Privacy Policy

SnapPDF is operated by Tayne Rongo (ABN 40 300 987 116), Perth, Western Australia. For privacy questions: privacy@snappdf.au.

• Account info: email, name, password hash, billing address.
• Payment info: tokenized via Stripe — we never see your card number.
• Usage telemetry: API call counts, timestamps, endpoints hit, byte counts. No file content.
• File data: PDFs you upload are processed in memory and purged on response. Async jobs cache artifacts for max 24 hours then delete them.
• Server logs: IPs, user-agents, referer headers — retained 30 days for security + abuse detection.

• We do not train machine-learning models on your files.
• We do not sell data to third parties.
• We do not run behavioral ad trackers.

To deliver the service, bill you correctly, detect abuse, improve product quality, and comply with our legal obligations (e.g. Australian tax records).

• Vercel — hosting (US, EU, AU regions).
• Supabase — Postgres + auth (EU).
• Stripe — payments (global).
• AWS S3 — async artifact storage (region pinned to your account).
• Resend — transactional email.

We provide a current subprocessor list to any customer on request. DPAs are available to Business and Enterprise customers.

• Access, correction, deletion, portability — email privacy@snappdf.au.
• Complaints: OAIC (Australia), your local DPA (EU), or California AG (CA).
• We respond within 30 days.

Account data: until you delete your account. Usage records: 24 months (billing). Server logs: 30 days. File content: never stored beyond the request (or 24h for async).

TLS 1.3 in transit, AES-256 at rest for async artifacts, signed webhooks, API keys hashed with bcrypt, row-level isolation per organization.

We'll email material changes. You can always read the current version here.