Promvel

Privacy Policy

Last updated: May 16, 2026

This Privacy Policy explains how Promvel PDF handles personal data for the website, account console, browser-local PDF workflows, direct console host features, and the cloud control plane.

Local-compute boundary: browser-local tools such as AcroForm editing, page preview, PDF unlock, and PDF redaction are designed to keep PDF bytes and content-derived artifacts inside the browser worker path. Direct-console-host-only features run on the console host you control. The cloud control plane is designed to receive metadata only, not document contents.

1. Data We Collect

  • Account data such as email address, tenant id, user id, password hash, account status, consent timestamps, and legal version.
  • Billing references such as Stripe customer id, Stripe subscription id, invoice references, invoice status, and subscription dates.
  • Operational metadata such as job type, job status, quota counters, audit events, worker ids, browser-runtime capability flags, and sanitized progress events.
  • Essential session and security data such as authentication cookies, refresh activity, request metadata, rate-limit records, and account-security events.

2. Data We Do Not Intend To Store In The Cloud

  • raw PDF files or PDF bytes
  • extracted text, OCR output, page images, or thumbnails
  • raw filled form values or document content-derived payloads
  • payment card numbers or full Stripe payment instrument details

3. How We Use Data

We use personal data to operate accounts, authenticate users and workers, enforce quotas, provide billing support, maintain security, respond to support requests, verify deployment/runtime capabilities, and comply with legal obligations.

4. Billing

Payments are handled through Stripe-hosted checkout and customer portal flows. Stripe may process billing, fraud, tax, and compliance information under Stripe’s own privacy terms. Promvel PDF stores only the Stripe identifiers and invoice references needed to link your subscription to your account.

5. Retention

  • Account profile and authentication data: until account deletion.
  • Stripe and invoice references: up to 8 years where required for tax or accounting compliance.
  • Refresh tokens and password reset tokens: until expiry, plus up to 30 days for security retention.
  • Audit, rate-limit, and security logs: 30 days.
  • Browser-local outputs remain in your browser until you close, replace, or download them. Direct console host temporary files and worker scratch files are targeted for deletion within 1 hour.

6. Your Rights

You can delete your account and export your account data from the product. For other privacy requests, contact [email protected].

7. Contact

Privacy questions and data rights requests: [email protected].