ImaginePDF

Legal

Privacy Policy

Last updated: April 25, 2026

This Privacy Policy describes how ImaginePDF (“we”, “us”, “our”) collects, uses, and protects information when you use our document generation platform (the “Service”). By using ImaginePDF you agree to the practices described below.

1. Information we collect

Account information

When you create an account we collect your email address, password (stored as a salted hash, never in plaintext), and optionally your full name. If you sign in with Google, we receive your basic profile information from Google’s OAuth response.

Workspace and document content

We store the templates (“designs”) you create, the assets you upload (images, fonts), the dynamic field values you submit for generation, and the generated PDF outputs. This content is private to your workspace and is never used to train AI models.

API keys

API keys are workspace-scoped and stored as SHA-256 hashes. Only the prefix and a one-time-display key are ever shown to you; we cannot recover a lost key.

Usage and operational data

We collect technical logs needed to operate the Service: request timestamps, IP addresses, user agents, generation job status, and error traces. These are retained for up to 90 days for debugging, abuse prevention, and capacity planning.

2. How we use your information

  • To provide, maintain, and improve the Service
  • To authenticate you and authorise access to your workspaces
  • To generate the PDFs you request and deliver them to you
  • To detect, investigate, and prevent abuse or security incidents
  • To communicate with you about service updates, security notices, and account matters

3. How we share your information

We do not sell your data. We share information only with the sub-processors required to operate the Service:

  • Cloud infrastructure: for hosting our application servers and database
  • Object storage: for storing your design files, uploaded assets, and generated PDFs
  • Email delivery: for transactional emails (account verification, password reset)

We may also disclose information if required by law, court order, or to protect the rights, property, or safety of ImaginePDF, our users, or the public.

4. Data retention

Active workspace content is retained for as long as your account is active. Generated PDFs are retained for 30 days by default unless stored as a saved design. When you delete your account, we permanently delete your workspaces, designs, assets, and generations within 30 days, except where retention is required by law.

5. Security

We protect your data with encryption in transit (TLS), encryption at rest for object storage, hashed credentials, and least-privilege access for our infrastructure. No system is perfectly secure — if you suspect your account has been compromised, contact us immediately and revoke any active API keys from the Settings tab.

6. Your rights

You may access, correct, export, or delete your personal data at any time. Most actions are available directly in the dashboard. For anything you cannot self-serve, contact us at the address below and we will respond within 30 days.

7. Children

ImaginePDF is not intended for users under 16 years of age. We do not knowingly collect personal data from children.

8. Changes to this policy

We may update this policy from time to time. Material changes will be notified by email or via a notice in the dashboard at least 7 days before they take effect.

9. Contact

Questions about this policy or your data? Email us at privacy@imaginepdf.com.