Short answer: uploading PDFs online is convenient but exposes content to third-party servers — even with one-hour deletion policies.

Real risks

  1. Sensitive data: IDs, contracts, medical records, payslips
  2. Retention: backups, logs, provider security incidents
  3. Jurisdiction: data may cross borders (GDPR)
  4. Metadata: author, software, edit history may leak

What competitors promise

Smallpdf, iLovePDF and PDF24 cite TLS, quick deletion and ISO certifications. That reduces risk but does not remove upload.

Alternative: local processing

Tools like PDFX run merge, split, rotate and compression in your browser. Check the Network tab: if the PDF never leaves the device, server leak risk is zero.

When upload may be acceptable

  • Public documents without personal data
  • Heavy OCR on low-quality scans
  • Signatures with legal audit trails

For everything else, prefer zero upload.