Back to Documentation
Security & Privacy

How we protect your data

ProPDFSuite handles documents that may contain sensitive information. This page explains the technical and organizational measures we have in place to keep your data secure.

Encryption at rest

  • All documents are stored encrypted using AES-256 in our cloud storage.
  • Encryption keys are managed by the storage provider's key management service.
  • Database fields containing personally identifiable information are additionally encrypted at the application layer.

Encryption in transit

  • All traffic between your browser and ProPDFSuite uses TLS 1.2 or higher.
  • HTTP Strict Transport Security (HSTS) is enforced — plain HTTP connections are automatically upgraded.
  • File uploads go directly from your browser to object storage over a signed HTTPS connection.

Access control

  • Every API endpoint enforces authentication — no document data is accessible without a valid session.
  • Workspace isolation: members of one workspace cannot access documents in another workspace.
  • Object-level permission checks are applied on every read and write operation — frontend-only access control is never relied upon.
  • Role-based access control (RBAC) limits what each team member can do within a workspace.

Infrastructure

  • Backend hosted on Railway (managed cloud, EU and US regions available).
  • PostgreSQL database with automated daily backups retained for 30 days.
  • Redis cache with data persistence — used for sessions and background job queuing.
  • Object storage on AWS S3 with versioning enabled.
  • No documents are processed on shared infrastructure — each processing job runs in an isolated container.

Data deletion

  • Deleting a document from your library immediately marks it as deleted and removes it from all library views.
  • The underlying file is permanently purged from storage within 24 hours.
  • When you close your account, all workspace data and documents are deleted within 30 days.
  • Backups containing your data are rotated out within 60 days of account deletion.

Compliance

  • GDPR: Users in the EU can request data export and deletion. See our Privacy Policy for details.
  • CCPA: California residents can opt out of data sale (we do not sell user data).
  • SOC 2 Type II audit is on the roadmap for the Enterprise tier.
  • All subprocessors (Stripe, AWS, Railway) maintain their own compliance certifications.

Authentication security

Password hashing

Passwords are hashed with Argon2id before storage. Plain-text passwords are never stored or logged.

Email verification

New accounts must verify their email address before accessing the product.

Session tokens

Sessions are managed by secure, HttpOnly session cookies. Tokens are rotated on login and invalidated on logout.

Rate limiting

Login and registration endpoints are rate-limited to 60 requests per minute per IP to mitigate brute-force attacks.

MFA

Multi-factor authentication (TOTP) is available and can be enforced by workspace owners on the Enterprise plan.

File upload security

Uploaded files are validated for MIME type and file size before being accepted.
File storage paths are randomized UUIDs — directory traversal and predictable URL attacks are not possible.
Download URLs are pre-signed and expire after one hour — a stale link cannot be reused.
Files are never served from the same origin as the web application, preventing same-origin attacks.
Background PDF processing happens in isolated worker containers with no network egress.

Responsible disclosure

If you discover a security vulnerability in ProPDFSuite, please report it to us privately before disclosing it publicly. We aim to respond within 48 hours and resolve critical issues within 7 days.

Report a vulnerability
Billing