iLovePDF publishes an ISO 27001 certification and says uploaded files are deleted within one, two, or twenty-four hours depending on the account tier. Its public privacy, security, and legal pages do not clearly address AI model training on uploads. For highly sensitive files, the desktop app or a browser-only tool is the safer route.

Smallpdf says files are deleted within one hour unless they are saved to account storage, and its privacy notice explicitly says uploaded files are not used to train models. Among big-name web PDF tools, it publishes more of the privacy details you want to verify first.

Is it safe to upload a bank statement or passport to an online PDF tool?

Only if you are comfortable with the vendor's retention window, training policy, and jurisdiction, or if the tool is browser-only and the file never leaves your device. For highly sensitive identity or financial documents, browser-only is the default-safe option.

Does covering text with a black rectangle redact it?

No. That only hides the text visually. The underlying text can still survive in the file and be recovered by copy-paste or search. True redaction removes it from the content stream and rewrites the PDF.

How can I tell if a PDF contains hidden metadata?

Open the file in a viewer and inspect Document Properties, especially Author, Creator, Producer, and Keywords. For a deeper look, use tools such as pdfinfo or exiftool.

Does DropFile upload my files?

For our page-level PDF tools, no. They run in the browser and the file never reaches our servers. For AI tools such as summarize, extract, and chat, the file is uploaded for processing, then discarded, and it is not used for model training.

What should I do if I already uploaded a sensitive PDF somewhere?

Check the vendor's retention window, delete the file from any account storage if possible, and rotate any credentials or secrets the file contained. Treat the document as potentially disclosed from that point forward.

Are online PDF tools safe? An evidence-based review for 2026

Safety depends on the tool's architecture, retention, and AI-training stance — not on the brand. Here's what iLovePDF and Smallpdf publish about their own handling, and a short checklist you can apply to any tool.

Jump to the comparison table →

By Sarah W. · Reviewed by DropFile Editorial Team

Published April 18, 2026Last reviewed May 5, 2026

Are online PDF tools safe?

Short answer: some are, some are not, and the difference is usually the architecture rather than the brand. A tool's privacy posture is determined by how the file moves through the system, how long it remains there, and whether the vendor uses it for anything beyond processing.

Browser-only tools run on your device with JavaScript or WebAssembly. The page loads, but the file does not leave the machine. Merge, split, page reordering, and image conversion can all work this way.
Ephemeral server tools upload the file, process it, and delete the input and output on a short, published schedule. This is the reasonable middle ground for OCR, AI summarization, extraction, or chat.
Retained cloud services upload files and keep them for collaboration, history, or sharing. That creates the broadest trust boundary and the longest exposure window.

Architecture 1

Browser-only

File never leaves the device. No upload, no retention.

DropFile · page-level PDF tools

Architecture 2

Ephemeral server

Uploaded, processed, and deleted within a stated window.

DropFile · AI PDF tools

Architecture 3

Retained cloud

Uploaded and stored for the life of the account.

Three architectures, three risk profiles. DropFile uses browser-only for page-level tools and ephemeral server processing for AI tools.

For page-level PDF work such as merge, split, organize, and convert to images, DropFile runs entirely in your browser. For AI-powered work such as summarize, extract, and chat, we use ephemeral server processing with no retention. Our stance is published on the privacy page and the security page.

What happens when you upload a PDF to a free online tool?

If the tool is browser-only, nothing leaves your device. If it is server-side, the file travels over TLS to the vendor, is processed there, and is deleted on the vendor's stated schedule. The risk difference lives in the details: retention window, subprocessors, jurisdiction, and whether the file is used for anything else.

TLS in transit protects the file on the network, not inside the vendor's own systems.
Every cloud host, analytics stack, OCR engine, or AI provider extends the trust boundary.
"We delete files after X hours" is a retention ceiling, not a privacy guarantee during that window.
The AI-training question matters. Some vendors explicitly reject training on uploads; others do not say.

How do DropFile, iLovePDF, and Smallpdf compare on privacy?

The table below is built from each vendor's own published pages. When a cell says "Not stated", the vendor does not address the topic on its primary privacy, security, or trust pages at the time of review.

Privacy comparison — DropFile, iLovePDF, and Smallpdf, sourced from each vendor's own public pages (April 2026).
	DropFile	iLovePDF	Smallpdf
Service type	Browser-based PDF utilities + ephemeral AI tools	Online PDF utility suite	Online PDF utility suite
Architecture for core operations	Browser-only for merge/split/organize/convert; ephemeral server for AI	Server-side on the web; a desktop app for local processing is offered³	Server-side⁶
Upload required for core ops?	No for page-level tools; yes for AI tools	Yes on the web³	Yes⁶
Stated retention (non-account)	Nothing stored for browser tools; AI outputs not retained unless history is on¹	"one, two or twenty-four hours (depending on if a user is non registered, registered or premium)"⁴	"within one hour"⁶
Stated retention (account)	History encrypted, 7 days / 30 days / 1 year by plan; toggleable off¹	Same 1/2/24-hour window; iLoveSign documents retained up to 5 years³	Deleted within one hour unless saved to file storage⁶
AI / model-training stance	"Nothing stored. Nothing trained on."¹	Not stated on primary privacy, security, or legal pages³	"We do not use these files to train models"⁶
Named storage / cloud provider	Google Cloud (Cloud Run, Cloud SQL)²	Not named; subprocessors include Cloudflare, Stripe, PayPal, and Sentry⁴	Hetzner for file processing; Cloudflare for auth-related data⁶
Jurisdiction / company location	United States (DropFile AI)	Not stated on primary pages; company describes a "global online service"⁵	Smallpdf AG is incorporated in Switzerland; servers in Ireland⁶
Stated certifications	GCP platform layer: SOC 1/2/3 and ISO 27001; no product-level SOC 2 or HIPAA claim²	ISO/IEC 27001; GDPR and eIDAS compliant³	ISO/IEC 27001; GDPR, CCPA, nFADP, eIDAS⁷
Dedicated metadata-removal tool	Not yet — roadmap	No dedicated tool listed	Not listed among core tools; a blog guide exists⁸
Dedicated redaction tool	Yes — destructive, runs in the browser	Not listed among core tools	Not listed among core tools

How to read the table: specific retention is good, a named AI-training stance is good, and a named cloud provider is a meaningful transparency signal. Missing information does not prove the worst case, but it gives the reader less to work with.

What does a PDF actually reveal about you?

A PDF is a container, not a flat image. Besides visible text, it often stores author name, creation software, operating-system user, timestamps, thumbnails, annotations, forms, embedded files, and sometimes JavaScript. The ISO 32000 specification treats metadata as first-class content, which means a single file can carry multiple metadata records that need to be cleaned independently.

That matters because even when the visible page looks harmless, the file can still expose origin details or behave in unexpected ways. The Shadow Attacks research from Ruhr-University Bochum showed that a signed PDF can be crafted so its visible content changes after signing without invalidating the signature¹².

Why "black box" redaction is not redaction

Drawing a black rectangle over text is annotation, not redaction. The original text layer remains in the file and can be recovered by copy-paste, by tools like pdftotext, or by PDF search. As Nitro puts it, masking only hides content visually; the underlying data can still be copied, searched, or extracted¹³.

Real redaction removes the text from the content stream and rewrites the file so the removed bytes are gone. NIST SP 800-88 Rev. 1 is the practical reference for destructive removal¹⁴.

What you see

The visible layer

Patient name:

Date of birth:

Diagnosis code:

Attending:

The patient presents with

following discharge.

Ctrl + Apdftotext

What the text stream still contains

The underlying layer

Patient name:Jane A. Morrison

Date of birth:1974-03-22

Diagnosis code:ICD-10 F41.1

Attending:Dr. P. Alvarez

The patient presents with

acute generalized anxiety with

recurrent panic episodes

following discharge.

A black rectangle covers the visible layer, but the text stream underneath can remain unchanged.

DropFile's redaction tool destructively rewrites the PDF content stream locally — the file never leaves your device.

How to verify any PDF tool yourself

You do not need to trust a vendor's marketing claim about uploads. Your browser's developer tools can answer the basic question in under a minute.

Open the Network tab. In Chrome, Firefox, or Safari, open developer tools and clear the request list.
Run the tool with a small test PDF. Use a harmless sample file rather than a sensitive document.
Look for outbound file requests. A browser-only tool will not show a file upload request. A server-side tool will usually show a request whose payload size matches the file.

This is not a full security audit, but it is enough to confirm or refute most "no upload" claims made by consumer PDF tools.

Seven questions to ask before uploading a sensitive PDF

Where does the file physically run? Browser, vendor server, or a mix?
If it uploads, how long is it retained? Look for a specific time window and deletion policy.
Who are the subprocessors? Cloud hosts, OCR vendors, AI providers, analytics, support tools.
Is the content used for model training? Paid AI workflows should answer this clearly.
What is the jurisdiction and legal posture? Where is the company incorporated and where does data reside?
Does redaction actually remove text? Run the copy-paste test on any redaction feature.
What is the incident track record? Clear disclosures and post-mortems are better than silence.

What do regulators expect from document workflows?

In 2026, regulators treat document handling as part of the controller's technical and organizational measures rather than a separate tooling decision. Three references matter repeatedly in practice.

GDPR Article 25 favors architectures that minimize collection by design¹⁶.
GDPR Article 32 focuses on confidentiality, integrity, resilience, and appropriate safeguards¹⁷.
HIPAA 45 CFR §164.312 requires access controls, audit controls, integrity, and transmission security when PHI is involved¹⁸.

Browser-only workflows are practical today because modern browsers expose enough file APIs for real document work. The File System Access API is part of that shift¹⁵.

DropFile's page-level tools — merge, split, organize pages, and convert to images — run locally. AI tools like summarize and extract are processed ephemerally and are not used for training. We do not claim a destructive redaction tool or a dedicated metadata scrubber yet, and we say that plainly.

References

DropFile — Privacy policy — Retention by plan, AI-training stance, history toggle
DropFile — Security page — Infrastructure, encryption, compliance posture
iLovePDF — Security & Data Protection — Retention, encryption, ISO 27001, desktop app
iLovePDF — Privacy Policy (hosted on iubenda) — Granular 1/2/24-hour retention windows; listed subprocessors
iLovePDF — PDF Compliance & GDPR — "Global online service"; desktop app as local-processing option
Smallpdf — Privacy Notice — No model training; Hetzner + Cloudflare subprocessors; Swiss HQ; 1-hour retention
Smallpdf — Trust Center — ISO 27001, GDPR, CCPA, nFADP; TLS
Smallpdf — Ways to remove PDF metadata (blog)
Scribd Inc. — About
Everand — homepage
ISO 32000-2 — Document management — Portable document format
Shadow Attacks on PDF signatures
Nitro — Best PDF Redaction Tools 2026
NIST SP 800-88 Rev. 1 — Guidelines for Media Sanitization
File System Access API — MDN Web Docs
GDPR Article 25 — Data protection by design and by default
GDPR Article 32 — Security of processing
HIPAA 45 CFR §164.312 — Technical safeguards

Frequently asked questions

Is iLovePDF safe?: iLovePDF publishes an ISO 27001 certification and says uploaded files are deleted within one, two, or twenty-four hours depending on the account tier. Its public privacy, security, and legal pages do not clearly address AI model training on uploads. For highly sensitive files, the desktop app or a browser-only tool is the safer route.
Is Smallpdf safe?: Smallpdf says files are deleted within one hour unless they are saved to account storage, and its privacy notice explicitly says uploaded files are not used to train models. Among big-name web PDF tools, it publishes more of the privacy details you want to verify first.
Is it safe to upload a bank statement or passport to an online PDF tool?: Only if you are comfortable with the vendor's retention window, training policy, and jurisdiction, or if the tool is browser-only and the file never leaves your device. For highly sensitive identity or financial documents, browser-only is the default-safe option.
Does covering text with a black rectangle redact it?: No. That only hides the text visually. The underlying text can still survive in the file and be recovered by copy-paste or search. True redaction removes it from the content stream and rewrites the PDF.
How can I tell if a PDF contains hidden metadata?: Open the file in a viewer and inspect Document Properties, especially Author, Creator, Producer, and Keywords. For a deeper look, use tools such as pdfinfo or exiftool.
Does DropFile upload my files?: For our page-level PDF tools, no. They run in the browser and the file never reaches our servers. For AI tools such as summarize, extract, and chat, the file is uploaded for processing, then discarded, and it is not used for model training.
What should I do if I already uploaded a sensitive PDF somewhere?: Check the vendor's retention window, delete the file from any account storage if possible, and rotate any credentials or secrets the file contained. Treat the document as potentially disclosed from that point forward.

Merge, split, and organize PDFs without uploading a file

Our page-level PDF tools run entirely in your browser. Files never reach our servers, so there is no retention window, no storage subprocessor, and no AI-training question to answer.

Open DropFile PDF tools