Privacy Policy

Last updated: 26 June 2026

Template for review. Replace the [bracketed] placeholders and have this policy reviewed by qualified counsel (GDPR / LGPD as applicable) before going live.

This Privacy Policy explains how [Legal Entity Name] ("we", "rust-pdf") handles personal data in connection with the rustpdf.dev website and the purchase of a license. We collect as little as possible.

1. The product itself collects nothing

The rust-pdf software runs entirely on your own machines. License verification is fully offline: it checks a cryptographic signature and expiry against a key embedded in the library. There is no network callback, no telemetry, and no usage tracking from the Software. Your documents never leave your infrastructure.

2. What the website & checkout collect

Email address: to deliver your license key and send transactional messages about your purchase.
Licensee / company name: optional, embedded in the license key you requested.
Payment information: handled directly by Stripe; we do not see or store full card numbers.
Purchase records: session/invoice identifiers, amount, currency, and the issued license metadata, kept for billing, support, and legal compliance.
Basic server logs: standard request logs for security and reliability.

3. Processors we use

Stripe, Inc. — payment processing. See Stripe's privacy policy.
Twilio SendGrid — transactional email delivery (your license key).
[Hosting provider] — hosts the website and license database.

These processors handle data only to provide their service to us.

4. Why we may process your data (legal bases)

Performance of the contract (delivering the license you bought), our legitimate interests (security, fraud prevention, support), and compliance with legal obligations (tax and accounting records).

5. Retention

Purchase and license records are retained for the period required by applicable tax and accounting law, then deleted or anonymized. You can request earlier deletion of data not subject to a retention obligation.

6. Your rights

Depending on your jurisdiction (including GDPR and LGPD), you may have the right to access, correct, delete, port, or restrict processing of your personal data, and to object to certain processing. To exercise these rights, contact [email protected].

7. International transfers

Our processors may store data in countries other than yours. Where required, transfers are covered by appropriate safeguards (such as standard contractual clauses).

8. Security

We use industry-standard measures to protect data in transit (TLS) and at rest. The license-signing key is held securely and never distributed.

9. Cookies

The website uses only what is strictly necessary to operate checkout. We do not use advertising or cross-site tracking cookies. [Update this section if you add analytics.]

10. Changes

We may update this policy; the "Last updated" date reflects the latest version.

11. Contact

Data controller: [Legal Entity Name, address]. Privacy questions: [email protected].