Table of Contents
BoostPDF ("we," "our," "us") is a product of DigiReply [NZBN: 9429052842634], a company registered in New Zealand. This Privacy Policy explains how we collect, use, and protect information in compliance with:
- EU General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- New Zealand Privacy Act 2020
- Australia Privacy Act 1988 (Cth) & Australian Privacy Principles (APPs)
By using BoostPDF, you agree to this Privacy Policy.
1. Information We Collect
- Usage Data: Browser type, operating system, and non-identifiable usage analytics.
- PDF Files: File handling depends on the specific tool being used (see Section 4: File Handling & Retention).
- Cookies / Local Storage: Used for functionality (e.g., saving preferences), analytics, and advertising. Users can manage cookie preferences (see our Cookie Policy below).
2. How We Use Information
- To operate, maintain, and improve BoostPDF.
- To troubleshoot technical issues.
- To manage subscriptions and billing.
- To comply with tax and legal obligations.
- To serve ads and measure effectiveness (cookies/analytics).
We do not sell or rent your files or personal data.
3. Free Tier & Paid Subscriptions
Free Tier (Guest Access)
All users may access all BoostPDF tools with daily usage limits. Limits reset at midnight (server time). Free access may be modified at our discretion.
Paid Subscriptions
- Paid subscriptions provide unlimited access to BoostPDF tools.
- Payments are processed securely via Stripe, a third-party processor. We do not store your credit card details.
- We may retain limited billing information (e.g., subscription status, billing address) to manage accounts, provide support, and comply with tax/legal obligations.
Changes & Modifications: We reserve the right to adjust subscription plans, pricing, and free tier limits at any time.
4. File Handling & Retention
We design BoostPDF so that files are kept for the minimum time necessary and deleted automatically.
PDF Conversion Tool
- Input files (uploads) are deleted immediately after processing.
- Processed files are available for up to 1 hour, then automatically deleted.
- Access is via secure tokenized URLs.
Password Protection / Encryption Tool
- Input files are deleted immediately after encryption processing.
- Processed files are available for up to 1 hour, then automatically deleted.
- Access is via secure tokenized URLs.
Merge Tool
- All merging is performed client-side in your browser using JavaScript.
- Files are loaded into browser memory and combined locally.
- Processed files are available for up to 1 hour before deletion.
AI Translator & AI Summarizer
- These features require server-side processing. Your PDF content is sent to our server and processed via third-party AI providers (OpenAI and DeepSeek).
- Files and content are NOT stored on our servers or on the AI providers' servers beyond the time needed to complete the request.
- AI providers process data in accordance with their own privacy policies and data processing agreements. We use API endpoints that do not retain or train on user data.
- Processed results are returned to you immediately and are not cached or stored.
Edit Text (PDF Text Editing)
- This feature allows editing of existing text within PDF documents and requires server-side processing.
- Your PDF is temporarily uploaded to our server for text extraction and modification.
- The file is deleted immediately after processing is complete and the result is returned to you.
- We do not store, read, or retain any content from your documents.
Other PDF Editing Tools (Draw, Highlight, Signature, Stamp, Forms, Image, Crop)
- All other editing and export functions run locally in the user's browser or on-device in the mobile app.
- Files are never uploaded to our servers.
- Generated files remain in the browser/app only.
Important: User files are never shared, sold, or used for purposes other than providing the requested service.
5. Google Drive Integration & File Editing via Our Editor
What we do not collect or access
- We do not store, access, or retain your file content.
- We do not index, scan, or analyze your files.
- We do not store your email, name, or Google account information on our systems (beyond transient authentication tokens).
- We do not see any files you open, edit, or save via our system.
- Your file does not pass through our server when editing — all PDF editing is done client-side in your browser / local environment.
- We do not make backups or copies of your file.
How it works (in a nutshell)
- You authorize our app via Google OAuth, obtaining permission to access specific files in your Drive.
- You choose a file to open/edit; we fetch it (via Google Drive API) into the client environment (browser).
- Edits are performed locally (in your browser) using our editor tools.
- When you save, we push the modified file back to your Google Drive (via API).
- The entire workflow is done on the user side; our server is not in the data path of file content.
OAuth / Token Handling & Permissions
- We only request the minimum scopes necessary to read, write, and manage the files you explicitly select (no “full Drive” or wide scopes unless essential).
- OAuth tokens are stored securely and only used for authorized operations.
- Tokens are revoked or invalidated if you disconnect our app.
- We comply with Google’s API Services User Data Policy, which requires clear disclosure of what user data is accessed and for what purpose.
Security & Encryption
- All communication between your browser and Google Drive uses HTTPS / TLS (encrypted in transit).
- We use SSL / TLS for all server endpoints where relevant.
- We do not store the decrypted file or residual fragments on our servers.
- Temporary data in memory or browser storage is as minimal as possible and cleared once operations complete.
No Logging of File Activity
- We do not log which files you edit, view, or save.
- We do not log content summaries or metadata beyond what may be necessary for API calls (e.g. file IDs).
- If any minimal logging (e.g. errors, request counts) is done, it is anonymized and contains no user content.
User’s Rights & Control
- You can revoke our app’s access to your Drive anytime via your Google Account’s security settings.
- You can delete any OAuth tokens or permissions granted.
- All file versions remain under your control in Google Drive; we do not influence retention or deletion policies.
- If there is a change in how we handle Google Drive data (e.g. new permissions, features), we will notify you and require explicit consent.
Updates & Changes
We may update this section if our integration behavior changes. When that happens, we will (a) post the update in this policy, (b) notify you (e.g. via email or in-app notice), and (c) require consent if new data access is requested.
6. Data Retention
- Browser-based tools: Files remain only in the browser and are not uploaded.
- Server-side tools: Processed files are deleted automatically after 1 hour.
- Account & billing data: Retained for up to 7 years for legal/tax purposes.
- If a subscription is canceled, account data may be kept until the end of the subscription period, after which it may be deleted.
7. Your Rights
Depending on your location, you may have rights under GDPR, CCPA, NZ Privacy Act, or Australian Privacy Principles (APPs), including:
- Access, correction, or deletion of personal data.
- Restricting or objecting to processing.
- Opting out of sale/sharing of personal data (CCPA).
Contact us at privacy@boostpdf.com to exercise these rights. We commit to responding to valid requests within the time required by law.
8. Sharing of Information
We only share information:
- When legally required by a local authority.
- To protect our rights, safety, or the safety of others.
- With trusted service providers (e.g., Stripe for payments, analytics/ad providers) under strict data protection agreements.
User files are never shared or sold.
9. Security
- Files and data are protected using TLS encryption in transit and encryption at rest (where applicable).
- Access is restricted to authorized personnel only.
- Server-side files are automatically deleted after processing.
While we apply industry-standard safeguards, no system is 100% secure. Please use the Service responsibly.
10. Children's Privacy
BoostPDF is not directed to children under 13. We do not knowingly collect information from children.
11. Cookie Policy
BoostPDF uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and provide personalized content. This section explains what cookies are, how we use them, and your choices regarding their use.
What Are Cookies?
Cookies are small text files stored on your device (computer, tablet, or mobile) when you visit our website. They help us recognize your device and remember certain information about your preferences or past actions.
Types of Cookies We Use
🔧 Essential Cookies (Always Active)
These cookies are necessary for the website to function properly and cannot be disabled.
- Session Management: Maintains your login status and session security
- Security Tokens: CSRF protection and security validation
- Local Processing: Temporary storage for PDF processing in your browser
- Duration: Session-based (deleted when you close your browser)
⚙️ Functional Cookies
These cookies enable enhanced functionality and personalization.
- User Preferences: Remember your settings and tool preferences
- Language Settings: Store your preferred language
- Theme Preferences: Remember your display preferences
- Duration: Up to 1 year
📊 Analytics Cookies
These cookies help us understand how visitors interact with our website.
- Google Analytics: Tracks page views, user behavior, and performance metrics
- Usage Statistics: Monitors tool usage and feature popularity
- Performance Monitoring: Identifies technical issues and optimization opportunities
- Duration: Up to 2 years
🎯 Advertising Cookies
These cookies are used to deliver relevant advertisements and measure campaign effectiveness.
- Ad Personalization: Show relevant ads based on your interests
- Conversion Tracking: Measure effectiveness of advertising campaigns
- Retargeting: Display relevant ads on other websites you visit
- Duration: Up to 1 year
Third-Party Cookies
We may use third-party services that place their own cookies on your device:
- Google Analytics: Website analytics and performance monitoring
- Stripe: Payment processing and subscription management
- Advertising Networks: Display relevant advertisements
Your Cookie Choices
You have full control over cookie preferences. You can accept all, reject non-essential cookies, or customize your preferences.
- Cookie Consent Banner: Manage preferences when you first visit our site
- Cookie Settings: Manage your cookie preferences at any time
- Browser Controls: Configure cookie settings directly in your browser
- Opt-out Links: Use third-party opt-out tools for advertising cookies
Managing Cookies in Your Browser
You can control cookies through your browser settings:
- Chrome: Settings > Privacy and Security > Cookies and other site data
- Firefox: Settings > Privacy & Security > Cookies and Site Data
- Safari: Preferences > Privacy > Manage Website Data
- Edge: Settings > Cookies and site permissions > Cookies and site data
Note: Disabling essential cookies may affect website functionality. Non-essential cookies can be disabled without impacting core features.
12. Mobile Applications (Android & iOS)
BoostPDF is available as a native mobile application on the Google Play Store (Android) and Apple App Store (iOS). This section describes additional data practices specific to our mobile apps.
12.1 Data Collected via Mobile Apps
When you use the BoostPDF mobile app, we may collect the following information:
- Account Information: Email address, display name, and password hash when you create an account or sign in via Google OAuth.
- Device Information: Device type, operating system version, app version, and device identifier for crash reporting and analytics.
- IP Address: Your IP address is logged for security purposes (fraud prevention, rate limiting) and usage tracking.
- Usage Data: Features used, tool interactions, session duration, and error logs to improve app performance.
- Camera Data: If you use the document scanner feature, the app accesses your device camera. Photos taken are processed locally on your device and are not uploaded to our servers unless you explicitly choose to use a server-side tool (e.g., OCR, conversion).
- Files: PDF files opened via the app are processed locally on your device. Files are only uploaded to our servers when using specific server-side features (compression, conversion), and are deleted immediately after processing as described in Section 4.
12.2 Authentication & Account Creation
- Google Sign-In: You may log in or register using your Google account. We receive your email address, display name, and profile picture URL from Google. We do not receive or store your Google password.
- Email/Password Registration: You may create an account directly with an email and password. Passwords are stored using secure one-way hashing (bcrypt). We never store plaintext passwords.
- Session Management: Authentication tokens are stored securely on your device and used to maintain your login session.
12.3 In-App Purchases & Subscriptions
- Android: Subscriptions are processed via Google Play Billing. We do not receive or store your payment card details. Google handles all payment processing.
- iOS: Subscriptions are processed via Apple In-App Purchases. We do not receive or store your payment card details. Apple handles all payment processing.
- We use RevenueCat as a subscription management platform to synchronize subscription status across platforms. RevenueCat receives your anonymous app user ID and purchase receipts — not your personal data.
- Subscription status (active, expired, trial) is stored on our server to enforce access controls.
12.4 Permissions Requested
Android Permissions
- INTERNET: Required to connect to BoostPDF servers for PDF processing, authentication, and subscription management.
- CAMERA: Used only for the document scanner feature. Camera access is requested at runtime and can be revoked in device settings.
- READ/WRITE EXTERNAL STORAGE: Used to open and save PDF files from/to your device. On Android 13+, we use the scoped storage model (media/documents picker).
iOS Permissions
- Camera: Used only for the document scanner feature. Requested at runtime via iOS permission dialog.
- Photo Library: Used to import images for PDF operations. Access is requested at runtime.
- Files: Used to open and save PDF documents via the iOS Files integration.
12.5 Local Processing & Data Security
- The majority of PDF editing operations (text, drawing, stamps, signatures, highlights, forms, images, crop) are performed entirely on your device.
- Files being edited are held in app memory and are not persisted to disk beyond the current session unless you explicitly save/export.
- All communication between the app and our servers uses HTTPS/TLS encryption.
- Authentication tokens are stored in secure platform storage (Android Keystore / iOS Keychain).
12.6 Third-Party SDKs in Mobile Apps
- RevenueCat: Subscription management and receipt validation. Privacy Policy
- Google Sign-In: OAuth authentication. Subject to Google's Privacy Policy
- InAppWebView: Used to render the PDF editor interface. Processes data locally within the app.
12.7 Data Deletion & Account Removal
- You may request deletion of your account and all associated data by emailing privacy@boostpdf.com.
- Upon account deletion, we remove your personal data (email, name, usage logs) within 30 days, except where retention is legally required (e.g., billing records for tax purposes).
- Uninstalling the app removes all locally stored data, cached files, and authentication tokens from your device.
12.8 Children's Privacy (Mobile)
The BoostPDF mobile app is not directed to children under 13 (or under 16 in the EU). We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information promptly.
13. Changes
We may update this Privacy Policy from time to time. Updates will be posted with a revised Effective Date.
14. Contact
If you have any questions about this Privacy Policy, need to exercise your privacy rights, or have concerns about how we handle your data, please don't hesitate to reach out to us.
Privacy Contact:
Email: privacy@boostpdf.com
General Support:
For technical support or general inquiries, you can also contact our support team who can assist with privacy-related questions.
We aim to respond to all privacy requests within 30 days. For urgent matters, please include "URGENT - PRIVACY REQUEST" in your email subject line.
Back to Home