Legal
Privacy Policy
PDF2X is designed to process documents locally in the browser, but production deployments may also use advertising, analytics, consent tools, and related technologies.
Overview
PDF2X is a static web application that converts PDF files to Markdown or plain text using in-browser processing. The intended product behavior is that uploaded documents are handled locally on the user’s device and are not sent to a remote conversion service by the application itself.
Document Processing
When a user selects a PDF, the file is read inside the browser session. PDF parsing, text extraction, OCR, preview generation, clipboard copy, and downloadable export generation are performed locally in the browser.
- The application does not intentionally upload document contents to a remote API for conversion.
- The application is built to use locally served copies of its PDF and OCR libraries.
- Bundled OCR language data is stored locally with the application and used in-browser only, including expanded multi-language support.
- Generated output remains in the browser unless the user explicitly downloads or copies it.
Information Collected
The base static application does not require account registration and does not need personal information to operate. It may store a small preference in the browser, such as the selected visual theme, to improve user experience between visits. In production, operators may also collect limited technical and usage data through analytics and advertising integrations.
Local Storage
PDF2X may use browser local storage for non-sensitive interface preferences, such as whether dark mode or light mode is selected. This storage is local to the user’s browser and is not used to store PDF contents as part of the normal app flow.
Analytics
Production deployments of PDF2X may use Google Analytics or similar measurement tools to understand traffic, product usage, page performance, and high-level engagement. These tools may collect information such as page views, browser details, device details, approximate location, referral information, and usage events configured for the site.
If analytics is turned on for this site, it should be configured and disclosed in a way that matches applicable legal requirements.
Advertising and AdSense
Production deployments may display advertising, including Google AdSense. Advertising technologies can use cookies, mobile identifiers, browser storage, and similar technologies to measure ad performance, prevent fraud, limit repetition, and, where allowed, personalize ads.
Google and its partners may collect or receive technical information in connection with ad delivery, including device information, identifiers, IP-derived signals, ad interaction data, and approximate location data depending on the configuration and jurisdiction.
Cookies and Consent
If analytics, AdSense, or other third-party services are enabled, the site may use cookies or similar technologies. In some regions, consent or additional disclosures may be required before those technologies are used. Visitors should be able to review those choices before non-essential services are turned on.
Google provides Privacy & messaging tooling for consent collection, but that does not remove the need for a correct and lawful setup.
The current implementation uses a basic consent approach for Google tags: analytics and advertising scripts remain blocked until a user makes a choice. The consent controls also support an opt-out style profile for applicable US state privacy laws by allowing users to reject ad storage, ad user data, and ad personalization.
For EEA, UK, and Switzerland advertising, this built-in banner should not be treated as a substitute for a Google-certified CMP integrated with the IAB Europe TCF where that requirement applies. The implementation is designed to keep AdSense blocked for those regions unless an external TCF CMP signal is present.
Regional Compliance Approach
The current site code uses a conservative, production-oriented posture. It supports basic consent for analytics and advertising tags, allows users to reject advertising-related processing for US state privacy purposes, and blocks AdSense in GDPR-style regions unless an external TCF-compatible CMP signal is available.
Region classification in the client can only be approximate. If this site is used in regulated markets, the final deployment still needs to be checked carefully.
Third-Party Services
When enabled, third-party services such as Google Analytics, Google AdSense, consent platforms, content delivery providers, and hosting providers may process technical information according to their own terms and privacy policies.
Hosting Considerations
If PDF2X is deployed behind analytics, logging, reverse proxies, or additional third-party scripts, those components can change the privacy profile of the deployment. That means the final privacy experience can differ depending on how the site is hosted and configured.
Security
Reasonable efforts should be made to serve the application over trusted infrastructure and to keep bundled libraries current. No client-side application can guarantee absolute security, and users should avoid processing documents on untrusted devices.
Contact and Updates
This policy should be updated whenever the product behavior changes, especially if remote services, analytics, advertising, consent tooling, user accounts, or additional storage are introduced.