Privacy Policy

Last updated: June 24, 2026

🛡️
Our Core Privacy Promise

PDF SignCheck is built from the ground up as a privacy-first utility. We do not save, store, sell, or analyze your uploaded PDF documents or camera scans. All cryptographic calculations and barcode/QR scans occur strictly in volatile system memory or locally on your device, and are immediately discarded.

1. What information do we collect?

To provide you with our secure digital certificate checking tools, we collect the minimum necessary data:

  • Uploaded & Password-Protected Files (Zero Retention): When you upload a PDF document for signature validation or barcode extraction, the file is temporarily loaded in-memory on our secure servers, programmatically inspected, and immediately discarded after returning the results. For password-protected documents (such as encrypted government IDs), you may enter the document password which is securely processed in-memory solely to enable local decryption and barcode extraction; neither your password nor the decrypted document bytes are ever written to persistent disk or storage.
  • Camera & Scan Data (Zero Retention): When you use the mobile application's camera scanner to read QR codes or barcodes from physical documents, the camera feed and capture processing are executed entirely offline and locally on your mobile device using native machine learning. No video feeds, images, or document contents from your camera are ever transmitted, uploaded, or stored on external servers or APIs.
  • Account Information: If you register or authenticate an account (including Google OAuth sign-in), we store your email address, name (if provided), and account credentials. This authentication is managed securely in partnership with Neon Auth.
  • Payment Data: Payment processing is handled entirely by Dodo Payments. We do not store or process your credit card numbers, billing addresses, or specific payment credentials on our systems.

2. How do we use your information?

We use collected information solely to support the active features of PDF SignCheck:

  • To inspect and stamp cryptographic validity badges on your requested PDF files in real-time.
  • To track daily rate limits associated with your account tier and top-up credits.
  • To send transaction receipts, password reset links, and critical security update notices.

3. Do we use cookies and analytics?

We use secure, standard HTTP-only cookies to handle user authentication state sessions. These cookies do not track your activity across external web spaces.

4. What third-party integrations do we use?

We partner with select trusted services to deliver the platform infrastructure:

  • Neon Auth: Provides passwordless login, database encryption, and security credentials management.
  • Google Cloud Platform: Facilitates Google Account OAuth logins to save you from typing passwords.
  • Dodo Payments: Handles PCI-compliant billing pipelines and invoice receipts securely.

5. How is data retention and security handled?

We apply modern industry-standard transport level encryption (SSL/TLS) for all data transfers. File inspection blocks run inside isolated server environments with no persistent storage volumes attached. Account records are kept securely until you request account deletion.

6. How can you contact us regarding privacy?

For questions regarding this policy, to request account deletion, or to submit feedback, contact us at: hi@pdfsigncheck.com