In-Memory Processing
Unlike most online document processing tools, Redactly does NOT upload your documents to a server. File reading, text extraction, and redaction rendering happen locally where possible. Extracted text may be sent securely to our AI endpoint for PII detection.
When you upload a PDF, Word, or Excel file to Redactly, the file remains on your device. The AI detection process sends only the extracted text content (not the full document) to our secure API endpoint for analysis. This text is processed in a stateless manner — no logs are kept, and no data is retained after the response is returned.
This architecture means that even if Redactly's infrastructure were compromised, your documents would be safe because they never left your computer. This is a fundamentally different approach from cloud-based redaction tools that require uploading files to remote servers for processing.
Automatic File Deletion
Once you have reviewed the detections and applied redactions, the redacted file is generated in your browser memory and offered for download. At this point, you have two options: download the redacted file or close the browser tab.
In either case, the data is automatically cleared from memory. There is no "delete" button to click — the data simply ceases to exist when the browser tab is closed or the page is refreshed. For users who want to be extra cautious, closing the browser entirely ensures that all cached data is purged from system memory.
No Storage, No Logs
Redactly does not store your documents, your redacted files, or your usage history on any server. We do not maintain logs of document content, filenames, or processing results. The only data we store is basic analytics (page views, feature usage) that contains no document content or personally identifiable information.
For Pro and Enterprise users, audit logs and redaction certificates are stored locally in your browser's localStorage. You have full control over this data and can clear it at any time through your browser settings. We are exploring optional encrypted cloud storage for audit logs in the future, but it will always be opt-in.
The AI text detection requests are processed by our provider in a stateless manner with no data retention. We have verified that no document text is used for model training or any purpose beyond fulfilling your specific detection request.
Encryption
All communications between your browser and Redactly's infrastructure are encrypted in transit over HTTPS, ensuring that data cannot be intercepted or modified. The AI detection API uses industry-standard HTTPS with certificate validation.
Because documents are not stored on any server, encryption at rest is not applicable to document content. For the minimal data we do store (analytics, user preferences), we follow industry best practices for database encryption and access control.
Experience privacy-first redaction
Redactly is the only free online redaction tool that supports PDF, Word, and Excel. Files are processed locally with text sent securely to AI for detection.
Start Redacting FreeFAQ
Are my documents stored on Redactly's servers?
Is Redactly compliant with GDPR and HIPAA?
What happens to my files after I download them?
Is my data encrypted during processing?
Related: Redaction Tool · Data Privacy Compliance Guide