Security Statement

Last updated: 1 January 2026

Data in transit

All communication between your browser and our servers is encrypted using TLS 1.3. HTTPS is enforced on all endpoints; unencrypted HTTP connections are automatically redirected.

Data at rest

Data stored on our infrastructure is encrypted using AES-256. Database backups are also encrypted and stored in geographically separate locations within the EU.

Document handling

PDF documents you upload are processed in isolated, sandboxed environments. Documents are automatically deleted within 24 hours of upload unless you explicitly choose to save them in your dashboard. We never share your documents with third parties.

Infrastructure

Our infrastructure is hosted exclusively in the European Union (the Netherlands). We work with ISO 27001 certified hosting providers.

Access control

Access to production systems is restricted to authorised personnel only. We apply multi-factor authentication, least-privilege access principles, and comprehensive audit logging for all administrative actions.

Responsible disclosure

If you discover a security vulnerability in our platform, please report it responsibly to security@yourpdfchecker.com. We ask that you allow us time to investigate and resolve the issue before any public disclosure. We aim to acknowledge reports within 2 business days and resolve confirmed issues within 30 days.

Updates

This security statement is reviewed at least annually and updated when material changes are made to our security practices.