Skip to main content
Dollar PDF
Privacy

Your file. Yours.

Plain English up top. Formal policy below. Last updated May 19, 2026.

Private storage only

Every uploaded file is stored in encrypted private storage with no public URL. Bytes are uploaded directly to our conversion partner — never linked.

Files auto-deleted in 1 hour

Successful conversions purge the source the moment the result is ready. Either way, every file is gone within 60 minutes. No copies, no backups.

We do not read your file

No human at Dollar PDF opens your files and no AI model is trained on them. We do not log filenames, contents, or storage URLs.

You can delete everything

Email help@dollarpdf.com from the email tied to your purchase. We delete your account, receipts, and any logs containing your email within 7 days.

Dollar PDF™ ("we," "us") is a pay-per-conversion file-conversion service. This policy explains what we collect, how we use it, and what we never do with your data.

1. What we collect

Files you upload. Stored in encrypted private blob storage — no public URL exists for your file at any point. The bytes are sent over HTTPS directly to our conversion partner (CloudConvert) and deleted from our servers within 60 minutes of the conversion finishing. For successful conversions, the source is deleted the moment the result is ready — usually within seconds.

Payment data. Card details are handled by Stripe, not by us. We receive only the last four digits, card brand, and the email you provided at checkout — used to send receipts and to process refunds. Where sales tax, VAT, or GST is required by law, Stripe may receive your billing country to compute tax owed; that information stays with Stripe and is not retained by us.

Email address. Used to send receipts and refund notifications. We do not send marketing email unless you opt in.

Web analytics. When configured, we use PostHog to track aggregate visit counts, the page you landed on, and which conversion types are most popular. The setup is deliberately minimal:

  • No cookies. Analytics identity is held in memory and is lost when you close the tab.
  • No IP address stored. Your IP is dropped at the moment the event arrives; PostHog never persists it.
  • No session replay. We never record your screen, mouse, or keystrokes.
  • No autocapture. Only a fixed list of business events fires — page views, upload start/finish, payment success, conversion success/fail. Filenames and file contents are never sent.
  • Do Not Track is honored. If your browser sends DNT we don't load the analytics library at all.
  • You can opt out. The footer of every page has a one-click toggle — your choice is remembered for two years.

No third-party advertising networks. No data sold or shared.

2. How we use it

To run the conversion you paid for, deliver the result, send a receipt, process a refund if the conversion fails, and answer support questions when you email us.

3. Who we share data with

  • Stripe processes payments and stores card tokens. Stripe's privacy policy governs that data.
  • CloudConvert performs the conversion. We upload the bytes to CloudConvert directly over HTTPS — we do not give CloudConvert a URL to fetch from our storage. CloudConvert deletes the file from its side after processing, per their published retention policy.
  • Vercel Blob hosts the temporary private storage where the source file lives between upload and conversion, and the converted file lives between conversion and download. Access requires our service key — there is no public URL.
  • Supabase hosts our database (your email, cart metadata, payment status — not the file itself).
  • PostHog (when configured) receives the anonymous event stream described in section 1 above. No IP, no cookies, no replay, no filenames.

We do not sell, license, or share user data with anyone else. Government requests are addressed at help@dollarpdf.com case by case.

4. Your rights

You can request a copy of the data we hold about you or ask us to delete it. Email help@dollarpdf.com from the email tied to your purchase; we respond within 7 days. If you are in the EU/UK we honor GDPR rights of access, rectification, erasure, restriction, and portability. If you are in California we honor CCPA rights.

5. Security

Transport. All connections use HTTPS. Source bytes are uploaded directly to our conversion partner — your file's URL never travels over the public internet.

Storage. Every blob is stored as private. The bucket has no public URL scheme — bytes cannot be read without our service token. Storage is encrypted at rest by Vercel.

Downloads. When you download the converted file, the bytes stream through our server only after we verify your session. The underlying storage URL is never sent to your browser, so there is nothing to leak in browser history, referrer headers, screenshots, or analytics pixels.

Logs. We never log filenames, file contents, or storage URLs. Operational logs contain only opaque identifiers (cart id, item id, job id) and error codes.

Keys. Service-role keys are stored only in our deployment environment, never in client code or in our source repository.

6. Children

Dollar PDF is not intended for users under 13. We do not knowingly collect data from children.

7. Changes

If we change this policy materially, we will update the "last updated" date at the top and post the change on the homepage for at least 14 days.

8. Contact

Email help@dollarpdf.com with privacy questions, refund requests, or data-deletion requests.