Legal

Privacy Policy

Last updated: June 24, 2026

SafePaper is a browser workspace for PDFs, media, spreadsheets, developer utilities, security crypto, local AI, screen capture, peer sharing, archives, and offline data rooms. Desk tools process files on your device — we do not provide a server endpoint that accepts your file bytes for manipulation.

This policy explains what stays local, what may touch the network, and what optional telemetry we offer.

1) What we do not collect from your files

  • We do not upload file bytes for Document Desk, Media Studio, Data Zone, Developer Toolbox, Archive Desk, Data Room packaging, Record Desk, AI Desk indexing, or Security Vault processing.
  • Share Desk routes WebRTC signaling between browsers; file contents flow peer-to-peer, not to SafePaper for storage.
  • We do not intentionally collect document text, page content, file names, passphrases, or tool inputs for analytics.

2) Workspaces and local processing

  • Document / Media / Data / Archive — Web Workers and WASM; queues may use session storage, IndexedDB, or OPFS on your device.
  • Security Vault — Web Crypto and local libraries only. Analytics UI and scripts are disabled on Security Vault routes.
  • AI Desk — embeddings and chat run locally; model weights may download once from a CDN and cache in your browser.
  • Developer Toolbox — text and code utilities (format, diff, regex, cron, network helpers) run entirely in your browser; Prettier and Monaco load on demand from this origin.
  • Record Desk — capture and Whisper transcription run locally; video is written to OPFS.
  • Data Room — encrypts and packages files into a single HTML export in your browser; nothing is sent to SafePaper servers.

3) Optional analytics (opt-in only)

We may offer optional aggregated analytics via Vercel Web Analytics and Speed Insights. These load only after you choose "Allow". Your choice is stored in local storage.

If enabled, Vercel may process route views and web vitals. We do not send file bytes or tool inputs via custom analytics events. Vercel may set first-party cookies when analytics is enabled — see Vercel Analytics privacy.

Change your choice via Analytics preferences on the homepage footer, or clear site data for this origin.

4) Local browser storage

SafePaper uses session storage, local storage, IndexedDB, and OPFS for queues, AI indexes, theme, audience mode, and analytics consent. PDF handoff queues may temporarily store encoded bytes in session storage until the tab closes. Clear these in your browser settings at any time.

5) Third-party network requests

  • Hosting — page loads may create standard access logs (IP, user-agent, timestamp).
  • Engine CDNs — AI, Record, Data Zone, and Developer Toolbox may fetch WASM/model/editor bundles from public CDNs (for example jsDelivr or Hugging Face). These are engine assets, not your file contents.
  • Share Desk — WebRTC may use Google STUN; optional TURN (if configured) may relay bytes on restrictive networks. Signaling metadata (SDP/ICE) transits the signaling host.
  • Cookies — SafePaper does not set tracking cookies itself. Optional Vercel analytics may set cookies when enabled.

6) Changes and contact

We may update this policy; the date above shows the current version. Questions can be sent to your published support channel.

This page is a practical policy template for product transparency and is not legal advice.

Back to SafePaper

Analytics preferences

You have not chosen yet — use the bar at the bottom of the screen, or choose below.

Optional analytics uses Vercel Web Analytics and Speed Insights for aggregated page and performance data only. We do not attach your PDFs or their contents to these tools.

Read the Privacy Policy section