pdfprivately

Why Your PDF Tools Should Never Upload Your Files

A comprehensive guide to understanding how online PDF tools handle your files, what privacy risks exist, and how to choose tools that truly protect your documents.

What Happens When You Use Online PDF Tools

Most popular PDF tools like iLovePDF, Smallpdf, and PDF Candy work the same way:

  1. 1
    You select a PDF file — this could be a sensitive contract, medical record, tax document, or personal information.
  2. 2
    Your file is uploaded to their server — the entire PDF is transmitted over the internet to a server that could be in another country.
  3. 3
    The server processes your file — your document exists in memory on a machine you don't control, running code you haven't vetted.
  4. 4
    The result is sent back to you — the processed file is downloaded, and the company claims they delete your file from their servers.

The fundamental problem: you must trust the company to delete your file — and you have no way to verify they actually do.

Server-Side vs Client-Side Processing

AspectClient-Side (pdfprivately)Server-Side (Most Tools)
File Location Stays on your device Uploaded to remote server
Internet Required Only to load the app (works offline after) Required for every operation
Privacy Verification Verifiable via DevTools Network tab Impossible — must trust privacy policy
Data Sovereignty Your device, your jurisdiction Server may be in another country with different laws
File Retention Nothing to delete — files never leave Company controls deletion schedule
AI Training Risk No risk — files never leave your device Files could be used for model training
Third-Party Access None — no server involved Server operators, cloud providers, potential subpoenas
Processing Speed Instant — no upload time Depends on upload speed and server load
File Size Limits Limited only by browser memory (~2GB) Often capped at 5-50MB on free tiers
Account Required Never required Often required or encouraged

How pdfprivately Keeps Your Files Private

1. Client-Side WebAssembly

All PDF processing is done in your browser using WebAssembly (WASM). Libraries like pdf-lib and PDF.js run directly on your device — no server needed.

2. CSP Security Headers

Our Content-Security-Policy headers block all outbound network connections (connect-src 'none'). No file data can be sent anywhere.

3. Zero-Knowledge Architecture

Our server never receives your file. Even file metadata stays on your device. No accounts, no analytics cookies, no tracking scripts.

4. Auto-Cleanup on Tab Close

All temporary data is stored in browser memory and IndexedDB. When you close the tab, it's automatically garbage collected — nothing persists.

How to Verify: Disconnect Your Internet

This is the most powerful privacy test you can do. Try it with any pdfprivately tool:

  1. 1
    Open any pdfprivately tool page (e.g., Merge PDF, Compress PDF).
  2. 2
    Wait for the page to fully load (including WASM binaries).
  3. 3
    Disconnect your internet — turn off WiFi, unplug Ethernet, or enable airplane mode.
  4. 4
    Drop your PDF file and use the tool normally.
  5. 5
    It still works. Because your files are never uploaded, the internet is not needed for processing.

Try this with iLovePDF, Smallpdf, or any server-side tool — they will fail immediately without internet because their processing depends on uploading your file to their servers. This simple test is the ultimate proof of privacy.

PDF Tool Privacy Checklist

Use this checklist to evaluate any online PDF tool before trusting it with your documents:

Files processed in-browser (client-side WASM) — not uploaded to a server
Verifiable privacy — you can check Network tab and see zero file uploads
Works offline — proves no server dependency
No account required — anonymous usage without tracking
No analytics cookies or tracking scripts
Content-Security-Policy that blocks outbound connections
Auto-cleanup on tab close — no residual data
Clear privacy policy with specific file retention details
No hidden clauses about using your files for AI training
Open source code — community can audit the processing logic

Experience True Privacy

Try any pdfprivately tool right now. Your files never leave your browser. No account, no upload, no tracking.

Frequently Asked Questions

Are online PDF tools safe to use?

Most online PDF tools process files on their servers, meaning your documents are uploaded to a third-party cloud. While reputable tools use encryption and claim to delete files after processing, you cannot independently verify this. pdfprivately is different: all processing happens in your browser using WebAssembly — your files never leave your device. You can verify this by opening DevTools and confirming zero outbound network requests containing file data.

How can I verify that my files aren't being uploaded?

For pdfprivately, open your browser's Developer Tools (F12 or right-click > Inspect), go to the Network tab, and use any of our PDF tools. You'll see no outbound requests containing your file data. You can also disconnect your internet entirely after the page loads — our tools continue to work because everything runs client-side. For other online PDF tools, this verification is impossible because files must be uploaded to their servers for processing.

What is client-side PDF processing?

Client-side processing means all PDF manipulation happens inside your web browser using JavaScript and WebAssembly. The PDF file is read locally, processed by code running on your device, and the result is generated without ever being sent to a server. This is different from server-side processing where your file is uploaded to a remote server, processed there, and the result is sent back to you.

Can pdfprivately see my files?

No. pdfprivately cannot see your files because they never leave your browser. There is no server-side component that receives, stores, or processes your PDF content. Our Content-Security-Policy headers block all outbound network connections containing data payloads. The only network requests are for loading the application itself (HTML, CSS, JavaScript, WASM binaries) — never your file content.

What happens to my files when I close the tab?

When you close your browser tab or window, all temporary data is automatically cleaned up. Your browser's garbage collection reclaims the memory. Nothing persists on our side because nothing was ever sent to us. IndexedDB temp storage (if used for large files) is wiped when the tab closes.

Our Privacy-First PDF Tools