Last updated June 2026

How Vault PDF keeps client PDFs local

Browser-only processing for 25 core PDF tools, with signed deletion receipts you can share with clients and security reviewers.

  • 25 browser-only tools
  • No PDF bytes on our servers
  • Signed deletion receipts

How it works

Sign in to the shell. PDF tools load through an authenticated proxy. The engine is not publicly exposed in production.

Your browser

PDF bytes stay here. WASM runs locally.

HTTPS + auth

Vault PDF shell

Sign-in, billing, team, receipts.

Proxy /tools/*

PDF engine

Private network in production. Delivers tool UI, not your files.

What stays on your device

Our servers do not receive
  • PDF file content or page images
  • Filenames or original file paths
  • File hashes derived from PDF bytes
  • Extracted text or OCR output from your documents
Our servers may receive
  • Authentication session and account metadata
  • Subscription and billing records
  • Job metadata: tool used, file count, timestamp, optional compression mode
  • Operational logs (scrubbed) retained for 90 days, then purged

Browser-only tool catalog

All core PDF tools run locally in your browser. No PDF bytes are uploaded to Vault PDF servers for these workflows.

Organize

Combine, split, reorder, and clean up pages.

  • Combine PDFs
  • Split PDF
  • Rotate PDF
  • Organize PDF
  • Delete Pages

Edit

Annotate, sign, watermark, and refine PDFs.

  • Edit PDF
  • Fill & Sign PDF
  • Add Watermark
  • Add Page Numbers

Convert

Move between PDFs, images, and searchable text.

  • PNG to PDF
  • PDF to PNG
  • OCR PDF

Security

Protect, unlock, and sanitize sensitive documents.

  • Protect with password
  • Unlock PDF
  • Sanitize PDF
  • Remove Metadata

Workflow

Chain multiple PDF actions into one repeatable flow.

  • Shrink PDF
  • PDF Multi Tool
  • PDF Workflow
  • Packet Builder

Compliance

Sign, timestamp, validate, and audit documents.

  • Compare PDFs
  • Certified Redaction
  • Digital Signature
  • Validate Signature
  • Timestamp PDF

Verify it yourself

  • Offline test

    Sign in, open Merge (or any core tool), disconnect Wi-Fi, and process a sample PDF. If it completes, processing stayed on your device.

  • Network tab check

    In DevTools → Network, run a job and confirm no request uploads your PDF. Expect auth, static assets, and WASM libraries only.

  • Receipt check

    Open a deletion receipt after a job, or view our sample receipt. Metadata only: tool, file count, timestamp, and signature. No PDF content.

    View sample receipt

Shared responsibilities

Vault PDF

What we build for

  • Browser-only processing for all 25 core PDF tools
  • No server-side retention of PDF bytes during those workflows
  • Authenticated access to the PDF engine through a private proxy

Your team

What you own

  • Securing devices and browsers used for client work
  • Managing workspace access and downloaded outputs
  • Stripping metadata on export when your policy requires it

Browser-based processing also depends on device security, browser updates, and how exported files are stored and shared. Vault PDF is not a regulated compliance certifier.

Common questions

Share this page with your security reviewer

Start a free trial and generate your own deletion receipt, or use the compliance kit on the Compliance plan.