Skip to content
Pditor

Legal

Privacy Policy

Last updated May 29, 2026.

Who runs Pditor

Pditor is an independent project run by a small team. Billing is handled through LemonSqueezy as merchant of record, which means your invoice, refund, and chargeback paperwork flows through them. For any privacy, security, or data–rights question, write to security@pditor.com — one inbox, monitored, no ticket portals.

What we collect

The files you upload to run a tool, your account email when you sign up, billing details routed through LemonSqueezy, and basic telemetry (a hashed IP for rate limiting, job timestamps, feature usage counters).

We do not sell your data. We do not run third–party ad trackers. We do not enrich your email with third–party data brokers.

Cookies

We set a session cookie when you log in — it’s how the site remembers you between page loads. That’s the only cookie we set. No analytics cookies, no marketing pixels, no cross–site trackers.

How long we keep files

Uploaded inputs and tool outputs are deleted from object storage on a fixed schedule after each job finishes:

  • Free tier: 60 minutes
  • Pro tier: 15 minutes

Abandoned uploads (presigned PUT succeeded but no job was created) are deleted within one hour.

Job metadata (tool name, status, timestamps — never file contents) is retained against your account for billing history and is included in your GDPR data export.

AI subprocessors

Some tools (Summarize, Chat with PDF, AI Redact) send text excerpts from your PDFs to one of the model providers below. We configure each provider with training opt–out enabled, so your content is not used to train their models.

  • Cloudflare R2 — file storage
  • LemonSqueezy — billing and tax
  • DeepSeek, OpenRouter, Anthropic, OpenAI — AI model providers

We don’t store the prompt/response pair longer than the 7–day content–hash cache used to avoid re–billing you for an identical request.

Your rights

You can export every row we hold about you at any time from the dashboard, or by GETting /api/account/export. The download is a ZIP of account, jobs, invoices, and subscriptions.

You can request deletion at any time from the dashboard, by POSTing {"confirm": "ERASE"} to /api/account/erase, or by emailing security@pditor.com. We anonymize your account, sever its link to past jobs, and delete their object–storage artefacts. Invoice and subscription rows are retained because tax law requires it; they no longer identify you.

Under GDPR you also have the right to lodge a complaint with the data–protection authority in your country if you feel we’ve mishandled your request. We’d rather hear about it first — security@pditor.com — but the right exists either way.

Children

Pditor isn’t directed at children under 13. If we learn an account belongs to one, we delete it.

Changes

If we change this policy in a way that affects what we collect or how long we keep it, we’ll email accountholders before the change takes effect.

Contact

Privacy, security, vulnerability reports, GDPR access/erasure requests — all of it goes to security@pditor.com. Billing questions go to billing@pditor.com.