PDFFlare

Privacy Policy

Last updated: April 2026

At PDFFlare (pdfflare.com), your privacy is a core part of our product, not an afterthought. This Privacy Policy explains what data we collect, how we use it, and the choices you have. We designed PDFFlare to process your files locally in the browser whenever possible, so your documents never leave your device.

1. Data We Collect

We follow a minimal data collection approach. Here is what we gather and why:

  • Usage analytics: We collect anonymous, aggregated data about how visitors interact with the site (pages visited, tool usage counts, browser type, country). This helps us improve our tools and prioritize new features.
  • Account information: If you create a Premium account, we collect your email address and payment details (processed securely by Stripe). We never store full credit card numbers on our servers.
  • Contact submissions: If you email us or use a contact form, we store your name, email, and message so we can respond.

We do not collect, sell, or share personal data for advertising profiling. We do not build user profiles beyond what is necessary to provide the service.

2. File Processing & Storage

Privacy-first file handling is what sets PDFFlare apart:

  • Client-side processing: The majority of our tools (merge, split, compress, image conversions) run entirely in your browser using WebAssembly and JavaScript. Your files are never uploaded to our servers for these operations.
  • Server-side processing: Some advanced tools (OCR, complex format conversions) require server-side processing. When this happens, your files are encrypted in transit (TLS 1.3), processed in isolated containers, and automatically deleted within 30 minutes of processing. No human ever views your files.
  • No permanent storage: We never permanently store any files you process through our tools. Temporary files are purged automatically and cannot be recovered.

3. Cookies & Local Storage

PDFFlare uses a limited number of cookies and local storage entries:

  • Essential cookies: Session management and authentication for Premium subscribers. These are strictly necessary for the service to function.
  • Preference cookies: Remembering your settings such as dark/light mode, preferred compression level, and language.
  • Analytics cookies: Google Analytics cookies to help us understand aggregate usage patterns. You can opt out of these using our cookie banner or a browser extension.

We do not use tracking cookies for cross-site advertising.

4. Third-Party Services

We work with a small number of trusted third-party services:

  • Google Analytics:For anonymized usage analytics. Google's privacy policy applies to data they collect. We use IP anonymization to further protect your privacy.
  • Stripe: For secure payment processing of Premium subscriptions. Stripe is PCI DSS Level 1 certified. We never see or store your full card details — Stripe handles this entirely.
  • Google AdSense: We display ads on free-tier pages to support the service. Google may use cookies to serve ads based on your browsing history. You can manage ad personalization settings at Google Ads Settings.
  • Cloudflare: For DNS, CDN, and DDoS protection. Cloudflare may collect minimal connection data as part of its security services.

5. Your Rights

You have the following rights regarding your data:

  • Access: You can request a copy of any personal data we hold about you.
  • Correction: You can ask us to correct inaccurate personal data.
  • Deletion: You can request that we delete your account and all associated personal data. We will comply within 30 days.
  • Portability: You can request your data in a machine-readable format.
  • Opt-out: You can opt out of analytics cookies at any time using our cookie preferences or your browser settings.

To exercise any of these rights, contact us using the information below.

6. Data Security

We take security seriously. All data in transit is encrypted with TLS 1.3. Server-side file processing occurs in isolated, ephemeral containers. Access to production systems is restricted and audited. We regularly review our security practices and update them as needed.

7. Children's Privacy

PDFFlare is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will post the updated policy on this page with a revised "Last updated" date. For significant changes, we will notify Premium subscribers by email.

9. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please reach out: