loss, theft and unauthorized use, disclosure or modification
- We continuously analyze and check our procedures of collection, storage, and use of information including trainings of our staff
- We use encryptionWe code your information so that we use a secret key to read this information. Only we know that key. For example, we use Hypertext Transfer Protocol Secure (HTTPS) to protect connection between your device and our server. for many of our products
Please note that although we work hard to protect security of our products and websites, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our website; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorized access. We also ask you to take every precaution to protect your personal data when you are on the Internet.
We will keep personal data for as long as necessary to provide the products and services you have requested. Afterwards, we may retain data for an appropriate period to protect ourselves from legal claims, to administer our business, or to the extent permitted by applicable law, which may require us to hold your personal data for specific periods. We will delete your personal data when you withdraw your consent, if there is no other legal ground for further processing (e.g., a statutory obligation to retain your personal data), or when you object to the processing in accordance with “Your rights” (see below), or when we are obliged to delete it in accordance with an obligation under applicable law. For further information about our approach to data retention, please inquire at email@example.com.
We do not knowingly collect information about children and do not sell or market our products intentionally to minors. Our products are for business and corporate needs. If a child whom we know to be under 16 sends personal data to us, we will use that data only to respond directly to that child to inform him or her that we must have parental consent before receiving his or her personal data.
Under the EEA privacy laws, you have the following individual rights related to your personal data:
- Right of access, including a copy of your personal data
- Right of rectification
- Right to objection
- Right to erasure or “right to be forgotten”
- Right to restriction
- Right to data portability
- Right to withdraw your consent where our processing is based in your consent
- Right to lodge a complaint with a supervisory authority
Commissioner for Personal Data Protection:
1 Iasonos Street
P.O. Box 23378, CY-1682 Nicosia
Tel: +357 22 818 456
However, we would appreciate the opportunity to address your concerns before you approach the authority, so please contact us initially.
Your personal data rights may be limited or subject to exceptions in some situations for example, where ABBYY demonstrates that it has a legal requirement to process your data (such as where tax authorities require us to retain it), or where it is needed for proper performance of a contract.
Where ABBYY has asked for your consent to process personal data and that consent is withdrawn, we will not process that personal data further but may not be able to continue providing the products or services for which the personal data was sought. Where ABBYY has a legal right or obligation to retain personal data or wishes to do so in connection with its legitimate interests, it may do so even if you have withdrawn consent for ABBYY to hold your personal data.
Where ABBYY requires personal data to comply with legal or contractual obligations, the provision of such data is mandatory. If such data is not provided, ABBYY will not be able to manage the engagement relationship, or to meet obligations placed on it. In all other cases, provision of requested personal data is optional.
To request information about how we use or share your personal data, exert any other right under applicable data protection law, or to raise a complaint or ask a general question related to data processing by us, you can contact us at:
ABBYY Solutions Ltd.
PO BOX 16257, CY-2087, Nicosia, Cyprus (postal address)
Michail Karaoli 2, Egkomi, P.C. 2404, Nicosia, Cyprus
Tel: +357 22 68 06 35
Data Protection Officer
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the data protection authority in your country.