Privacy & Security

RedactLedger is built around a privacy-first architecture. Your documents stay on your device at all times.

Client-Side Processing

All PDF rendering, text extraction, and redaction happen inside your browser or on your device. RedactLedger never uploads your PDF to any server. The only data that ever touches our servers is:

• Your account email and hashed password (for authentication)
• Usage metadata: number of files processed, timestamps, export counts
• Payment information (handled by our payment processor, never stored by us)

What We Don’t Store

• PDF file contents
• Text extracted from your documents
• Redaction coordinates or rectangle positions
• Any financial data from your bank statements

Authentication

Authentication is provided by our backend platform. We use secure tokens stored in browser cookies and industry-standard password hashing so we cannot read your passwords.

Data Retention

Account metadata is retained while your account is active. You can delete your account (and all metadata) at any time from Account → Danger Zone.

Secure Export

For maximum redaction security, use Secure Export (Pro). This rasterizes every redacted page, destroying the underlying text layer so the hidden content cannot be recovered by any PDF editor.

Responsible Disclosure

Found a security issue? Please report it to security@redactledger.com. We address reports promptly.