Security
Encryption, retention, and a published validator on every run.
How customer documents are handled in flight and at rest, and how the validation result is made auditable.
Data handling
- In-flight encryption
- TLS 1.3 on every upload, every job-status callback, and every download. No mixed-content or downgrade fallback.
- At-rest encryption
- AES-256 on the object store. Source PDF, remediated PDF, and intermediate veraPDF reports are all encrypted at rest.
- Retention window
- 30 days from upload, then auto-purge. Pipeline metadata (job status, validation deltas) is retained per the audit-log retention policy; PDF binary content is not.
- Deletion policy
- On-demand delete via the audit log on the customer portal. Deletion is enforced end-to-end (object store + replicas + queue artifacts).
Data residency
U.S. region during processing. Single-region; no cross-border movement of customer corpora without explicit customer consent. Replication and disaster-recovery scope is named in the customer agreement.
Validation methodology
Every PDF is validated against two profiles using veraPDF — the reference validator the PDF Association publishes its own standard against. Both profiles run on every file:
- WCAG 2.2 full profile, covering 2.2-level Web Content Accessibility Guidelines applied to the PDF surface.
- PDF/UA-1 ISO 14289-1:2014, covering tag-tree machine-readability for assistive technology.
Each run produces a per-file rule-level pass/fail diff that is part of the deliverable. The site never claims a result veraPDF does not confirm. See WCAG 2.2 and PDF/UA-1 validation standards for the full methodology.
Vulnerability disclosure
If you identify a security issue, contact us via the security disclosure channel. We acknowledge in-scope reports within two business days and coordinate disclosure timelines with the reporter.