PDF Wonder Kit

Privacy Policy

Last Updated: January 8, 2026

1. Introduction

PDF Wonder Kit ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our comprehensive PDF toolkit.

2. Information We Collect

2.1 Confidential Personal Information (CPI) - Ohio Standards

In compliance with Ohio Revised Code §1347.15, we protect Confidential Personal Information (CPI), which includes:

  • Social Security numbers (not collected)
  • Driver's license numbers (not collected)
  • Financial account information (processed securely through Stripe, not stored by us)
  • Personal information that could lead to identity theft

2.2 Account Information

When you create an account, we collect:

  • Email address
  • Name
  • Password (encrypted using industry-standard protocols)
  • Account creation date
  • Age verification status (for users under 16, parental consent record)

2.3 Payment Information

Payment processing is handled by Stripe, a PCI DSS Level 1 certified service provider. We do not store, access, or retain your credit card information. Stripe collects and processes payment data according to their privacy policy. Ohio residents will be charged applicable state and local sales tax as required by Ohio law.

2.4 Usage Data

We collect:

  • Number of PDFs processed per month
  • File sizes (not file content)
  • Feature usage statistics
  • Browser type and version
  • Device information
  • IP address

3. Your PDF Documents - Our Most Important Commitment

🔒 WE DO NOT UPLOAD, STORE, OR ACCESS YOUR PDF FILES.

All PDF processing happens entirely in your web browser using JavaScript. Your documents never leave your device. We have no technical capability to access, read, or store your document content.

This is not just a policy—it's how our technology works. Your files are processed client-side for maximum privacy and security.

4. How We Use Your Information

We use collected information to:

  • Provide and maintain the Service
  • Process your subscription payments
  • Enforce usage limits based on your subscription tier
  • Send important service updates and notifications
  • Improve and optimize the Service
  • Detect and prevent abuse or fraudulent activity
  • Comply with legal obligations

5. Third-Party Services

5.1 Clerk (Authentication)

We use Clerk for user authentication. Clerk collects and processes your email, name, and authentication data according to their privacy policy.

5.2 Stripe (Payments)

Payment processing is handled by Stripe. Your payment information is transmitted directly to Stripe and is not stored on our servers.

5.3 Hosting Provider

Our service is hosted on Render. Server logs may include IP addresses and request metadata.

6. Cookies and Tracking

We use cookies for:

  • Authentication (keeping you logged in)
  • Usage tracking (counting PDFs processed monthly)
  • Preference storage (theme, language)

7. Data Retention and Deletion

Account Data: Retained as long as your account is active. Upon account deletion, all personal information will be permanently deleted within 30 days, except as required by law or legitimate business purposes (e.g., tax records).

Usage Statistics: Retained for up to 12 months for analytics and service improvement purposes, then automatically deleted.

PDF Files: Never uploaded to or stored on our servers. All processing occurs in your browser and files are deleted from browser memory when you close the tab or navigate away.

Backup Data: Data in backups will be deleted according to our backup retention schedule (maximum 90 days).

8. Your Rights (GDPR & CCPA)

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate personal data
  • Deletion: Request deletion of your account and data
  • Portability: Request your data in a portable format
  • Objection: Object to certain data processing
  • Withdraw Consent: Withdraw consent for data processing

To exercise these rights, contact us at admin@pdfwonderkit.com.

9. Security Measures

In accordance with Ohio's Data Protection Act and recommended NIST cybersecurity frameworks, we implement comprehensive security measures:

  • Encryption: HTTPS/TLS encryption for all data transmission
  • Password Security: Bcrypt hashing for password storage
  • Access Controls: Role-based access controls limiting data access to authorized personnel only
  • Authentication: Multi-factor authentication available for enhanced security
  • Monitoring: 24/7 system monitoring and intrusion detection
  • Rate Limiting: Protection against brute force attacks and abuse
  • Client-Side Processing: PDFs processed entirely in your browser - never uploaded to our servers
  • Regular Audits: Periodic security assessments and vulnerability testing

9.1 Data Breach Notification (Ohio Law Compliance)

In the unlikely event of a data breach involving your personal information, we will:

  • Notify affected individuals within the timeframe required by Ohio law
  • Provide details about the nature of the breach and data affected
  • Explain steps we've taken to address the breach
  • Offer guidance on protective measures you can take
  • Notify appropriate authorities as required by law

10. Children's Privacy

Our Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

11. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice on our website.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: admin@pdfwonderkit.com
  • Website: www.pdfwonderkit.com