Privacy Policy
Last Updated: December 30, 2025
1. Introduction
Welcome to PodPDF ("we", "us", "our", or "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our PDF generation platform at https://app.podpdf.com, including our web application and API services.
We operate globally using cloud infrastructure. PodPDF is built on Amazon Web Services (AWS) and serves customers worldwide. We comply with international data protection standards including GDPR and CCPA.
By using PodPDF, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Service.
This Privacy Policy should be read in conjunction with our Terms of Service.
2. Information We Collect
2.1 Personal Information You Provide
Account Registration:
When you create an account, we collect:
- Email address (required for authentication and communication)
- Password (encrypted and stored securely via AWS Cognito)
- Display name (optional)
Google OAuth Authentication:
When you sign in using Google, we collect:
- Google account email address
- Google account name (if provided by Google)
- Google user ID (for authentication purposes)
We only access the information you authorize Google to share with us. We do not have access to your Google password.
2.2 Automatically Collected Information
When you use the Service, we automatically collect usage data, technical information, and cookies as detailed in the full Privacy Policy.
2.3 Content You Submit
Important: Your input content (HTML, Markdown, or Images) is processed in memory and not stored persistently on our servers. It is deleted immediately after PDF generation.
3. How We Use Your Information
We use the information we collect for:
- Service Provision: Authentication, PDF generation, API access, job tracking
- Billing and Payment: Calculate charges, process payments, generate invoices
- Communication: Send service notifications, support responses, security alerts
- Service Improvement: Analytics, error tracking, feature development
- Security and Fraud Prevention: Detect unauthorized access, prevent abuse
- Legal Compliance: Comply with applicable laws and regulations
4. Data Storage and Infrastructure
We use Amazon Web Services (AWS) infrastructure for all data storage and processing. Your data is primarily stored in AWS data centers with industry-standard security.
4.3 PDF Storage and Deletion
Critical: PDFs are stored for 1 hour only
- PDFs are automatically deleted after 1 hour
- No recovery: Expired PDFs cannot be recovered
- Your responsibility: Download PDFs immediately if you need to keep them
5. Data Sharing and Disclosure
We never sell, rent, or trade your personal information to third parties for marketing purposes.
We may share information with:
- Service Providers: AWS, Google OAuth, payment processors (only as necessary)
- Legal Requirements: When required by law or valid legal processes
- With Your Consent: When you explicitly authorize sharing
6. Cookies and Tracking Technologies
We use essential cookies for session management and authentication. We do not use tracking cookies for advertising purposes.
7. Data Security
We implement industry-standard security measures including HTTPS/TLS encryption, AWS security infrastructure, and secure password hashing. However, no method of transmission over the Internet is 100% secure.
8. Your Privacy Rights
8.1 Rights Under GDPR (European Users)
If you are in the European Economic Area, you have rights to:
- Access your personal information
- Rectify inaccurate information
- Request erasure ("right to be forgotten")
- Data portability
- Object to processing
- Withdraw consent
8.2 Rights Under CCPA (California Users)
California residents have rights to know, delete, and opt-out of sale of personal information (we do not sell personal information).
8.3 Exercising Your Rights
To exercise any of these rights, email us at podpdfapp@gmail.com. We will respond within 30 days.
9. International Data Transfers
We operate globally using cloud infrastructure and welcome customers from around the world. Your data is processed using AWS global infrastructure with appropriate safeguards for international data transfers.
10. Children's Privacy
PodPDF is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13.
11. Data Retention
- PDFs: Stored for 1 hour only, then automatically deleted
- Input Content: Not stored persistently, deleted immediately after processing
- Job Metadata: All tiers - retained indefinitely
- Account Information: Retained while account is active
12. Changes to This Privacy Policy
We reserve the right to modify this Privacy Policy at any time. We will notify you of material changes via email at least 14 days before they take effect.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy:
Email: podpdfapp@gmail.com
Website: https://app.podpdf.com
Company Information:
PodPDF is operated by XadLabs (PVT) Ltd, registered in Sri Lanka.
14. Compliance and Certifications
We comply with:
- GDPR: General Data Protection Regulation for EEA users
- CCPA: California Consumer Privacy Act for California residents
- AWS Security Standards: ISO 27001, SOC 2, PCI DSS Level 1
Summary of Key Privacy Points
- ✅ Minimal Data Collection: We collect only essential information (email, name, usage data)
- ✅ No Data Selling: We never sell your personal information
- ✅ Short PDF Storage: PDFs stored for 1 hour only, then automatically deleted
- ✅ No Content Storage: Input content processed in memory, not stored persistently
- ✅ AWS Infrastructure: Industry-leading security and compliance
- ✅ GDPR & CCPA Compliant: Full compliance with data protection regulations
- ✅ Your Control: Easy account deletion and data access requests
By using PodPDF, you acknowledge that you have read, understood, and agree to this Privacy Policy.
Last Updated: December 30, 2025