Privacy Policy

1. Introduction

LittlePDF (operated by Renvia Code, "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit littlepdf.com and use our services. By using LittlePDF, you agree to the collection and use of information in accordance with this policy.

2. Client-Side Processing & File Privacy

LittlePDF is designed with a privacy-first architecture. The majority of our PDF tools -- including merge, split, compress, rotate, watermark, and page reordering -- run entirely in your web browser using client-side JavaScript. This means:

• Your files are never uploaded to our servers for these operations.
• Processing happens locally on your device using technologies such as pdf-lib and the Web Crypto API.
• We have no ability to access, read, or store the content of files processed client-side.
• Once you close the browser tab, all file data is released from memory.

3. AI-Powered Tools & Server-Side Processing

Certain advanced features -- including AI-powered OCR, document summarization, and format conversions that require server-side rendering -- may transmit your files to our secure processing servers. When this occurs:

• Files are encrypted in transit using TLS 1.3.
• Files are processed in isolated, ephemeral containers and are deleted immediately after processing is complete, typically within seconds.
• We do not retain, log, or use your file contents for model training or any purpose beyond fulfilling your request.
• AI processing is powered by third-party APIs (such as Mistral for OCR). These providers process data under strict data processing agreements and do not retain your files.

Each tool page clearly indicates whether processing happens in your browser or on our servers, so you always know before you upload.

4. Information We Collect

We collect the following categories of information:

a. Account Information

When you create an account, we collect your name, email address, and authentication credentials. If you sign in via a third-party provider (Google, GitHub), we receive the profile information you authorize.

b. Payment Information

Payment processing is handled entirely by Stripe. We never receive, store, or have access to your full credit card number. Stripe provides us with a tokenized reference, your billing address, and the last four digits of your card for receipt purposes.

c. Usage Analytics

We collect anonymized usage data to improve our service, including pages visited, tools used, feature interactions, device type, browser version, and approximate geographic region. We do not track individual user behavior across sessions in a personally identifiable way.

d. Technical Data

Our servers automatically log IP addresses, request timestamps, and HTTP headers for security monitoring and abuse prevention. These logs are retained for 30 days and then permanently deleted.

5. How We Use Your Information

• To provide, operate, and maintain our services.
• To process transactions and send related billing information.
• To send service-related notices, including security alerts and account notifications.
• To analyze usage patterns and improve our tools and user experience.
• To detect, prevent, and address technical issues, fraud, or abuse.
• To comply with legal obligations and enforce our Terms of Service.

6. Third-Party Services

We use the following third-party services to operate LittlePDF:

Each provider operates under their own privacy policies and data processing agreements. We select providers that meet or exceed industry standards for data protection.

7. Cookies & Tracking

We use a minimal set of cookies strictly necessary for the operation of our service:

• Session cookies -- maintain your authenticated session. These expire when you log out or after 30 days of inactivity.
• Preference cookies -- store your UI preferences such as theme and language. These persist until manually cleared.
• Analytics cookies -- anonymized usage tracking to help us understand which tools are most useful. No personally identifiable information is stored.

We do not use advertising cookies, tracking pixels, or fingerprinting techniques. We do not sell or share your data with advertisers.

8. Data Retention

We retain your account information for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law (e.g., tax records for payment transactions, which are retained for up to 7 years). Server logs are retained for 30 days. Analytics data is aggregated and anonymized and may be retained indefinitely.

9. Your Rights (GDPR & CCPA)

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right to Access -- Request a copy of the personal data we hold about you.
• Right to Rectification -- Request correction of inaccurate or incomplete data.
• Right to Erasure -- Request deletion of your personal data ("right to be forgotten").
• Right to Portability -- Receive your data in a structured, machine-readable format.
• Right to Object -- Object to processing of your data for certain purposes.
• Right to Restrict Processing -- Request that we limit how we use your data.
• Right to Opt Out of Sale (CCPA) -- We do not sell personal information. No opt-out is necessary.

To exercise any of these rights, contact us at privacy@littlepdf.com. We will respond within 30 days.

10. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS 1.3), encryption at rest for stored data, regular security audits, and access controls based on the principle of least privilege. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

11. Children's Privacy

LittlePDF is not directed at children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at privacy@littlepdf.com and we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by posting a notice on our website and updating the "Last updated" date above. We encourage you to review this page periodically. Your continued use of LittlePDF after changes are posted constitutes your acceptance of the revised policy.