Security

This page describes the high-level security approach used by ihatepdf.

Why file access is necessary

Without temporary access to the uploaded file, the service cannot merge, split, compress, convert, organize, or otherwise process the document.

How access is restricted

Access is limited to the processing workflow and is not meant to act as permanent storage for uploaded documents.

When files are removed

Removal is automatic and described clearly. If more detail is needed, the next stop is Privacy or Contact.

What to do with sensitive documents

For highly sensitive files, first decide whether upload is necessary, then review the policy pages and use only the tool required for the task.

1. General approach

We treat security as a combination of technical, organizational, and operational measures intended to reduce risk to the website, infrastructure, user files, and support channels.

2. What we aim to protect

Our security approach is intended to protect:

  • service availability;
  • integrity of processing results;
  • confidentiality of data passing through the service;
  • administrative access and internal interfaces;
  • logs, diagnostic data, and support channels.

3. Typical security measures

Depending on infrastructure and configuration, we may use:

  • access restriction on a need-to-know basis;
  • authentication and access control for administrative actions;
  • secure network protocols;
  • event logging related to access, errors, and security;
  • regular updates of dependencies and infrastructure components;
  • abuse prevention and rate-control measures;
  • backup and recovery procedures;
  • internal incident review and corrective actions.

This page does not disclose every technical detail that could weaken the security of the service.

4. User files

Uploaded files are processed only to the extent needed to perform the selected action. We seek to limit access to such data and keep it only for a limited time. Retention details are described in the Privacy Policy.

5. User responsibilities

We recommend that users:

  • upload only data they are allowed to process;
  • review files before upload;
  • use an up-to-date browser and device;
  • avoid sharing results or service messages unnecessarily;
  • contact us if unusual behavior is observed.

6. Reporting vulnerabilities

If you believe you found a vulnerability or security issue, use https://www.ihatepdf.pro/en/contacts/ and clearly state that the request concerns security. Include the affected URL or component, reproduction steps, potential impact, and any useful evidence.

Please do not publicly disclose vulnerability details until we have had a reasonable opportunity to review and address the issue.

7. Security incidents

If we identify an issue that may affect service stability, confidentiality, or integrity, we assess the issue, take reasonable containment and remediation steps, and update internal processes, configuration, or code where necessary.

8. Limitations

No internet-facing service can guarantee absolute security. Users should independently assess what data is appropriate to upload and should not use the service in conflict with internal company policies or applicable law.

9. Contact

  • Contact route: https://www.ihatepdf.pro/en/contacts/
  • Privacy page: https://www.ihatepdf.pro/en/privacy/

Back to the main sections

After reading about security, users can continue to Privacy or go back to the tool catalog in the current locale.