PDF Blocks Security

We designed PDF Blocks around the privacy and security of our customer’s documents and data. If you have any questions about our security ask directly to our engineers at security@pdfblocks.com.

This page is about the security of our cloud service. Check our security recommendations for running your self-hosted PDF Blocks server.

We don’t store your documents or data

Our servers keep your documents and data only for the few milliseconds it takes to process them. We don’t keep it longer than that, and we don’t log parameters, such as passwords and watermarks, as they may contain sensitive data.

This makes our operation a bit more complicated, but we can rest at night knowing there is no way to leak your documents if we don’t store them in the first place.

Bank-grade encryption for your data in transit

If your client supports it, we default to use the gold-standard of encryption suites:

  • TLS 1.2 protocol
  • Ephemeral Elliptic-curve Diffie-Hellman (ECDH) for the key exchange
  • RSA for verifying the ECDH parameters
  • Either 128-bit or 256-bit Advanced Encryption Standard (AES) in GCM for bulk symmetric encryption and integrity

We also support other cipher suites and TLS 1.0 and 1.1 protocols for compatibility.

Hosted in secure server infrastructure

Our service runs in datacenters that comply with the strictest IT standards:

  • ISO 9001 Global Quality Standard
  • ISO 27001 Security Management Controls
  • ISO 27017 Cloud Specific Controls
  • ISO 27018 Personal Data Protection
  • CSA Cloud Security Alliance Controls
  • SOC 1 Audit Controls
  • SOC 2 Security, Availability, & Confidentiality
  • SOC 3 General Controls

Run your own PDF Blocks server for extra security

Run PDF Blocks in your own infrastructure or in your own cloud server with our self‑hosted option.