Security & Data Protection
We design PDFCloudy with privacy and operational safety in mind. This page summarizes our security controls and expectations for safe usage.
1) Data in transit and processing
- All transfers use HTTPS/TLS encryption.
- Files are processed only for the operations requested by the user.
- We do not use uploaded file content for advertising targeting.
2) Access control and infrastructure
- Infrastructure access is limited to authorized operators on a least-privilege basis.
- Security updates and dependency patches are applied regularly.
- Operational logs are retained for abuse detection and troubleshooting windows only.
3) Retention and deletion practices
- Temporary file artifacts are removed automatically after processing windows.
- Support messages are retained only as long as needed to resolve user requests.
- Users can request data-handling clarifications at any time.
4) Responsible disclosure
If you discover a potential vulnerability, report it to hello@pdfcloudy.xyz with reproduction details. We investigate responsibly and prioritize remediation based on risk.