What we receive
When you seal a PDF, our service receives the document over TLS. We compute its SHA-256 digest in memory, embed the signatures, and stream the sealed PDF back. The original document bytes are not written to persistent storage.
Legal
Privacy
Last updated: 2026-05-13 · Summary of how we handle your data. The full policy and Data Processing Agreement are available to customers on request.
What we retain
Per seal, we retain: the document hash, the two signature values (ECDSA P-256 and ML-DSA-65), the RFC 3161 timestamp token, the certificate chain, the algorithm version, the seal timestamp, and a tenant identifier. We also retain the Certificate of Sealing PDF — a separate, human-readable summary that contains no part of your original document.
What we never retain
The original PDF you uploaded. Its content. Its metadata. Its embedded files or attachments. Any rendering of it.
Account data
We retain account email addresses and authentication artifacts (password hashes computed with a memory-hard scheme, second-factor secrets held under hardware-backed key wrapping, single-use email verification codes with short time-to-live, hashed backup codes, and encrypted session tokens). Transactional email is delivered through an enterprise email provider under a Data Processing Agreement.
Sub-processors
We use a small set of vetted enterprise sub-processors covering cloud infrastructure, payments, transactional email, and trusted timestamping. Each is bound by a Data Processing Agreement and operates under independent third-party security attestations. The current list of named sub-processors is available to customers and prospective customers on request.
Your rights
You can delete your account and Certificate of Sealing PDFs at any time from the dashboard. Audit records (hashes only) are retained per your plan's audit-log retention setting; you can request earlier deletion in writing, subject to legal hold obligations.
Contact
Privacy questions and data-subject requests: privacy@pqcshield.cloud.