Privacy Policy

*Last Updated: December 2024*

Our Zero-Knowledge Commitment

At PurePDF, we've built something revolutionary: a PDF processing service that cannot access your documents. Unlike traditional services, your files never leave your device. This isn't just a promise—it's a technical impossibility for us to see, store, or access your PDFs.

This makes PurePDF ideal for: - 🏥 Healthcare providers handling HIPAA-protected documents - ⚖️ Law firms processing confidential client information - 🏦 Financial institutions managing sensitive financial data - 🔒 Anyone who values absolute privacy

What We DON'T Collect (And Can't Collect)

Due to our client-side architecture, we CANNOT and DO NOT:

- ❌ See the contents of your PDFs - ❌ Access text, images, or data within your documents - ❌ Store your files on any server - ❌ View confidential information, including: - Protected Health Information (PHI) - Attorney-client privileged documents - Financial records or statements - Personal identification documents - Trade secrets or proprietary information - ❌ Track document names or metadata - ❌ Create copies of your files - ❌ Share your documents with anyone

Your files exist only in your browser's memory and are immediately discarded after processing.

What We DO Collect

We collect minimal information necessary to operate our service:

1. Account Information

When you create an account (optional for basic features): - Email address - Authentication tokens (managed by Supabase) - Subscription status

2. Usage Analytics

To maintain service quality and enforce fair usage: - Operation types (compress, merge, split, etc.) - File sizes in bytes (NOT contents) - Timestamp of operations - Number of operations performed - Processing time for performance monitoring

3. Technical Information

For service optimization and security: - Browser type and version - IP address (for rate limiting and security) - General device type (desktop/mobile) - Page views and feature usage (via Vercel Analytics)

4. Payment Information

Handled entirely by Stripe (we never see your card details): - Subscription tier - Billing cycle - Payment status

How We Use Information

We use the minimal data we collect to: - Provide and improve our service - Enforce usage limits for free tier - Process payments and manage subscriptions - Send service-related communications (if you have an account) - Prevent abuse and ensure security - Analyze aggregate usage patterns

Third-Party Services

We work with trusted partners who handle specific functions:

- Stripe: Payment processing (PCI-DSS compliant) - Supabase: Authentication and database - Vercel: Hosting and analytics - No advertising networks or data brokers

These partners cannot access your PDF contents because your files never leave your browser.

Data Security

Your Documents

- Processed entirely in your browser using WebAssembly - Never transmitted over the internet - Never stored on any server - Impossible for us or anyone else to access

Your Account Data

- Encrypted in transit using HTTPS/TLS - Stored securely in Supabase's infrastructure - Protected by industry-standard security measures - Minimal data collection philosophy

Compliance & Certifications

Our architecture provides built-in compliance advantages:

HIPAA (Healthcare)

- We are NOT a Business Associate because we never access PHI - No BAA (Business Associate Agreement) required - Healthcare providers can use PurePDF without HIPAA concerns

Legal Industry

- No risk of violating attorney-client privilege - No exposure of confidential case information - Suitable for law firms of all sizes

GDPR (European Union)

- Minimal data collection - Clear lawful basis for processing - Easy data deletion (we don't have your documents) - Full user rights supported

CCPA (California)

- We don't "sell" personal information - Minimal personal data collected - Simple opt-out process - Transparent data practices

Your Rights

You have the right to: - Access: Request information about data we have about you - Correction: Update incorrect information - Deletion: Request deletion of your account and associated data - Portability: Export your usage data - Opt-out: Disable analytics tracking - Restriction: Limit how we process your data

To exercise these rights, email: privacy@cleanpdf.app

Cookies

We use minimal cookies for: - Essential: Authentication and session management - Analytics: Understanding feature usage (Vercel Analytics) - Preferences: Remembering your settings

You can manage cookies through your browser settings.

Children's Privacy

PurePDF is not directed at children under 13. We do not knowingly collect information from children.

Industry-Specific Assurances

For Healthcare Professionals

- Zero HIPAA liability - we can't access PHI - No chain of custody concerns - No data retention of medical records - Safe for patient information

For Legal Professionals

- Attorney-client privilege protected - No discovery risk - Court-admissible processing (no third-party access) - Suitable for confidential settlements

For Financial Services

- No exposure of account numbers - PII remains completely private - No compliance burden for client data - Audit-friendly (no data trail)

Changes to This Policy

We'll notify you of significant changes via: - Email (if you have an account) - Website notification - Policy update date

Contact Us

Privacy Officer: privacy@cleanpdf.app General Support: support@cleanpdf.app Mailing Address: [Your Address]

Why This Matters

In an age of data breaches and privacy violations, PurePDF stands apart. We've architected privacy into the core of our service. When we say your documents are private, we mean it's technically impossible for us to access them. This isn't just good privacy—it's perfect privacy.