Legal
Last updated: June 27, 2026 · Kikuchi Software Ltda.
The short version
Your PDF files never leave your machine. All comparison is local.
No telemetry, no analytics, no usage tracking built into the binary.
The only network call is license validation — and it never sends your PDF content.
Kikuchi Software Ltda. ("we", "us", "our") is the developer and publisher of PDFJOB, a PDF comparison command-line tool. Our contact address for privacy-related matters is [email protected].
PDFJOB processes PDF files entirely on the machine where it is installed. The content of your PDF files is never transmitted to Kikuchi Software Ltda. or to any third party. Rendered page images, comparison outputs, and generated reports remain exclusively within your local filesystem or your organisation's internal network.
3.1 Machine ID — Pro and Site License only
To enforce machine-bound licensing, PDFJOB derives a unique machine identifier by hashing hardware attributes (OS machine-id, network interface MAC addresses, hostname) with an application-specific salt using SHA-256. The result is a 34-character hexadecimal string. It is a one-way hash — the underlying hardware attributes cannot be reconstructed from it.
This identifier is used to:
3.2 License Validation Call — Pro and Site License only
When you run a Pro comparison, PDFJOB makes a single HTTPS POST request to our license validation endpoint. This request contains:
What IS sent
The license file bytes (hashed machine ID + licensee name/email)
What is NOT sent
PDF content, file paths, comparison results, or any document data
The server responds with: (a) whether the license is valid, and (b) the current server time to prevent clock-manipulation attacks on expiry dates.
3.3 Community Edition
The Community Edition makes zero network calls. It runs entirely offline. No license validation, no telemetry, no update checks.
3.4 Website
When you visit pdfjob.io, standard web server logs may record your IP address, browser user agent, referrer URL, and pages visited. We use this data only for security monitoring and aggregate traffic analysis. We do not use third-party analytics services.
The limited data described above is used exclusively to:
Validate that a license file is authentic and has not expired
Prevent clock-manipulation attacks by providing authoritative server time
Respond to support requests you initiate by email
Send license renewal reminders to the email address on the license (Pro/Site only)
We do not sell, rent, or share your personal data with third parties for marketing purposes.
License records (licensee name, email, machine ID hash, issue date, expiry) are retained for the duration of the license plus 3 years for accounting and legal compliance purposes. Email correspondence is retained for 2 years.
You may request deletion of your data by contacting us at [email protected] — deletion requests will be honoured subject to legal retention obligations.
Depending on your jurisdiction, you may have the right to:
Access
Request a copy of the personal data we hold about you
Correction
Request that inaccurate data be corrected
Deletion
Request that your data be erased, subject to legal obligations
Withdraw consent
Where processing is based on your consent
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
License files are cryptographically signed with Ed25519. The license validation endpoint uses HTTPS and requires a shared authentication token embedded at compile time, preventing redirection to a fraudulent server. The machine ID is a one-way SHA-256 hash; the underlying hardware identifiers cannot be reconstructed from it.
We may update this Privacy Policy to reflect changes in the Software or legal requirements. We will notify active licensees by email of material changes at least 30 days before they take effect. The date of the most recent revision is displayed at the top of this page.