This Privacy Policy explains what personal data we collect, how we use it, and your rights when you use Redact PDF AI's website, web app, and API.
Last updated: April 24, 2026
Data controller: Damien Buchs, Rue des Fossés 33, 1110 Morges, Switzerland. This policy applies to personal data processed through our website, application, API, support channels, and related operations.
Depending on your use, we collect: (a) account and authentication data (for example user identifier, name, email, organization); (b) billing and subscription data (for example customer/billing identifiers, subscription status, and transaction history); (c) technical and usage data (for example application logs, device/browser metadata, product events, and analytics measurement where you consent); (d) uploaded documents, related processing metadata (such as status, page count, selected PII categories), and associated redaction masks; and (e) for certain demo flows with email delivery, the email address and related download link.
Depending on context, we process personal data under one or more legal bases, including contract performance, legitimate interests, consent, and legal obligations. We use data to provide and secure the service, authenticate users, process payments, provide support, prevent abuse, measure usage, and maintain technical reliability. Uploaded documents are processed for OCR/PII detection and to generate irreversible redaction outputs, and are not used to train AI models.
Our main subprocessors and third-party services currently include: Microsoft Azure (hosting, Blob storage, OCR and PII detection services), Clerk (authentication and account management), Stripe (payments and billing), Mixpanel (product analytics after consent), Sentry (error monitoring), Google Ads/gtag (site conversion measurement), plus Supabase and Loops for certain demo flows that send download links by email; Slack may also be used for internal operational alerts when configured. Service data is stored and processed in Azure regions Europe (Frankfurt) and Switzerland North. These processing activities are governed by contractual safeguards. If personal data is transferred outside Switzerland or the EEA, we rely on recognized transfer mechanisms, such as adequacy decisions and/or standard contractual clauses, as applicable.
Retention depends on the workflow you use, your settings, and legal obligations. Where the relevant features are available, you can delete documents/jobs from the product or API; deletion is intended to remove original files, redacted outputs, masks, and related records. In demo mode, the original file is deleted after the redacted preview is generated. For the API, retention modes (ephemeral/studio) are documented to adapt retention to your use case. Download links are delivered through time-limited signed URLs.
Depending on your location, you may have rights to access, correct, delete, export, object to, or restrict certain processing. To exercise rights, contact info@redact-pdf.ai. You may also lodge a complaint with the Swiss FDPIC and, where applicable, with your local EEA data protection authority.
We currently do not designate a Swiss or EU representative. If designation becomes legally required, we will appoint one and publish the details in this policy.
For privacy requests or questions, contact info@redact-pdf.ai. For security questions or reports, you may also contact security@redact-pdf.ai. For additional technical and organizational safeguards, please review our Security page.