KeptPDF
Open App
Radical transparency

Don't trust us. Verify it yourself.

Open DevTools, switch to the Network tab, process a file. Watch zero outbound requests during processing.

Open the app Show me how

Verify in five steps.

Works in Chrome, Edge, Firefox and Safari. No install required — DevTools ships in every modern browser.

  1. Open the app

    Click /#/app in a new tab. Keep this tab open as a guide.

  2. Open DevTools

    Press F12 on Windows or Cmd + Option + I on Mac. Or right-click anywhere on the page and choose Inspect.

  3. Switch to the Network tab. Disable cache. Clear.

    Tick the "Disable cache" checkbox so the browser doesn't quietly reuse anything. Click the trash icon to clear existing entries.

  4. Use any PDF tool

    Pick merge, split, compress, redact, OCR — any of them. Drop a file in and click the action button.

  5. Watch the Network tab during processing

    Filter by "Fetch/XHR". You will see zero outbound requests to KeptPDF servers during processing. The only entries that appear are the initial page load and the JavaScript library fetches that happened before you started.

Or watch from here, no DevTools required.

Live counters below come from the same browser API your DevTools reads. Drop a PDF, click Run, and see whether the "KeptPDF" number moves. (It won't.)

Live network monitor resource entries · PerformanceObserver
To KeptPDF servers
0
0 during last run
To third-party CDNs
0
0 during last run
Total since page load
0
includes this page
Waiting for a file…

What a sketchy version would look like.

This is the architecture nearly every PDF SaaS uses. Avoid any tool that does this with sensitive documents.

// What most PDF SaaS does — DO NOT use any tool that does this
// with privileged, PHI, or tax client material:
fetch('/api/process', {
  method: 'POST',
  body: yourPdfFile,   // your file leaves your browser here
});

// KeptPDF — everything stays in memory:
const pdf = await PDFDocument.load(bytes);
// ...transform locally...
const result = await pdf.save();
// no fetch, no upload — saved blob is offered as a download

Read every line of source.

Every JS file KeptPDF ships is below. Open one. It's just code.

js/app.js js/ui.js js/usage.js js/tools/merge.js js/tools/split.js js/tools/compress.js js/tools/rotate.js js/tools/watermark.js js/tools/images-to-pdf.js js/tools/pdf-to-images.js js/tools/redact-editor.js js/tools/ocr-pdf.js

What we DO send.

Radical transparency means writing down everything — including the small stuff.

Page views and basic analytics. Anonymized. No file content. No PII. We count visits per page so we know whether to keep building. If you'd rather we collect nothing at all, the Pro plan will offer a privacy mode that disables all analytics — coming with accounts in Phase 1.

Error reports. If a tool crashes, we capture the stack trace and the browser version so we can fix the bug. File contents are never included in error reports. We use stack-trace-only sampling, not full session replay.

That's it. No file names, no file hashes, no document properties, no IP-to-document correlation, no third-party trackers. The Network tab will confirm this in real time.

Audit history.

The plan is to stop being the only voice telling you we're trustworthy.

Q3 2026 target: independent security audit by a third-party firm (Cure53 or Trail of Bits). The full report will be published on this page — including any findings and our remediation. No NDA-protected summaries.

Ongoing: we keep this page updated with every JS dependency, every CDN we load from, and the cryptographic hash of each release bundle. If something changes, you'll see it here first.

Ready to use a tool you can actually inspect?

Open KeptPDF