Privacy Policy

Privacy Policy

Last updated: 2026-02-27

This Privacy Policy explains how PDFCuibu ("we", "us", "our") handles personal data and uploaded files when you use https://www.pdfcuibu.com (the "Service"). We designed the Service to be simple: you upload a file, we process it to produce the output you requested, and you download the result.

1) What we do (high-level)

• We process uploaded files only to provide the tool you selected (merge, split, convert, compress, extract, etc.).
• We try to keep processing temporary. Files may be stored briefly on the server to complete processing and provide the download.
• We do not show a public support email address. If you need help, use the Contact form.

2) Data we collect

Depending on how you use the Service, we may collect the following categories of data:

• Uploaded content: the files you upload to run a tool and the output files generated by the Service.
• Contact data: when you use the Contact form we receive your name, email address, subject, and message.
• Technical data: IP address, browser type, device information, timestamps, requested URLs, and basic diagnostic logs that help us keep the Service reliable and secure.
• Security signals: anti-abuse signals such as rate limits, honeypot fields, and error patterns used to detect spam or malicious automation.

3) What we do NOT intentionally collect

• We do not ask for your password to any external service.
• We do not require account registration for basic usage.
• We do not sell your personal data.

4) Purpose and legal bases (GDPR-style)

We process personal data for the following purposes:

• To provide the Service (performance of a contract / taking steps at your request): receiving your upload, processing it, and providing a download.
• To respond to support requests (legitimate interests / consent depending on your message): replying to your Contact form message.
• To secure the Service (legitimate interests): detecting abuse, preventing attacks, and troubleshooting failures.
• To comply with legal obligations: handling lawful requests, enforcing our Terms, or responding to fraud/abuse reports.

5) File handling & retention

File processing requires temporary storage on the server. Our goal is to delete temporary files after processing, but exact retention can vary depending on technical constraints (tool type, server load, and safety checks). You should assume:

• Your upload may be written to disk temporarily while we process it.
• Outputs may be stored briefly to allow you to download them.
• Links may expire or stop working once files are cleaned up.

Important: Do not upload sensitive documents (medical records, financial statements, identity documents, confidential contracts) if you are not comfortable using an online service. If you require strict confidentiality, use offline tools on your own computer.

6) Contact form data retention

Messages sent through the Contact form are delivered to our support mailbox so we can respond. We may keep support emails for as long as necessary to provide support, maintain records, and prevent repeated abuse. If you want us to delete a message thread, you can request deletion using the same email address you used to contact us.

7) Cookies and local storage

The Service may use minimal cookies or local storage for functionality and protection (for example, to keep navigation stable, reduce repeated processing, or apply anti-abuse rate limiting). We try to avoid unnecessary tracking. If we add analytics in the future, we will update this policy and, where required, request consent.

8) Third-party services

We may rely on infrastructure providers (hosting, CDN, email delivery) to operate the Service. These providers may process technical data (like IP address) as part of delivering content, securing the platform, or transmitting support emails. We only use providers we believe are appropriate for operating the Service.

9) Security measures

We implement reasonable security controls designed for a small online tool service:

• HTTPS where available
• Least-privilege access on servers
• Input validation and file type checks
• Basic anti-spam and abuse detection
• Logging of errors for troubleshooting

No system is perfectly secure. You are responsible for choosing whether to upload any specific file.

10) Your rights

Depending on your jurisdiction (including the EU/EEA), you may have rights such as access, rectification, deletion, restriction, objection, and portability. Because we do not operate user accounts, most requests will be tied to your Contact form email address and the data you provided. To make a request, use the Contact form and include:

• the email address you used
• what you want us to do (access/delete/correct)
• approximate date/time of your request

11) International transfers

Depending on where our servers or providers are located, your data may be processed in countries outside your own. We take reasonable steps to ensure appropriate safeguards where required.

12) Children

The Service is not intended for children under 13 (or the age required by your local law). If you believe a child has provided personal data through the Contact form, contact us and we will take steps to delete it.

13) Changes to this policy

We may update this Privacy Policy from time to time. We will update the "Last updated" date above and publish the new version on this page. Continued use of the Service after changes means you accept the updated policy.

14) Data retention (more detail)

We keep data only as long as necessary for the purposes described in this policy. Uploads and generated files are stored temporarily for processing and deleted on scheduled cleanup (typically within 12 hours).

• Uploads and generated files: stored temporarily for processing and download, then deleted on scheduled cleanup (typically within 12 hours).
• Server logs: we may retain diagnostic and security logs for a limited period to investigate incidents, debug failures, and protect the Service.
• Support emails: retained as needed to resolve your request and maintain an audit trail for repeated issues or abuse.

15) Automated decision-making

We may use basic automated checks to detect spam or abusive activity (for example honeypot fields, rate limits, and pattern detection). These checks do not produce legal or similarly significant effects; they are used to keep the Service usable and safe.

16) Data breach considerations

We take security seriously, but no online service can guarantee absolute security. If we become aware of a breach affecting personal data, we will take reasonable steps to investigate, mitigate, and comply with applicable notification obligations.

17) More guidance for sensitive documents

If your PDF contains personal identifiers (ID numbers, addresses), financial data, health information, or confidential business information, we recommend using offline tools. If you still choose to use the Service, consider minimizing the document (remove pages, redact content) before uploading.

18) How to contact us

Please use the Contact form. For faster support, include the tool URL, file type, approximate file size, and the exact error text. If your request is privacy-related (access/deletion), mention "privacy request" in the subject.