Summary
PDFBook is local-first. The desktop app and web reader process all PDFs entirely on your device. Your files never reach our servers.
1. Information we collect
Desktop app (Windows / macOS / Linux)
- No telemetry. No analytics. No usage data is sent anywhere.
- Your library, bookmarks, and settings are stored only on your computer.
- License keys are validated through our authentication server about once a day (with a 14-day offline grace window); only the license key is sent, never your files or reading activity.
AI assistant (optional)
- The AI assistant is off by default. You turn it on yourself and supply your own provider and API key.
- If you choose a local provider (Ollama), nothing leaves your device.
- If you choose a cloudprovider (OpenAI, Anthropic/Claude, OpenRouter, or a custom endpoint), the content you send to the assistant — your messages and, when you ask it to read a page, that page's text or image — is sent directly from your device to that providerunder your own key. It does not pass through PDFBook's servers, and we never receive or store it.
- You can disable the assistant at any time.
Web reader (pdfbook.app/reader)
- PDFs you open are processed in your browser. Files are not uploaded to our servers.
- When you use the “Open URL” feature with a CORS-blocked source, the PDF is temporarily streamed through our proxy (
/api/proxy). The bytes are not stored or logged.
Website (pdfbook.app)
- Basic anonymous request logs (IP, user-agent) retained for up to 30 days for security and abuse prevention.
- Aggregate, cookieless analytics via Vercel Web Analytics: page views, referrers, country, and device class. IP addresses are not stored and individual visitors are not tracked across sessions.
- No marketing cookies. No third-party trackers beyond the cookieless analytics above.
- Local storage: after a successful purchase we save your billing email and plan in your browser's
localStorage. This is purely functional: it lets the pricing page recognize you as a returning customer and steer you to the billing portal instead of double-charging you. The data never leaves your browser. Clear it any time via your browser's site data settings.
Payments
- Payments are processed by Stripe. We receive your email and the last 4 digits of your card from Stripe for invoice and receipt purposes.
- Booth.pm and Gumroad purchases are governed by their respective privacy policies.
2. How we use information
- To deliver and validate your license.
- To send transactional emails (receipts, license keys, refund confirmations).
- To respond to your support requests.
We never use your information for marketing or sell it to third parties.
3. Data retention
- Account and license data: retained while your account is active.
- Server logs: 30 days.
- Email communications: 2 years.
4. Your rights
You can request a copy or deletion of any personal data we hold about you by emailing support@pdfbook.app. We respond within 30 days.
5. Children
PDFBook is not directed at children, and we do not knowingly collect personal information from minors. The minimum age is 13 in the United States and 16 in the EU/EEA (or the lower age your country permits, between 13 and 16) under GDPR Article 8.
6. Changes to this policy
If we change this policy, we'll update the “Last updated” date at the top of this page. Material changes will be announced via the in-app changelog.
7. Contact
Operator: YumeBytes (sole proprietor).
Email: support@pdfbook.app