When you are redacting sensitive information, security cannot be an afterthought. It has to be built into the system from the start.
At RedactMyPDF, we built our platform around a security first mindset to make sure your most confidential documents stay protected, not just during redaction but throughout every part of the process.
Here is a look at how we make that happen.
Why Security Matters in Redaction
Redacting a document is often about sensitive material, such as personal identifiers, business secrets, or legal details.
If the platform handling these documents is not secure, it risks leaking exactly the information you are trying to protect. That is why we have layered multiple security measures across the system to keep your files safe.
How We Protect Your Files
We apply strong protections at every step:
Strong Encryption: We use AES 256 encryption (the same standard banks and governments trust) to keep your files secure in storage and during processing. Encryption keys are derived using PBKDF2 with 100,000 iterations, making brute force attacks highly impractical.
Minimal Decryption Window: Your files are only decrypted temporarily in memory when we are actively processing them, and they are re-encrypted immediately afterward.
True Redaction: We do not just cover text with black boxes. We fully remove sensitive content and scrub metadata, so the cleaned file has no hidden traces left behind.
Sanitization Pipeline: Uploaded PDFs go through a process that removes embedded scripts, hidden layers, and other potentially risky elements.
A Secure Infrastructure
Beyond file handling, the entire system is designed for security:
- CSRF protection to stop cross site request forgery attacks
- Strict Content Security Policy (CSP) headers to block cross site scripting (XSS)
- HTTPS enforced everywhere without exception
Responsible Data Storage
We handle data carefully:
- All documents are stored in Google Cloud’s EU data centers, ensuring GDPR compliance.
- Free anonymous projects are automatically deleted after 24 hours.
- Users can delete their projects anytime, and the removal takes effect immediately. We have ensured that the delete buttons are always prominently available to the user and never hidden away.
Zero Knowledge, AI Only Processing
Your content stays private:
- All redaction suggestions come from secure AI models; no human ever reviews your files.
- Sensitive operations happen in secure, local environments.
- We collect only the minimum data needed to deliver the service.
Strong Authentication (or No Account at All)
We use Firebase Authentication, so we never handle or store your passwords directly. Sessions are securely managed. And if you prefer, you can use the platform anonymously; your documents will be available in your browser when you return, as long as you do not clear cookies.
Security by Design
Security is not something we add on top. It shapes how we build everything, from the architecture behind the scenes to the user facing features.
When you use RedactMyPDF, you are choosing a platform built specifically for the delicate work of handling and cleaning sensitive documents.
Always Improving
Security is a moving target. We constantly review and improve our systems, update dependencies, and watch for new threats or best practices.
It is an ongoing commitment, and we take it seriously.
If you have any questions or ideas on how we can do even better, we would love to hear from you. Drop us a note at [email protected].
Stay safe, and keep your sensitive documents truly secure.