Privacy Policy

1. What we collect

PDF Lab collects the minimum data necessary to provide the service:

• Your IP address — used only for rate limiting (max 5 files/day) and abuse prevention
• Uploaded files — stored temporarily on our server for processing only
• Basic server logs — standard web server access logs (IP, timestamp, status code)

2. How we use your data

We use collected data exclusively to:

• Process your PDF files according to the operation you selected
• Enforce fair-use limits (rate limiting by IP)
• Diagnose server errors and maintain service reliability

We do not read, analyse, or index your file contents for any purpose.

3. File retention

All uploaded files and processed outputs are automatically and permanently deleted 60 minutes after upload. This deletion is irreversible. We do not keep backups of user files.

4. Third parties

We do not sell, share, or transfer your files or personal data to any third party. The service is self-hosted; no cloud storage (AWS S3, Google Cloud, etc.) is used for user files.

5. Cookies

PDF Lab uses only one browser storage item: pdf-theme in localStorage, which stores your dark/light mode preference. No tracking cookies are set.

6. Security

Files are stored with randomised UUIDs as filenames. HTTPS is enforced. Uploaded files are validated for PDF format and optionally scanned for malware (ClamAV). Strict security headers are applied on all responses.

7. Your rights

Since we do not collect personal information beyond your IP address and do not store files beyond 60 minutes, there is no data to access, correct, or delete after the retention period. If you have concerns, contact us via GitHub.