Privacy Policy

1. Who We Are

PQ PDF is operated by Fated LLC. References to "we", "us", or "PQ PDF" throughout this policy refer to this service at pqpdf.com.

2. Data We Collect

2.1 Files You Upload

Files uploaded for processing are stored in a secure temporary directory on our server. Processing happens synchronously; the output is returned to you over HTTPS. All temporary files are deleted from the server immediately after the HTTP response completes. We do not read, index, copy, or share the content of your files.

2.2 Server Logs

Our web server (Apache) records standard access logs containing: IP address, timestamp, HTTP method, requested path, HTTP status code, bytes transferred, referrer, and user-agent string. These logs are retained for a maximum of 30 days for security and abuse-prevention purposes, then automatically deleted.

2.3 Contact Form

If you submit our contact form we collect: first name, last name, email address, optional company name, optional phone number, subject, and message text. We also record your IP address and timestamp for spam-prevention and rate-limiting. This data is stored in a PostgreSQL database on our own server and used solely to respond to your enquiry. We do not add you to any mailing list without explicit opt-in.

2.4 Human Verification (Contact Form Only)

The contact form uses an AI-based behavioural verification service (api.pqcrypta.com/human/verify) to distinguish human users from automated bots. This service analyses mouse-movement patterns, keystroke timing, and device fingerprint signals locally in your browser and submits a confidence score. No raw behavioural data stream is permanently stored.

2.5 PDF Forensics Scanner — Analysis Feature Vectors

When you use the PDF Forensics Scanner, the file itself is deleted immediately after analysis. However, a 38-dimensional feature vector — a numerical summary derived from the outputs of the 44 detection engines — is persisted to our PostgreSQL database. This record contains structural analysis signals only (for example: entropy values, object counts, engine flags, and pattern match scores). It contains no file content, no filename, and no personally identifiable information.

This data is used solely to train and improve the ML Intelligence Engine (IsolationForest anomaly detection and RandomForest classifier) that runs as part of every subsequent scan. If you voluntarily submit feedback on a scan result (flagging a false positive or confirming a threat), the label you provide is stored alongside that feature vector and used directly in model retraining. Feature vectors and feedback labels are retained indefinitely to support model training; they cannot be linked back to you or the file you submitted.

2.6 Camera Scanner

The PDF Scanner (Camera) tool requests access to your device's camera solely to capture a document image within your browser. Camera access is handled entirely by your browser and operating system — no video stream is ever transmitted to our servers. Only the captured image frame is sent to our server for processing (deskewing, cropping, and PDF conversion). That image is stored in a secure temporary directory, processed synchronously, and deleted immediately after the PDF is returned to you. We do not store, index, or view any captured images.

2.7 E-Signature & Send for E-Signature

When you use the Send for E-Signature tool, the following data is necessarily collected and stored in order to operate the signature workflow:

• The email address(es) of signature recipients you specify.
• The document to be signed (stored securely until all signatures are collected or the request expires, then deleted).
• Signature completion status and timestamps.
• The IP address and timestamp of each signing event, for audit-trail purposes.

This data is used solely to deliver and complete the signature request. Recipient email addresses are not added to any mailing list and are not used for any purpose other than delivering the signature request and notifying you of completion. Completed and expired signature requests are deleted within 90 days of their final status unless you download and delete them earlier.

You are responsible for ensuring you have the necessary authority and consent to send a signature request to each recipient. See Section 13 of the Terms of Use for further details.

2.8 Cookies & Local Storage

PQ PDF uses functional cookies and browser storage (localStorage / sessionStorage) solely to save your in-app configuration preferences on your own device — such as your last-used tool settings or display choices. This allows the application to remember your preferences when you return to the site.

These cookies and storage values are:

• Stored entirely on your device and never transmitted to our servers.
• Used only for functionality — not for tracking, advertising, or profiling.
• Free of personally identifiable information.
• Erasable at any time by clearing your browser's cookies and site data.

We do not set tracking cookies, advertising cookies, or participate in any third-party cookie network. No cookie data is shared with or accessible by any third party.

3. How We Use Your Data

4. Data Sharing

We do not sell, rent, or share personal data with third parties for commercial purposes. Data may be shared only in the following limited circumstances:

• Legal obligation — if required by a court order, law enforcement request, or other legally binding obligation under applicable law.
• Human verification API — behavioural analysis data is sent to api.pqcrypta.com (operated by Fated LLC) for bot detection. It is not shared with any external third party.

5. Security

All data is transmitted over TLS 1.2+ (HTTPS). Our server is hardened with strict Content-Security-Policy headers, HTTP Strict Transport Security (HSTS), and industry-standard firewall rules. File processing runs in an isolated temporary directory that is deleted while the download is still streaming to your browser. We apply regular security patches and follow responsible disclosure practices.

For full technical detail — temp-dir lifecycle, TLS configuration, CSP nonce generation, ML data policy, file validation, and the complete engine dependency list — see the Privacy & Security technical page.

6. Your Rights

Depending on your jurisdiction you may have the right to:

• Access — request a copy of personal data we hold about you.
• Rectification — request correction of inaccurate data.
• Erasure — request deletion of your personal data.
• Restriction — request we limit how we process your data.
• Portability — receive your data in a structured, machine-readable format.
• Objection — object to processing based on legitimate interests.

To exercise any of these rights, please use the contact form and select Privacy & Data (or Other) as the subject. We will respond within 30 days.

7. Children's Privacy

PQ PDF is not directed at children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has submitted information through our service, please contact us and we will delete it promptly.

8. Limitation of Liability & No Warranty

Fated LLC and the operators of PQ PDF make no representations or warranties regarding the accuracy, completeness, or security of any data handling described in this policy, beyond what is technically achievable and to the best of their knowledge and ability.

To the fullest extent permitted by applicable law, Fated LLC and PQ PDF shall not be liable for any loss, damage, or claim arising from:

• Unauthorised access to data processed through the service due to factors outside our control.
• Vulnerabilities in third-party open-source software components used by the platform.
• Network interception of data in transit despite TLS encryption being in place.
• Actions taken by you that result in exposure of your own files or data.

You are responsible for assessing whether this service meets your specific privacy and security requirements before use, particularly for sensitive, regulated, or confidential material.

9. Enterprise On-Premise Deployments

9.1 Data Controller Responsibility

When PQ PDF is deployed on-premise under an enterprise licence, the licenced organisation becomes the data controller for all data processed by that deployment — including uploaded files, scan results, ML feature vectors, contact submissions, and server logs. In this context, Fated LLC and PQ PDF act solely as the software supplier and are not a data processor or sub-processor of any data handled by the on-premise installation.

9.2 No Access by PQ PDF

Fated LLC and PQ PDF have no access to, and do not receive, any data processed by an on-premise deployment. This includes files, documents, forensic scan results, PostgreSQL scan history, ML model training data, user activity logs, and any other information generated or stored by the deployment. The organisation's own infrastructure is wholly outside PQ PDF's control.

9.3 Organisational Compliance Obligations

Organisations deploying PQ PDF on-premise are solely responsible for:

• Ensuring their deployment complies with applicable data protection laws, including the UK GDPR, EU GDPR, HIPAA, or equivalent legislation relevant to their jurisdiction and the nature of the documents they process.
• Publishing their own privacy notice to their users describing how data is collected, processed, and retained within the deployment.
• Implementing appropriate data retention and deletion policies for the PostgreSQL database, server logs, and temporary file directories.
• Securing the deployment against unauthorised access, including network-level controls, authentication, and patching.
• Obtaining any necessary Data Processing Agreements (DPAs) with their own sub-processors (hosting providers, cloud infrastructure, etc.).

9.4 Data Processing Agreement

As PQ PDF does not act as a data processor for on-premise deployments, a Data Processing Agreement between the organisation and Fated LLC is not required or applicable for the software licence itself. If your organisation requires contractual documentation for compliance purposes, contact contact@pqcrypta.com with the subject line Enterprise DPA.

9.5 ML Training Data in On-Premise Deployments

On-premise deployments include the ML Intelligence Engine, which stores 38-dimensional feature vectors in a local PostgreSQL database for model training. These vectors contain no file content, no filename, no IP address, and no PII — they are purely structural statistical signatures. However, the organisation is responsible for assessing whether these vectors constitute personal data under their applicable law (for example, if the nature of the documents processed could make even structural features indirectly identifying) and applying appropriate retention and erasure controls.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect the most recent change. Continued use of PQ PDF after changes are published constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related enquiries, please use the contact form.