Security & Data Protection
Last updated: May 2026
Editing stays in your browser. When you export a PDF, files are sent securely to our server for processing, then discarded — they are not stored after your download completes.
How Processing Works
While you edit: PDFs are loaded and previewed in your browser using PDF.js. Reordering, annotations, text, signatures, and shapes are kept in browser memory on your device.
When you export: Your PDFs and edit data are sent over HTTPS to our server, merged into the final file, and returned for download. We do not keep them on disk after that request completes.
Libraries loaded from public CDNs (fonts, PDF.js, etc.) do not receive your document content during normal editing.
What We Do Not Do
- We do not permanently store your PDF files after export.
- We do not keep a library of your documents on our servers.
- We do not use AI, machine learning, or OCR to read or analyse your content.
- We do not require account registration or login.
- We do not share any document data with third parties.
CDN & Third-Party Scripts
PDF Tool loads resources from the following third-party CDNs for functionality and styling. These requests follow standard browser behaviour and do not transmit your PDF data:
- jsDelivr — pdf-lib library
- Cloudflare cdnjs — PDF.js, Font Awesome
- Google Fonts — Open Sans typeface
Cookies, Analytics & Local Storage
Document state stays in browser memory while you edit and is cleared when you close the tab. We do not persist your PDFs in local storage.
Google Analytics (GA4) may collect aggregated usage data after you consent via our cookie banner. IP anonymization is enabled in our GA configuration.
HTTPS
The site is served exclusively over HTTPS, ensuring the connection between your browser and the hosting server is encrypted in transit.
Questions
If you have questions about security or data handling, email hello@pdftool.website.