p2
pdf2api← Back

Privacy Policy

Last updated: May 25, 2026

This Privacy Policy explains how pdf2api, operated by Hedvion ("we", "us"), handles information when you use the Service.

1. Information we process

  • Uploaded documents. The API reference file you upload is used only to generate your artifacts. We do not store the original file (see Data retention below) — only the generated artifacts (OpenAPI spec, Postman collection, SDKs) are saved.
  • Account / contact data. An email address if you contact us or request access.
  • Payment data. Processed by our payment provider; we receive only transaction confirmations, never your full card details.
  • Technical logs. Limited operational logs (e.g. request time, errors) needed to run and secure the Service.

2. How we use it

We use the information solely to provide and operate the Service: to parse your document, generate and deliver artifacts, process payments, provide support, and maintain security. We do not sell your data, and we do not use the contents of your uploaded documents to train AI models.

3. Third-party processing (sub-processors)

To provide the Service we share the minimum necessary data with:

  • Anthropic— your uploaded document is sent to Anthropic's Claude API to extract its structure. This is essential to the core function of the Service.
  • Our payment provider (merchant of record) — to process purchases and handle tax/billing.
  • Hosting / infrastructure — to run the application and store your generated specs.

4. Data retention

Your uploaded PDF is kept only as long as needed to convert it. For the free preview we read just the first pages. If you purchase the full export, your PDF is held transiently — sent over an encrypted (TLS) connection to our AI provider (Anthropic) for structure extraction — and then permanently deleted as soon as the conversion finishes (or fails). We never archive the original document long-term. We do retain the generated artifacts (your OpenAPI spec and Postman collection) so the Service can deliver them and, where applicable, let you re-download your purchase. You may request deletion of your stored artifacts at any time by emailing us, and we will delete them unless we are required to retain limited records (e.g. for tax/accounting) by law.

5. Cookies and analytics

We use only the cookies necessary to operate the Service and, if enabled, privacy- respecting aggregate analytics. We do not use advertising trackers.

6. Your rights

Subject to applicable law, you may request access to, correction of, or deletion of your personal data, and you may object to or restrict certain processing. To exercise these rights, contact us using the details below.

7. Security

We apply reasonable technical and organisational measures to protect your data. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. International transfers

Your data may be processed in countries other than your own (including by the sub-processors above). We rely on appropriate safeguards where required by law.

9. Children

The Service is not directed to anyone under 16, and we do not knowingly collect their data.

10. Changes

We may update this Policy; the "last updated" date reflects the current version.

11. Contact

Privacy questions or data requests: [email protected].