GDPR posture, PDF standard conformance, licensing terms, and audit status — in one place.
PDFluent collects no usage data, crash reports, or analytics. There are no tracking libraries in the SDK.
PDFs are processed entirely within your own process. Document content is never sent to an external server.
License key validation sends only a key hash to a validation endpoint — no document metadata, no file paths, no user data.
PDFluent has no sub-processors that receive document content. Your data processing agreements cover only your own infrastructure.
PDFluent validates and converts to the following ISO-standardised PDF profiles.
| Standard | Description | Status |
|---|---|---|
| PDF/A-1b | ISO 19005-1 Level B conformance. Long-term archiving baseline. | Supported |
| PDF/A-2b | ISO 19005-2 Level B. Adds JPEG 2000, transparency, and attachments. | Supported |
| PDF/A-3b | ISO 19005-3 Level B. Allows arbitrary embedded files. | Supported |
| PDF/UA-1 | ISO 14289-1. Universal accessibility — tagged PDF, reading order, alt text. | Supported |
| PDF/X-3 | ISO 15930-3. Graphic exchange for print production. | Roadmap |
| PDF/A-4 | ISO 19005-4. Latest archiving standard. | Roadmap |
PDFluent requires a commercial license for production use. The license is per-developer and grants unlimited deployments within the licensed entity. No per-document or per-API-call fees.
Full license termsPDFluent has no GPL or LGPL dependencies. Embedding it in a proprietary product does not trigger copyleft requirements. All dependencies are MIT or Apache-2.0 licensed.
A SOC 2 Type II audit is on the PDFluent roadmap. Given that PDFluent processes documents locally with no cloud data pipeline, the audit scope is limited. Enterprise customers with specific compliance requirements can find more information on the pricing page or reach out via email.