PDFtoMD

Privacy Policy

Last updated: May 12, 2026

1. Introduction

PDFtoMD ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data when you use the Service at pdftomd.cloud.

By using the Service, you agree to the collection and use of information as described in this policy.

2. Information We Collect

Account information

When you create an account, we collect your email address and a hashed password. We do not store plaintext passwords.

Usage data

We store a counter of how many conversions you have performed in the current calendar month. This is used to enforce plan limits and display your usage to you.

Payment information

If you subscribe to the Pro plan, your payment is processed by Stripe, Inc. We never see or store your full credit card number. Stripe provides us with a customer identifier and subscription status, which we store to manage your plan.

Analytics

We use Vercel Analytics to collect aggregated, anonymous data about page visits (such as page views and geographic region). This data does not identify you personally.

3. PDF Files and Conversion Data

Your PDF files are not stored. When you upload a PDF, it is transmitted securely to our servers and processed in real time using Claude AI (by Anthropic, Inc.). The file and the resulting Markdown are returned to you and are not retained on our servers after the conversion is complete.

We do not use the content of your PDF files to train AI models, build datasets, or for any purpose other than performing the conversion you requested.

4. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the Service
  • Authenticate your account and enforce plan limits
  • Process payments and manage your subscription
  • Send transactional emails (e.g., account confirmation, password reset)
  • Monitor and improve the performance and reliability of the Service
  • Comply with legal obligations

We do not sell your personal data to third parties. We do not use your data for advertising purposes.

5. Third-Party Services

We rely on the following third-party services to operate PDFtoMD:

  • Supabase — Authentication and database hosting. Your account email, hashed password, and usage counters are stored in a Supabase-managed PostgreSQL database. Supabase Privacy Policy.
  • Stripe — Payment processing for Pro subscriptions. Stripe handles all payment card data. Stripe Privacy Policy.
  • Anthropic (Claude AI) — AI engine used to convert your PDFs. Files are sent to Anthropic's API for processing and are governed by Anthropic's Privacy Policy.
  • Vercel — Hosting and analytics. Vercel may collect standard web server logs including IP addresses. Vercel Privacy Policy.

6. Data Retention

We retain your account data (email, usage counters, plan status) for as long as your account is active. If you delete your account, your personal data is deleted within 30 days, except where we are required by law to retain it longer (e.g., billing records).

7. Cookies

We use cookies solely for authentication purposes — to keep you logged in between sessions. We do not use third-party tracking cookies or advertising cookies.

Vercel Analytics uses a privacy-friendly, cookieless approach to aggregate page analytics.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that inaccurate data be corrected.
  • Deletion: Request that your account and associated data be deleted.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to certain uses of your data.

These rights apply to users in the European Economic Area (under GDPR), California (under CCPA), and other jurisdictions with applicable privacy laws. To exercise any of these rights, contact us at support@pdftomd.cloud.

9. Security

We implement industry-standard security measures including HTTPS encryption for all data in transit, hashed passwords, and access controls on our database. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Service is not directed at children under the age of 13. We do not knowingly collect personal data from anyone under 13. If we become aware that a child under 13 has provided us with personal data, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top. We encourage you to review this page periodically. Continued use of the Service after changes are posted constitutes acceptance of the revised policy.

12. Contact

If you have questions or concerns about this Privacy Policy or how your data is handled, please contact us at support@pdftomd.cloud.