Last Updated: 1st of October, 2024
This Data Processing Agreement serves to clarify the processing practices of PostLabel ("the Service"). We explicitly state that our service does not collect or process Personally Identifiable Information (PII), as defined by the UK ICO, GDPR, UK-GDPR, and CCPA and other relevant Data Protection Regulation & Legislation.
All data processing, including PDF extraction and analytics, occurs client-side, never leaving your browser or hitting any of our servers. The Service does not transmit, store, or process any personally identifiable information on our servers.
The Service utilises cookie-less tracking providers that entirely obscure any PII when handling and routing user requests. This includes Cloudflare, Vercel and Plausible.
For PDF processing, among other things, the Service utilises the pdf.js (pdfjs-dist) library from Mozilla. It introduces an entity of PDF Worker which can be observed on the Network tab - a hosted script file that handles PDF processing. That script file is being downloaded externally from Cloudflare into the User's browser and still processes everything client-side without sending any telemetry or data to Cloudflare or elsewhere.
Vercel embeds a script on a page that collects user routing information but doesn't pass it onto the Service, nor does it access the content of the page that may include any potentially sensitive PII, including the contents of PDFs.
Plausible Analytics embeds a script on a page that collects user routing and origin information in an anonymised way without any of the PII.
Please refer to the privacy policies of Cloudflare, Plausible, Vercel and separately, Vercel Web Analytics for more information.
The only data collected consists of anonymised analytics data from service providers and usage data for endpoints (collected by the Service itself), detailed in our Privacy Policy, Logging and Analytics. This data is non-sensitive and does not include any Personally Identifiable Information as defined in UK ICO, GDPR, UK-GDPR and CCPA.
Users can be assured that their privacy is a priority, and our service is designed to minimize data collection, especially avoiding the processing of any personally identifiable information. Furthermore, the code is openly available on GitHub.
This disclaimer aligns with legal requirements, ensuring transparency and providing users with clear information about the nature of data processing undertaken by the Service.