Skip to content

Security

How your files stay private

PDFNEO is client-side by architecture, not by promise. Here is exactly how your documents are processed without ever being uploaded.

Last updated June 1, 2026

  • 100% client-side
  • No uploads
  • Private by design
  • Works offline

The short version

  • PDFNEO is client-side by architecture, not by promise
  • Your file is never uploaded — there is no server to receive it
  • Processing runs in a sandboxed Web Worker via WebAssembly
  • You can verify it: check the Network tab or go fully offline

The big picture

Security overview

Most online PDF tools upload your file to a server, process it there, and send the result back — leaving a copy of your document on someone else's computer. PDFNEO works the opposite way.

Files uploaded to a server
0

Files uploaded to a server

Processing done on your device
100%

Processing done on your device

Copies retained anywhere
0

Copies retained anywhere

Works fully offline
Yes

Works fully offline

Zero-upload architecture

The processing engine comes to your file

The engine is downloaded to your browser once, when the page loads. After that, your files are handled entirely on your own device — there is no upload, so there is nothing to intercept, leak, or retain.

  1. 01

    You add a file

    The File API reads the bytes from your disk into your browser's memory. This stays entirely local — there is no submit step.

  2. 02

    Work happens locally

    A background Web Worker runs WebAssembly engines to manipulate the document. No network connection is used.

  3. 03

    You download the result

    The finished file is created in memory and saved through a normal browser download. Close the tab and memory is released.

PDFNEO

  • File stays in your browser's memory
  • No network request carries your document
  • Works with the internet disconnected
  • Nothing to breach, retain, or share

Typical cloud PDF tool

  • File is uploaded to a remote server
  • A copy sits on infrastructure you don't control
  • Requires a live connection to function
  • Data may be retained, logged, or shared

Local processing

What actually runs, and where

Every step happens inside the browser tab you already trust.

No backend in the path

There is no PDFNEO server that accepts documents. The entire site is just static files served to your browser — your file never has anywhere to go but your own machine.

Defense in depth

Browser, WebAssembly & worker isolation

PDFNEO relies on the same sandboxing that protects every modern web app — layered so your file never escapes the page.

Native File API

Your browser reads the file's bytes directly from disk into local memory — the same mechanism as attaching a file to a form, except nothing is ever submitted.

WebAssembly sandbox

Engines like pdf-lib, pdf.js, and Ghostscript run as WebAssembly inside the browser's sandbox, with no access to your filesystem or network.

Web Worker isolation

Heavy work runs on a background thread that only ever sees the data you handed it — your file — and opens no network connection.

Browser security model

Everything inherits the browser's battle-tested sandbox, same-origin policy, and memory isolation that protect every site you visit.

Data lifecycle

The complete life of your file

From the moment you add a document to the moment it's gone — all on your device.

  1. Step 1 — Load

    File enters memory

    Your document is read from disk into a temporary in-memory buffer inside your browser tab.

  2. Step 2 — Process

    Work runs in a worker

    A sandboxed Web Worker transforms the data using WebAssembly. The buffer stays on your device the entire time.

  3. Step 3 — Export

    Result handed back

    The output is generated in memory and saved via a standard browser download — no server ever sees it.

  4. Step 4 — Release

    Memory is cleared

    Close or reload the tab and the buffers are released. Nothing is persisted or backed up anywhere.

Threat protection

What this protects you from

Removing the server removes an entire class of risks at once.

Server breaches

There is no server holding your files, so there's no breachable store of documents in the first place.

Data retention

No copies linger in a cloud bucket, queue, or backup. Nothing persists beyond your tab's memory.

Third-party sharing

Your data is never transmitted, so it can't be shared, sold, or fed into someone else's pipeline.

Account exposure

There is no account to phish or compromise — PDFNEO never asks you to create one.

Network interception

With no upload in the code path, there's no document traffic on the wire to intercept.

Profiling & tracking

No file contents or document metadata are ever collected, so nothing can be used to profile you.

Don't take our word for it

Verify it yourself

Two simple checks confirm that nothing is uploaded.

Check the Network tab

Open your browser's DevTools, switch to the Network tab, and run any tool. You'll see no request that sends your file anywhere.

Disconnect from the internet

Once a tool page has loaded, go fully offline. The tools keep working — a cloud tool would simply fail.

Stay safe everywhere

Security best practices

On-device tools remove most of the risk. These habits cover the rest.

Prefer client-side tools for sensitive files

For contracts, IDs, medical records, and financial documents, choose tools that process on-device so the file never travels.

Keep your browser up to date

The browser sandbox is your security boundary. Running the latest version ensures you have the newest isolation and patches.

Be cautious with unknown uploaders

If a tool asks you to upload a sensitive document, pause. Once a file leaves your device, you lose control over how it's stored or shared.

Frequently asked questions

Are my files ever uploaded to a server?
No. There is no upload step anywhere in the code. Files are read into your browser's memory, processed on your device, and saved back to you. No server receives your documents.
How can I verify nothing is uploaded?
Open your browser's DevTools Network tab and run any tool — you'll see no request that sends your file. Or simply disconnect from the internet after the page loads; the tools keep working, which a cloud tool could never do.
Is WebAssembly safe?
Yes. WebAssembly runs inside the same browser sandbox as JavaScript, with no direct access to your filesystem or network. It only operates on the data you explicitly hand it.
What happens to my file after I close the tab?
It's gone. The file only ever existed in your tab's memory. Closing or reloading the tab releases that memory — there are no copies, caches, or backups elsewhere.
Are there any limits to client-side processing?
One practical trade-off: everything runs on your device, so very large files are bounded by your available memory rather than a powerful server. In exchange you get total privacy and no upload wait.

Related resources

Understand the privacy guarantees and the project behind them.

Privacy

Privacy policy

What data is and isn't involved when you use PDFNEO.

Learn moreAbout

About PDFNEO

Why we built a PDF toolkit that never uploads your files.

Learn moreGuide

Are online PDF tools safe?

The real risks of uploading documents — and how to avoid them.

Learn more

Privacy you can verify

Open any tool, watch the Network tab stay silent, and process your PDF without it ever leaving your device.

Try a PDF toolView privacy policy