Guide · Privacy

Most online PDF tools upload your file to a server. Here's why that should bother you.

When you drop a PDF into a web tool, the file usually leaves your computer. Here is what that means for a sensitive document, when it is fine, and how to check for yourself in 10 seconds.

You have a signed contract, a letter from a doctor, or a bank statement, and you just need to merge it, shrink it, or black out one line. You drag it into the first PDF tool a search turns up. It works in five seconds and you move on.

Here is the part nobody mentions. With most online PDF tools, that file just left your computer. It was uploaded to a server you will never see, processed there, and is now sitting on someone else's hard drive, at least for a while.

For a lot of documents, that is genuinely fine. For some, it is the whole problem. This guide is about telling the two apart.

What "online PDF tool" usually means

Most web-based PDF tools are a thin front end bolted onto a server. You upload the file, a machine in a data center does the work, and you download the result. The processing is not happening in your browser. It is happening somewhere else, and your document has to travel there and back.

The reputable ones are upfront and careful about it. They use encrypted connections, store files in a stated region, and delete them after a set window, often an hour. That is a real, reasonable policy, and for an ordinary file it is plenty.

Not every tool works this way, and that is the point. Desktop apps process locally. A small number of browser-based tools, this one included, do the work on your device. So the useful question is not "is this tool trustworthy," it is "does this tool upload my file," and you can answer that before anything sensitive is involved.

What "we delete it after an hour" does and does not mean

It means the provider intends to remove your file from its primary storage soon after the job is done. That is a good policy and worth having.

It does not mean the file never existed on their systems. For that window, your document lived on third-party infrastructure, and that opens a few doors that a careful policy cannot fully close:

A breach window. Anything stored, however briefly, can be exposed if that server is compromised while your file is on it.
Logs and backups. Deleting a file from the app is not always the same as deleting it from every backup, cache, and log line it touched on the way through.
Legal reach. A file sitting on a company's servers can be subject to a subpoena or a government request in a way a file that never left your laptop simply is not.
Sub-processors. Many tools hand your file to other cloud vendors to do the actual work, which multiplies the number of places it briefly lives.

None of this requires bad intent. A careful, well-run company still cannot give you the one assurance that matters most for a sensitive file: that it never left your hands in the first place.

When uploading is genuinely fine

Most PDFs are not sensitive. A flyer, a recipe, a boarding pass, a blank form: upload away. The convenience is real and the risk rounds to zero. We are not here to make you afraid of every web tool.

This guide is about the other documents. The ones with a name, an account number, a diagnosis, or a privileged communication. The ones where "it was only on their server for an hour" is not a sentence you want to say to a client, a patient, or a judge.

Who should actually care

Lawyers and paralegals. Client files and privileged material should not casually transit a third party's server. See how KeptPDF fits legal work.
Clinicians and clinic staff. A record with patient information uploaded to a general consumer tool is a compliance problem, not a workflow. See the healthcare angle.
Accountants and tax preparers. Social Security numbers, account numbers, and full returns are exactly the data you do not want briefly parked elsewhere. See the accounting angle.
Anyone under an NDA, or anyone who just does not want a stranger's data center holding their financial life for an hour.

The other way: process the file in your browser

There is a second architecture, and it is the quiet fix for all of the above. The tool ships the PDF code to your browser and does the work on your device. The file is opened, edited, and saved locally. Nothing is uploaded, because there is no server step to upload to.

That is how KeptPDF works. Redact, merge, compress, sign, OCR, Bates-number: all 25 tools run in your browser, so your document is never part of a network request. To be precise about what does go out: small first-party pings for the daily quota and our analytics, never your file, and no third-party trackers.

How to tell if a tool uploads your file (the 10-second test)

You do not have to take anyone's word for this, including ours. There are two quick ways to check any PDF tool.

1. The Airplane Mode test

Load the tool's page. Now turn on Airplane Mode, or just switch off your wifi. Try to process a file. If it still works, the work is happening on your device. If it stalls or throws an error, it needed a server, which tells you your file was going to be uploaded to do the job.

2. The Network tab

Open your browser's developer tools and go to the Network tab, then run the tool. Watch the requests. If your file leaves, it usually shows up as a large upload (a POST) carrying the document. With an on-device tool you will see only small first-party calls, never the file itself.

Try it on this site right now: open any tool, go offline, and it keeps working. That is the difference made visible.

Put it to use: redact a PDF in your browser, compare KeptPDF with the tools you might already use (vs Smallpdf, vs iLovePDF), or read how to redact so the text is actually gone.

FAQ

Do all online PDF tools upload my files?

No. Most web-based ones do: you upload, a server processes the file, and you download it back. But desktop apps and a few browser-based tools, KeptPDF included, do the work on your device, so the file is never uploaded. The way to know which kind you are using is to test it: go offline and see whether the tool still runs.

Is it safe to use an online PDF tool?

For everyday, non-sensitive documents, a reputable tool with encryption and prompt deletion is generally fine. For privileged, regulated, or otherwise sensitive files, the safer choice is a tool that never uploads the file at all, because then there is nothing on a server to breach, log, retain, or subpoena.

How do I check whether a PDF tool uploads my file?

Two ways. Turn on Airplane Mode and try to use it: if it still works, processing is happening locally on your device. Or open developer tools, watch the Network tab, and run the tool: an upload shows up as your file leaving in a request. On-device tools show only small first-party calls, never the document.

Does KeptPDF upload my PDF?

No. Every tool runs in your browser, so your document is never part of a network request. You will see only small first-party pings for the daily quota and analytics, never the file itself, and no third-party trackers. Load the page, switch to Airplane Mode, and the tools still work.

Clean a sensitive PDF where it already is, in your browser.

Open KeptPDF free