Security

How your files are handled

• Client-side tools (merge, split, rotate, etc.) never upload your file. All processing happens in your browser.
• Server-side tools upload to Cloudflare R2 over TLS 1.3, stored with AES-256 server-side encryption.
• Files auto-purge 2 hours after job completion; earlier if you click "delete now".
• No file contents are ever logged, indexed, or used for training any model.

Authentication & accounts

• Google OAuth or Microsoft OAuth.
• Session tokens are short-lived, rotated on sensitive actions.
• API keys are stored hashed; you can revoke and rotate at any time.

Infrastructure

• Edge delivery via Cloudflare with WAF.
• Workers run in isolated containers; no shared state between jobs.
• All uploads scanned with ClamAV before processing.

Reporting a vulnerability

Email security@pennypdf.com. We pay bounties in both cash and coins for valid reports. See our security.txt.