CONVERT TO PDF
Image to PDF Office to PDF HTML to PDF ZIP to PDF
CONVERT FROM PDF
PDF to Image PDF to Panoramic PDF to PDF/A
OPTIMISE
Compress PDF Repair PDF OCR PDF
EDIT
Add Page Numbers Add Watermark Edit Content Edit Text Add Signature
ORGANISE
Merge PDFs Split PDF Extract Pages Rotate Pages
SECURITY
Unlock PDF Protect PDF Redact PDF Flatten PDF

Security Information

Last updated: 14/04/2025

Introduction

At RevisePDF, we prioritise the security of your data and our systems. This page outlines our security practices and measures to protect your information when using our services.

Infrastructure Security

Our infrastructure is designed with security as a fundamental principle:

  • Secure hosting: We use reputable cloud service providers with robust security certifications and compliance programs.
  • Network security: We implement firewalls, network segmentation, and intrusion detection systems to protect our infrastructure.
  • Regular updates: We regularly update our systems and applications with security patches to address known vulnerabilities.
  • Monitoring: We continuously monitor our systems for suspicious activities and potential security threats.

Data Security

We implement multiple layers of protection for your data:

  • Encryption in transit: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS.
  • Encryption at rest: We encrypt sensitive data stored in our databases and file storage systems.
  • Temporary storage: Files uploaded to our service are automatically deleted after processing or after a short period (typically 24 hours).
  • Secure file handling: We use secure random filenames and strict path validation to prevent path traversal attacks.
  • Rate limiting: We implement rate limiting to prevent abuse of our services and protect against denial-of-service attacks.
  • Access controls: We implement strict access controls to ensure that only authorised personnel can access sensitive data.

Application Security

Our application is developed with security best practices:

  • Secure development: We follow secure coding practices and conduct regular code reviews.
  • Input validation: We validate all user inputs to prevent common web vulnerabilities such as SQL injection and cross-site scripting (XSS).
  • Authentication and authorisation: We implement secure authentication mechanisms and proper authorisation checks.
  • Content Security Policy: We use a strict Content Security Policy to prevent cross-site scripting attacks and other code injection vulnerabilities.
  • File validation and sanitisation: All uploaded files are validated for correct type and size, and PDFs are sanitised to remove potentially harmful elements.
  • Security headers: We implement various security headers to protect against common web vulnerabilities.
  • Security testing: We regularly perform security testing, including vulnerability scanning and penetration testing.

Operational Security

Our operational practices are designed to maintain security:

  • Security policies: We have comprehensive security policies and procedures that are regularly reviewed and updated.
  • Staff training: Our team receives regular security awareness training.
  • Incident response: We have a defined incident response plan to quickly address security incidents.
  • Backup and recovery: We maintain regular backups of critical data and have procedures for disaster recovery.

Security Monitoring

We continuously monitor our systems for security threats:

  • Request logging: We log all requests to our application for security analysis.
  • Suspicious activity detection: We monitor for suspicious patterns that may indicate security threats.
  • Attack detection: We have systems in place to detect common attack vectors such as SQL injection and XSS attempts.
  • Resource monitoring: We monitor system resources to detect and prevent denial-of-service attacks.
  • Automated alerts: Our monitoring systems generate alerts for potential security incidents.

Compliance

We are committed to complying with relevant security and privacy regulations:

  • GDPR compliance: We adhere to the requirements of the General Data Protection Regulation (GDPR).
  • UK Data Protection Act: We comply with the UK Data Protection Act 2018.
  • Regular assessments: We conduct regular assessments of our compliance with these regulations.

Security Recommendations for Users

To enhance the security of your data when using our services, we recommend:

  • Use a secure and up-to-date web browser.
  • Ensure your device has up-to-date antivirus and anti-malware protection.
  • Be cautious about the files you upload, especially if they contain sensitive information.
  • Download your processed files promptly, as they are automatically deleted after a short period.

Reporting Security Issues

If you discover a security vulnerability or have concerns about the security of our services, please contact us immediately at calum@revisepdf.com.

Contact Us

If you have any questions about our security practices, please contact us at:

Email: calum@revisepdf.com
Address: Edinburgh, Scotland