Privacy Policy

Your privacy is our top priority. We've designed ExactPDF with privacy-first architecture.

Last Updated: December 2024

🔒 Privacy-First Design: ExactPDF processes all your PDF files locally on your device. Your documents never leave your computer, ensuring complete privacy and security.

Our Privacy Principles

Zero Server Processing

Implemented

All PDF operations happen locally in your browser using WebAssembly and JavaScript. Your files never leave your device.

No File Storage

Implemented

We do not store, cache, or retain any of your PDF files or their contents on our servers.

Minimal Network Usage

Implemented

Only essential app resources are downloaded. No file data is transmitted over the network.

Local Storage Only

Implemented

User preferences and authentication tokens are stored locally in your browser.

What Information We Collect

Account Information

Data: Email address, name, profile picture (from OAuth providers)

Purpose: User authentication and account management

Storage: Supabase (encrypted)

Retention: Until account deletion

Usage Analytics

Data: Feature usage, error logs, performance metrics

Purpose: Service improvement and debugging

Storage: Anonymized logs

Retention: 90 days maximum

Payment Information

Data: Billing details, transaction history

Purpose: Payment processing and billing

Storage: Stripe (PCI compliant)

Retention: As required by law

PDF Files

Data: None - all processing is local

Purpose: N/A - files never leave your device

Storage: Your device only

Retention: Controlled by you

Local Processing Architecture

Technical Implementation: We use PDF.js, jsPDF, and pdf-lib libraries that run entirely in your browser using WebAssembly and JavaScript.

PDF files are processed using client-side JavaScript libraries
No server-side processing or file uploads required
All operations happen in your browser's memory
Files are never written to our servers or temporary storage
Results are generated locally and downloaded directly
No intermediate server storage or processing
Browser security sandbox protects your data
Same-origin policy and HTTPS ensure secure processing

Privacy Trade-offs and Limitations

Honest Disclosure: While local processing provides maximum privacy, it comes with certain limitations that we want you to understand.

Device Performance Dependency
Processing speed depends on your device's capabilities and available memory
Browser Compatibility Requirements
Requires modern browsers with WebAssembly support for optimal performance
Large File Limitations
Very large PDF files may cause browser memory issues or slower processing
No Cross-Device Sync
Processed files and settings don't sync across devices (by design for privacy)

Your Privacy Rights

Right to Data Portability
Export your account data and settings at any time
Right to Deletion
Delete your account and all associated data permanently
Right to Access
View all data we have about you through your account dashboard
Right to Rectification
Correct any inaccurate personal information in your account

Security Measures

Technical Safeguards

HTTPS encryption for all communications
OAuth 2.0 for secure authentication
Content Security Policy (CSP) headers
Regular security audits and updates

Operational Safeguards

Minimal data collection practices
Regular staff security training
Incident response procedures
Third-party security assessments

Contact Us About Privacy

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@exactpdf.com

Data Protection Officer: dpo@exactpdf.com

Response Time: We respond to privacy inquiries within 72 hours

This Privacy Policy is effective as of December 2024 and was last updated on December 2024.