Short answer: uploading PDFs online is convenient but exposes content to third-party servers — even with one-hour deletion policies.
Real risks
- Sensitive data: IDs, contracts, medical records, payslips
- Retention: backups, logs, provider security incidents
- Jurisdiction: data may cross borders (GDPR)
- Metadata: author, software, edit history may leak
What competitors promise
Smallpdf, iLovePDF and PDF24 cite TLS, quick deletion and ISO certifications. That reduces risk but does not remove upload.
Alternative: local processing
Tools like PDFX run merge, split, rotate and compression in your browser. Check the Network tab: if the PDF never leaves the device, server leak risk is zero.
When upload may be acceptable
- Public documents without personal data
- Heavy OCR on low-quality scans
- Signatures with legal audit trails
For everything else, prefer zero upload.