Privacy Policy

At PdfWatch, we believe that true privacy is achieved through cryptography, not policy. We have engineered our platform around a strict Zero-Knowledge Architecture.

When you upload a document, it is encrypted locally within your browser using military-grade AES-256-GCM encryption before a single byte is transmitted to our servers. The decryption key is generated on your device and embedded in the URL hash fragment. Because browsers do not send hash fragments to servers, we never receive, store, or possess your decryption keys. We mathematically cannot read your documents.

To provide our service and real-time analytics, we collect the absolute minimum operational metadata required:

• Account Information: If you register for an account, we collect your email address for authentication and communication purposes.

• Security Logs: We temporarily log IP addresses to prevent abuse, DDoS attacks, and unauthorized access attempts.

• Telemetry Data: We collect anonymous viewing metrics (e.g., page views, time spent per page) to generate the analytics dashboard for the document owner. This data is tied to a randomized document ID, not to the viewer's personal identity.

Because of our Zero-Knowledge design, we are blind to your actual data. We do not and cannot collect:

• The contents of your PDF documents.

• The original filenames of your documents (these are encrypted locally).

• The decryption keys required to unlock your files.

We utilize industry-leading infrastructure providers to ensure high availability and security. Our trusted sub-processors include:

• Supabase: Utilized for secure database management and encrypted blob storage. Supabase acts as a blind storage locker for your encrypted files.

• Vercel: Utilized for hosting our frontend application and secure API routes at the edge.

We strive to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

We utilize zero-knowledge encryption to minimize the processing of Personal Data. While the encrypted files you upload are designed to be inaccessible to us, we process your account information and limited metadata to provide the Service. You retain absolute control over your account data. You have the right to request access to, correction of, or deletion of your account information at any time.

When you click "Revoke Access" or delete a document from your dashboard, the encrypted blob is permanently and irreversibly deleted from our storage buckets. We do not keep soft-deletes or backups of revoked documents.

For copyright takedown requests, please refer to our DMCA Policy at pdfwatch.com/dmca.

Our lawful basis for processing your data is the performance of a contract (providing the Service) and our legitimate interests in maintaining security and preventing abuse. We retain your account data for as long as your account is active. Operational logs are retained for a limited period necessary for security monitoring, after which they are securely deleted.

If you are located in the European Economic Area (EEA), your data may be transferred to and processed in countries outside the EEA. We rely on standard contractual clauses or other legally recognized transfer mechanisms to ensure your data is protected.