Why You Should Care Where Your PDFs Are Processed
Convenient online PDF tools have a hidden cost: they upload your documents to their servers. For a quick recipe scan, that's fine. For a contract, a medical record, or a payslip, you've just trusted that data to a server you don't control, governed by terms you didn't read, in a country you might not have chosen.
The upload model
Traditional online PDF tools — including most market leaders — work by uploading your file to their server, processing it there, and sending the result back. The file sits on disk during processing, may be temporarily indexed for performance, and depending on the provider may be retained for hours or days before deletion.
What can go wrong
Insider access: any employee with the right credentials can read your documents. Subpoenas and warrants: the provider can be legally compelled to hand over your files. Data breaches: 2024 saw multiple major SaaS breaches that exposed customer documents. Cross-border transfer: documents uploaded to a US service from the EU may violate GDPR's data residency requirements.
The client-side alternative
Tools that run entirely in your browser don't have these problems because they never receive your files. PDFPuddle uses pdf-lib and PDF.js — open-source JavaScript libraries — to do the same operations the server-based tools do, but on your device.
When client-side wins
Confidential business documents, personal financial records, medical records, signed contracts, government IDs, anything containing personal data covered by GDPR/HIPAA/POPIA. For all of these, client-side processing eliminates an entire category of risk.
When servers are still useful
Truly large documents (10,000+ pages) where browser memory limits become a problem. AI-powered features that require server-side GPUs (advanced OCR, true layout-preserving translation). Collaboration features where multiple people need access to the same processing pipeline.