PDF Redactly is a privacy-first PDF redaction service. The core promise is simple: your documents are processed in your browser and are never uploaded to our servers. This page explains what data we do collect, why we collect it, and how it is protected.
What we don't collect
- The contents of any PDF you redact.
- Detected entities, names, account numbers, or any text.
- Visual previews or thumbnails of your documents.
All detection (regex, NER, optional LLM) and the redaction itself run client-side in your browser. The server is never given the document.
What we do collect
Account data (only when you sign up)
- Email address (for authentication).
- Account type and selected industry profile.
- Subscription tier and Stripe customer ID, when applicable.
Usage telemetry
We log anonymous, aggregated usage events — a counter increment per successful redaction. We do not record file names, sizes, content, finding counts by category, or any document-derived metadata.
Payment data
Payments are processed by Stripe. We never see or store credit card numbers. We retain Stripe's customer and subscription identifiers in order to manage your subscription.
Browser storage
PDF Redactly uses browser localStorage to store your entitlement token, an anonymous usage counter, and your last-used profile. This data lives only on your device. Clearing your browser storage will reset both.
Subprocessors
- Supabase — authentication and account database.
- Stripe — payment processing.
- Railway — application hosting.
- Resend — transactional email (account & receipts only).
Your rights
You may export or delete your account at any time from your account page. Account deletion removes all associated metadata within 30 days.
Contact
Privacy inquiries: [email protected].