Privacy Policy

Last updated: May 2026

1. Controller

Data controller: justdf.com — contact: admin@justdf.com

2. What Data We Collect

Files you upload: Processed ephemerally in RAM. Not stored to disk. Deleted immediately after processing completes.

Server logs: IP address, timestamp, browser user-agent, and HTTP status codes are retained for up to 14 days for security and abuse prevention purposes.

Contact form submissions: Name, email address, and message text when you voluntarily contact us.

3. Legal Basis (GDPR Art. 6)

Processing your uploaded files: Legitimate interest (providing the requested service). Contact forms: Consent. Server logs: Legitimate interest (security).

4. Data Retention

Uploaded files: Deleted within seconds of processing. Server logs: 14 days. Contact records: 2 years or until erasure is requested.

5. Your Rights under GDPR

You have the right to access, rectify, erase, restrict, or port your personal data. To exercise your Right to Erasure (Art. 17), use our GDPR Erasure Portal. For other requests, email admin@justdf.com. We respond within 30 days.

6. Cookies

justdf.com uses no tracking cookies. A session cookie may be set by the content-unlock provider when you interact with the locker widget. This is governed by the third-party provider's own privacy policy.

7. Third Parties

We use Cloudflare for CDN and DDoS protection (see Cloudflare's privacy policy). The content-unlock provider (AdBlueMedia) operates under their own data processing terms. We do not sell personal data.

8. International Transfers

Our servers are located in Europe. Cloudflare's global network may process request metadata in other regions under Standard Contractual Clauses.

9. Changes

We may update this policy. The "Last updated" date will change accordingly. Continued use constitutes acceptance.