Your Documents Never Leave Your Device
PdfXpo processes all PDF operations locally in your browser using WebAssembly. This page explains exactly how — and how you can verify it yourself.
Zero-Knowledge Design
PdfXpo is built on a simple principle: we cannot access what we never receive. Unlike cloud-based PDF tools that upload your files to remote servers, PdfXpo performs every local operation — merging, splitting, compression, image extraction — entirely within your browser's memory using WebAssembly (WASM).
Your PDFs go from your storage to your browser's RAM and back to your storage — without touching any network infrastructure we own or operate. There is no upload step. There is no server queue. A breach of our servers exposes zero user document data, because we hold none.
How WebAssembly Makes This Possible
WebAssembly is a W3C standard that allows high-performance binary code to execute directly inside your browser at near-native CPU speeds. When you use a PdfXpo local tool, our WASM modules — compiled from optimized libraries including MuPDF, libpoppler, and libjpeg-turbo — are downloaded to your device once, cached locally, and then execute all processing inside your browser's sandboxed memory.
The critical distinction: the WASM module runs on your hardware, using your CPU and RAM. Your document data is loaded into the module's local memory space, processed, and the result is written back — entirely without network transmission of your file content.
What Network Traffic You Will See
When you use PdfXpo, your browser makes network requests — but your document data is never part of them:
Initial page load
HTML, CSS, and JavaScript files are downloaded from our CDN (Cloudflare). These are identical for every user and contain no personal data.
WASM module download
On first use of a tool, the relevant WebAssembly binary is downloaded and cached in your browser. Subsequent uses are fully offline.
AI-powered tools only
A small subset of tools (AI Word conversion, OCR) use encrypted Google Cloud processing. Files are deleted within 60 seconds of processing. You are always informed before upload.
Anonymous analytics
We collect page view counts only — no file names, no content, no personal identifiers.
Verify It Yourself — The Offline Test
The strongest proof of local processing is the offline test. Cloud-based tools fail immediately when offline. PdfXpo continues to work:
- 1Open any PdfXpo tool (e.g., Merge PDF or PDF to Word)
- 2Wait for the page to fully load
- 3Disconnect your internet connection (turn off Wi-Fi or unplug ethernet)
- 4Upload a PDF and process it
- 5The tool will work perfectly — because no internet is needed for local processing
Security Comparison
| Feature | PdfXpo | Cloud Tools |
|---|---|---|
| Files uploaded to server | Never | Always |
| Server breach exposes your files | Impossible | Possible |
| Account / signup required | Never | Usually |
| Works offline after first load | Yes | No |
| GDPR compliant by architecture | Yes | Depends |
| Processing speed | Near-native (local CPU) | Network dependent |
| File size limits | Only your RAM | Server-imposed |
GDPR & Data Residency
Because PdfXpo never receives your document data for local tools, we have no personal data to govern under GDPR, CCPA, HIPAA, or any other data protection regulation. There is no data controller relationship for your PDF files — they never leave your jurisdiction.
This makes PdfXpo the natural choice for professionals handling sensitive assets: legal documents, financial records, medical reports, confidential contracts, or tax filings. For AI-powered tools that use cloud processing, we operate under standard data processor agreements with Google Cloud, with automatic deletion within 60 seconds of completion.
Infrastructure Security
Our delivery infrastructure is secured by Cloudflare, including DDoS protection, WAF (Web Application Firewall), and TLS 1.3 encryption for all asset delivery. Our pages ship with strict Content Security Policy (CSP) headers to prevent cross-site scripting attacks. WASM binaries are served with integrity checks to ensure they have not been tampered with in transit.
Report a Security Issue
If you discover a security vulnerability, please disclose it responsibly by emailing security@pdfxpo.com. We take all reports seriously and aim to respond within 48 hours. We publicly acknowledge responsible disclosures in our changelog.