GDPR Compliance - Summary

Summary of Our Compliance to General Data Protection EU Regulation

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR's primary aim is to give control to individuals over their personal data.

In case you choose to purchaise our Hosted Solution, Papermerge automatically becomes protector of your data and we are subject to General Data Protection Regulation.

This page describes only the most important aspect of our GDPR Compliance. Full text of our GDPR compliance can be found in Papermerge GDPR Compliance Policy.

Payment Data

We collect data necessary to process your payment if you make purchases, such as your payment card number, and the security code associated with your payment instrument. However we do not store any payment information on our servers. All payment data is stored by our payment processor – - and you should review their privacy policy and contact the payment processor directly to respond to your questions.

Your Documents

The principle of Papermerge is convenient way of document management. With Papermerge you can digitally archive your documents in a central location, organize them and access them from anywhere. You can also remove your documents from our platform at any time or export them in a common file format and save them elsewhere. Papermerge allows you to structure the documents and recognizes all important information. With the help of Papermerge, documents can be found quickly and easily thanks to intelligent organization and search functions.

We do NOT give, sell or transmit, neither your documents nor derivative information from your documents to 3rd parties. Your documents stay on our servers, and it is the core of our business to keep your documents safe and secure. Your data is yours only and our business is to guard your data securely. We rent servers from In order to assure long term storage of your documents we make backups twice a day. Backups are encrypted using AES 256 CBC algorithm with 2048 bit X509 certificates. Encrypted backups are stored on two remote AWS S3 servers located in two distinct data centers.

Will your information be shared with anyone?

In short: No. We only share information with your consent, to comply with laws, to protect your rights, or to fulfill business obligations.

Our business is registered in Germany and it complies to German legislation. Germany has very strict laws regarding individual privacy and private data protection.

We only share and disclose your information in the following situations:

  • Compliance with Laws. We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.

  • Vital Interests and Legal Rights We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

  • Business Partners As mentioned before, we rent our servers from In that context we store documents you upload on Linode is known for their good privacy policies. You may want to review their privacy policy as well. Encrypted backups (with AES 256 CBC) are stored on AWS S3 servers.


We use cookies only to enable technological features like sign in, sign out, html forms which without cookies won’t be possible. We do NOT use cookies to track your identity.

Is your information transferred internationally?

We may transfer, store, and process your information in countries other than your own.

Your Papermerge host servers will be deployed on servers located in region you choose during registration process. In order to ensure safety and long term storage of your data - we may transfer encrypted backups of your data to different regional servers. Please note that NO 3rd party, partner or company may access user or process data stored in backups because backups are encrypted using highly secure AES 256 CBC algorithm.

Full Version

As mentioned before, this page contains only the most important of points of our GDPR Compliance policy.

You can read complete version of our GDPR Compliance Policy document at this link.

Hosted Solution

We offer affordable plans for 59,- / Month to enable you to focus on your own business and let us handle the installation, maintenance and secure data backups of your Papermerge instance.