Zero-Cloud Commitment

This document serves as a standard Data Processing Addendum between the User (Controller) and DocuStitch (Service Provider). Unlike cloud-based competitors, our DPA is simplified because we do not permit your document data to enter our cloud infrastructure.

1. Nature of the Service

DocuStitch provides browser-side PDF processing utility tools. The technical nature of the software is "Client-Side Execution." All processing of document data (Merging, OCR, Compression, Conversion) occurs within the end-user's local browser memory (RAM).

2. Technical Privacy Controls

WASM Runtime

The processing engine is written in Rust/C++ and compiled to WebAssembly, ensuring strict memory isolation inside the browser sandbox.

No Backend API

DocuStitch does not maintain an 'Upload' endpoint. There is no technical pathway for your files to be sent to our backend.

3. Data Handling Obligations

In the event that you provide us with contact information (via support inquiries), we treat that data as "Operator Data" and process it strictly to fulfill your request. We do not sell or share user contact data with third parties for marketing purposes.

4. Security Measures

We implement industry-standard security measures to protect the integrity of the website code and ensure that the WASM modules served to your browser have not been tampered with.

HTTPS/TLS 1.3: All asset delivery is encrypted.
SRI (Subresource Integrity): Ensuring that script files match the intended cryptographic hash.
CORS Policies: Restricting cross-origin access to the local browser context.

5. Geographic Transfers

As no document data is transferred to our servers, there are no geographic data transfers of your personal documents. Website assets are served via a Global Content Delivery Network (CDN) to ensure low-latency access worldwide.

Data Processing.