Security

Security overview

This page is maintained by BatesTool to explain how the tool keeps documents on your device and what you can verify yourself.

Last updated: July 10, 2026

Client-side architecture

BatesTool is built so that document processing happens in your browser, not on our servers. When you open the tool, the application code and the pdf-lib library are downloaded to your device. From that point on, your PDFs are read, stamped, and saved locally. There is no upload step and no server-side processing of document contents.

No server storage

We do not operate a document database, object store, or file repository for user uploads. We never receive the binary contents of your PDFs, your Bates prefixes, your production index, or the number of pages you processed. If you close the browser tab without downloading, the files are gone and we have no copy to restore.

Encrypted delivery

The BatesTool website is served over HTTPS with TLS encryption. This protects the application code, fonts, and other assets while they travel from our hosting provider to your browser. It does not change the fact that your documents themselves never leave your device.

Verifiable behavior

You can confirm the client-side model yourself. Load the tool, add a PDF, then disconnect your device from the internet. The Stamp and download button will still produce your stamped PDF and CSV because the processing is done locally. Reconnect only when you want to reload the page.

Shared responsibility

Keeping documents safe is a shared responsibility. BatesTool keeps files off the network by design, but you are responsible for the security of your own device, browser, operating system, and download folder. Use device encryption, lock your screen, and follow your organization's document-handling policies.

Limitations and scope

The free tool has not completed a third-party security audit or formal compliance certification. The security claim we make is architectural: your files are not uploaded, stored, or processed by us. Enterprise customers can request a security review, audit logging, and a data processing agreement as part of an Enterprise engagement.

Report a security issue

If you discover a vulnerability or security concern, please email security@batestool.com with enough detail for us to reproduce it. We welcome responsible disclosure and will not pursue legal action against researchers who act in good faith.

Security questions

Direct answers about where documents live, encryption, and verification.

Where are my documents processed?

Your documents are processed entirely inside your web browser on your local device. BatesTool uses the open-source pdf-lib library to read, stamp, and save PDFs without sending them to a remote server.

Are my files stored on BatesTool servers?

No. We do not operate file storage for uploaded documents. Files exist only in your browser's memory while the tool tab is open. Closing or reloading the tab clears them.

Can BatesTool employees read my documents?

No. Because files never leave your device, BatesTool employees and infrastructure providers cannot access the contents of the PDFs you stamp.

Does BatesTool work offline?

Yes, for stamping. Once the page is loaded, the stamping logic runs without a network connection. Reloading the page requires an internet connection to load the application again.

Is the connection to BatesTool encrypted?

Yes. The site is served over HTTPS using TLS encryption. This protects the page code and assets as they travel from our hosting provider to your browser.

What should I do if I find a security issue?

Email security@batestool.com with a description of the issue and steps to reproduce it. We review reports promptly and do not pursue legal action against researchers who follow responsible disclosure practices.

Is BatesTool audited or certified?

The current free tool has not undergone a third-party security audit or formal certification. The client-side architecture is designed to minimize data exposure by keeping documents on your device. Enterprise customers can request a security review and DPA as part of an Enterprise plan.

How do I verify that files are not uploaded?

Open the tool, load a PDF, then disconnect from the internet. Click Stamp and download. The PDF will still process and download because everything happens locally in your browser.

See it work offline

The fastest security test is to stamp a PDF with your internet connection turned off. The tool does not need a server to process your documents.