iReadPDF

Privacy Policy

Your privacy is our priority. All files are processed locally in your browser.

100% Browser-Based Processing

Your files never leave your device. All PDF processing happens directly in your browser using secure, local technology.

Last updated: December 2024

Your Privacy Matters

At iReadPDF, we take your privacy seriously. This policy explains in detail how we handle your information, what data we collect, how we protect it, and your rights regarding your data.

File Processing and Storage

100% Browser-Based Processing: All PDF processing happens entirely in your browser using WebAssembly and JavaScript. Your files are never uploaded to our servers - not even temporarily. Everything happens locally on your device.

No Server Storage: Because all processing is client-side:

  • Zero file uploads: Your files never leave your device
  • No server storage: We don't store your files on any server, ever
  • No temporary storage: There is no temporary server storage because files are never uploaded
  • No backups: We cannot create backups because we never receive your files
  • Complete privacy: Your documents remain entirely on your device throughout the entire process

How It Works: When you use iReadPDF tools, the processing happens directly in your browser's memory. The PDF file is loaded into your browser, processed using client-side technologies, and the result is generated on your device. At no point does your file travel over the network to our servers.

Encryption and Security

Encryption in Transit: All data transmitted to and from iReadPDF (for website content, tool loading, etc.) is encrypted using industry-standard TLS 1.3 encryption. However, since your PDF files are never uploaded, there is no file transmission to encrypt - your documents never travel over the network.

Local Processing Security: Since all processing happens in your browser:

  • Your files remain encrypted on your device (if your PDFs are password-protected)
  • Processing happens in your browser's secure sandbox environment
  • No network exposure: Your files never leave your device, eliminating network-based attack vectors
  • Browser security: Your browser's built-in security features protect the processing environment

Website Security: We implement strict security measures for our website infrastructure:

  • HTTPS/TLS 1.3 encryption for all website communications
  • Regular security audits and penetration testing
  • 24/7 monitoring for security threats
  • Automated security updates and patches
  • Access controls for our internal systems (which never touch your files)

Data Collection

We collect minimal data necessary to provide our services:

  • Account Information: For registered users, we collect email address and name (optional) to provide account services
  • Usage Analytics: We collect anonymized usage statistics to improve our services (page views, tool usage patterns). This data cannot be linked to your identity or your documents
  • Payment Information: Payment information is processed securely by Stripe and is never stored on our servers. We only receive confirmation of successful payments
  • Technical Data: Browser type, device type, and IP address (anonymized) for security and service optimization

What We Do NOT Collect:

  • We do not sell your data to third parties
  • We do not use your documents for training AI models
  • We do not analyze document content for advertising purposes
  • We do not mine document content for any purpose
  • We do not share your documents with third parties

Data Retention

File Retention: Since your files are never uploaded to our servers, there is no file retention policy needed. Your files remain on your device under your complete control. You can delete them from your device at any time.

Account Data Retention: Account information (email, name) is retained as long as your account is active. You can request account deletion at any time, and all associated data will be permanently deleted within 30 days.

Analytics Data Retention: Anonymized analytics data (page views, tool usage patterns - not linked to your identity or documents) is retained for up to 24 months for service improvement purposes, then automatically deleted.

Cookies and Tracking

We use cookies for the following purposes:

  • Essential Cookies: Required for basic functionality (session management, security)
  • Analytics Cookies: Optional cookies for understanding usage patterns (only with your consent)
  • Preference Cookies: To remember your settings and preferences

You can control cookie preferences through your browser settings or our cookie consent banner.

Compliance and Certifications

iReadPDF maintains compliance with major data protection regulations and security standards:

  • GDPR (General Data Protection Regulation): Full compliance with European data protection regulations. We respect all GDPR rights including the right to access, rectification, erasure, and data portability. Our browser-based architecture naturally ensures GDPR compliance since we never receive or process personal data from your files.
  • CCPA (California Consumer Privacy Act): Compliance with California privacy laws, including the right to know, delete, and opt-out of sale. California residents have full control over their data.
  • Other Data Protection Regulations: We comply with various international and regional data protection laws including:
    • PIPEDA (Personal Information Protection and Electronic Documents Act) - Canada
    • LGPD (Lei Geral de Proteção de Dados) - Brazil
    • PDPA (Personal Data Protection Act) - Singapore
    • PDPB (Personal Data Protection Bill) - India
    • Australian Privacy Principles (APP) - Australia
    • And other applicable data protection regulations worldwide
  • SOC 2 Type II: Regular audits of our security practices and controls for our website infrastructure
  • ISO 27001: Information security management standards compliance for our systems and processes

Why Compliance is Natural: Because iReadPDF processes all files 100% in your browser without uploading them to our servers, compliance with data protection regulations is inherent. We never receive, store, or process your document content, making us naturally compliant with privacy regulations worldwide.

Your Rights

You have comprehensive rights regarding your data:

  • Right to Access: Request a copy of all personal data we hold about you
  • Right to Rectification: Correct any inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Withdraw Consent: Withdraw consent for data processing at any time
  • Right to File Complaints: File complaints with your local data protection authority

To exercise any of these rights, please contact us at privacy@ireadpdf.com. We will respond to your request within 30 days.

Third-Party Services

We carefully vet any third-party services we use:

  • Payment Processing: Stripe (PCI DSS Level 1 compliant)
  • Cloud Infrastructure: Enterprise-grade providers with strong security track records
  • Analytics: Privacy-focused analytics services with anonymization

All third-party services are required to maintain security standards equivalent to our own, and we minimize data sharing to only what's necessary for service provision.

Security Incident Response

In the unlikely event of a security incident:

  • We will immediately contain any security issues
  • We will transparently communicate with affected users within 72 hours
  • We will rapidly resolve and restore systems
  • We will conduct post-incident analysis and implement improvements
  • We will comply with all regulatory notification requirements

Children's Privacy

iReadPDF is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

International Data Transfers

If you are located outside the United States, please note that we may transfer your data to the United States and process it there. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses approved by the European Commission.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Us

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

  • Email: privacy@ireadpdf.com
  • Data Protection Officer: dpo@ireadpdf.com
  • Response Time: We aim to respond to all inquiries within 48 hours