A night-watchman standing guard with a shield and lantern

Your documents are guarded end to end — from the moment they're uploaded to the moment they're deleted.

This page summarizes our practices. For how we use data, see the Privacy Policy.

Encryption

All data is encrypted in transit using TLS, and documents and derived artifacts are encrypted at rest.

Access control

Access follows least-privilege principles. API keys are stored only as salted hashes — never plaintext — are scoped, and can be revoked anytime. Sign-in uses Google OAuth; we never see your Google password.

Data minimization & retention

Documents are processed and then deleted on your retention setting (default: automatic deletion within 24 hours). We never use your documents or their contents to train AI/ML models.

Infrastructure

The Service runs on hardened cloud infrastructure (Cloudflare) with network isolation between components. Processing requests are authenticated and rate-limited.

Monitoring

We log requests for security, abuse prevention, and diagnostics, and continuously monitor the platform for availability and anomalies.

Responsible disclosure

Found a vulnerability? Report it to security@searchlayerpdf.com. We appreciate good-faith research and will work with you to validate and fix valid reports.