Privacy: Mark redactions in your browser. On Apply, your PDF is sent over HTTPS for processing only โ€” we do not store files.
Redact PDF Free
Trust

Security & Privacy Architecture

Mark locally. Apply securely. No cloud inbox for your documents.

Apply over HTTPS only

When you export, the PDF is sent to our secure redaction service, processed in memory, and returned. We do not store files.

HTTPS everywhere

The site and redaction service are served over TLS. Static assets cache locally after first visit.

Permanent removal

Redacted text is removed from the PDF stream; remaining text stays searchable where not redacted.

Ad-free tool

The /tool route has no third-party ad scripts โ€” fewer trackers while you work.

You open and mark PDFs in your browser. When you click Apply redaction, the file is sent over HTTPS to our secure redaction service, processed in memory, and returned. We do not store PDFs on disk or in a cloud inbox.

What runs in your browser

  • PDF preview, thumbnails, and text search
  • Marking redaction boxes, undo/redo, PII pattern search
  • Optional OCR for scanned pages

What runs when you apply redaction

  • Secure server processing to permanently remove text inside your boxes
  • In-memory handling only โ€” no persistent PDF storage on our side

Threat model we address

  • Cloud PDF vendors retaining long-term copies on their servers
  • Overlay redaction leaving recoverable text
  • Accidental exfiltration via ad trackers on sensitive workflows (mitigated on /tool)

Threat model you must still manage

  • Malware on your device keylogging or screen-capturing
  • Sharing the wrong unredacted attachment
  • Backups (iCloud, OneDrive) syncing unredacted sources
  • Network exposure during HTTPS apply โ€” use trusted networks for highly sensitive work

Read our Privacy Policy and Disclaimer. For questions, contact us.