Is it safe to upload a PDF to an online redaction tool?
Think about the sequence: you have a document so sensitive that parts of it must be blacked out before anyone sees it — and step one is transmitting the complete, unredacted version to an unknown server. The redaction happens after the disclosure.
What you can't verify about upload-based tools
- Retention: "files deleted after 1 hour" is a promise, not a property you can check.
- Jurisdiction: you usually don't know what country the processing servers sit in.
- Access: logs, backups, staff access, breach exposure — all invisible to you.
- Obligations: if you handle client, patient, or employee data, sending it to a third-party processor may itself breach confidentiality duties or data-protection rules — regardless of what the tool does with it.
The verifiable alternative: local processing
Browser-based local tools flip the trust model. The page is just code that runs on your machine; the document never leaves it. This is verifiable, not promised: load RedactSafe, open your browser's network inspector, and watch — zero requests after page load. Or simply turn off your wi-fi; everything keeps working, including export.
Local processing plus flattened export (text destroyed, not hidden) covers both halves of the problem: nothing leaks in transit, and nothing survives in the file.
RedactSafe — true PDF redaction, 100% in your browser. Free to use.
Redact a PDF now — nothing gets uploaded
Redact a PDF now — nothing gets uploaded