RED LINE PDF — Privacy Policy
Effective Date: February 22, 2026
This Privacy Policy describes how ARCH-CORE LAB, LLC ("we," "us," or "our") collects, uses, stores, and shares information when you use the RED LINE PDF application ("the App"), a web-based software-as-a-service (SaaS) application for PDF markup and annotation, primarily serving architecture, engineering, and construction (AEC) professionals.
It supplements the ARCH-CORE LAB, LLC corporate Privacy Policy with product-specific disclosures for RED LINE PDF. In the event of a conflict between this document and the corporate Privacy Policy, the more specific provision in this document applies for RED LINE PDF users.
1. Data We Collect
1.1 Account Information
When you create an account, we collect your email address and display name. For OAuth signups via Google or Microsoft, we receive your email and name upon your consent. We do not store passwords for OAuth users. Email/password users' credentials are managed by our authentication service at register.archcorelab.com.
1.2 Project and Collaboration Data
When you create projects or invite collaborators, we store the following on our servers (Azure Cosmos DB):
- Project name, number, and description
- Creator information (user ID, email, display name)
- Collaborator information (user ID, email, display name, role, cloud share status)
- Sheet metadata (sheet number, title, discipline, scale, OCR confidence scores)
- Markup statistics (counts and completion status) — not markup content
- Sync status between collaborators
Important: Your actual PDF documents and markup content are never stored on our servers. They remain on your local device or in your connected cloud storage accounts (Google Drive or OneDrive). Only metadata and statistics are stored server-side.
1.3 User Settings and Preferences
We store your application preferences on our servers, including:
- Title block templates for OCR extraction
- Per-tool default settings (colors, line weights, fonts)
- Markup style presets
- Theme, grid, and viewer settings
- Connected cloud storage accounts (provider name, email, display name, connection date)
1.4 Browser Local Storage
The App stores the following data in your browser's localStorage (not cookies):
- Authentication token (JWT) — to maintain your login session
- Cloud storage tokens — OAuth access and refresh tokens for Google Drive and/or OneDrive, along with associated email and display name
- User preferences — tool settings and UI state for offline access
- Temporary session data — email verification polling tokens
You can clear all locally stored data at any time through your browser settings. Clearing this data will log you out and disconnect cloud storage accounts.
1.5 Proprietary File Format (.rdln)
The App creates .rdln files to store your markup annotations. These files contain your annotation data (shapes, text, dimensions, etc.) and are stored in your chosen location — either on your local device or in your Google Drive/OneDrive account. We do not have access to the contents of these files unless they are stored in a shared cloud folder you control.
2. OCR and AI-Powered Data Processing
The App includes optical character recognition (OCR) capabilities for extracting text from construction drawings (e.g., title block metadata such as sheet numbers, titles, revisions, and scales).
How it works:
- When you initiate OCR, selected PDF pages are converted to images
- These images are transmitted to Microsoft Azure Computer Vision (Read API) for text extraction
- Extracted text is returned to the App and may be stored in your project metadata on our servers
- Processing supports single pages, batch processing (up to 10 pages at a time), and full-document extraction
What this means for your data:
- Document image data is transmitted to Microsoft Azure servers in the United States for processing
- Microsoft processes this data in accordance with their Cognitive Services data privacy and security policies
- Microsoft states that customer data submitted to Cognitive Services is not used to train their AI models
- Image data is not persisted by Microsoft after processing is complete
We recommend that you do not submit documents containing sensitive, confidential, classified, or personally identifiable information to the OCR feature unless you have verified compliance with your organization's data handling requirements.
2.1 Image Tracing (Client-Side Only)
The App also provides raster-to-vector image tracing (Trace Mode), which converts scanned drawing content into editable vector paths. This processing happens entirely within your browser — no document data is transmitted to any external service for this feature.
3. Third-Party Services and Sub-Processors
The App relies on the following third-party services that may process your data:
| Service | Provider | Purpose | Data Processed |
|---|---|---|---|
| Azure Static Web Apps | Microsoft | App hosting, OAuth routing | HTTP requests, authentication flows |
| Azure Cosmos DB | Microsoft | Database | Projects, user settings, collaborator info, OCR results |
| Azure Computer Vision | Microsoft | OCR text extraction | PDF page images (transient, not persisted) |
| Azure Communication Services | Microsoft | Transactional email | Collaborator email addresses, invitation content |
| Azure Blob Storage | Microsoft | File storage | Application assets |
| Azure Key Vault | Microsoft | Secrets management | API keys and connection strings (no user data) |
| Google Drive API | Cloud file storage | PDF and .rdln files in user's Drive | |
| Microsoft Graph / OneDrive | Microsoft | Cloud file storage | PDF and .rdln files in user's OneDrive |
| Stripe | Stripe, Inc. | Payment processing | Payment details (handled by Stripe directly) |
| Google OAuth | Authentication | Email, name (with user consent) | |
| Microsoft OAuth / Azure AD | Microsoft | Authentication | Email, name (with user consent) |
4. Cloud Storage Integrations
When you connect Google Drive or OneDrive, the App:
- Requests authorization through OAuth to access your cloud storage
- Reads and writes PDF and
.rdlnfiles in designated project folders - May create shared folders and grant access to collaborators through the cloud provider's sharing mechanisms
- Stores OAuth tokens (access and refresh tokens) in your browser's
localStorage
Google Drive scopes requested: https://www.googleapis.com/auth/drive.file, email, profile. The drive.file scope grants access only to files you explicitly open or create with RED LINE PDF — it does not grant access to any other files in your Google Drive.
OneDrive scopes requested: Files.ReadWrite, offline_access. Sign-in additionally uses openid, profile, email, and User.Read.
You can disconnect cloud storage accounts at any time through the App settings. Disconnecting removes stored tokens from your browser but does not delete files already saved to your cloud storage.
5. Google API Services — Limited Use Disclosure
RED LINE PDF's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We request only the
drive.filescope, which grants access solely to files you explicitly open or create with RED LINE PDF — not your entire Google Drive. - We use Google Drive data only to provide and improve the cloud storage and collaboration features you have enabled.
- We do not transfer or sell Google user data to third parties, except as necessary to provide or improve the service, to comply with applicable law, or as part of a merger, acquisition, or sale of assets.
- We do not use Google user data for advertising purposes.
- We do not allow humans to read Google user data unless we have your affirmative consent, it is necessary for security purposes (such as investigating abuse), it is required to comply with applicable law, or the data has been aggregated and anonymized.
Microsoft / OneDrive: Data accessed via the Microsoft Graph API is used solely to provide OneDrive file storage and collaboration within RED LINE PDF. This access is governed by the Microsoft APIs Terms of Use and the Microsoft Services Agreement. We do not use OneDrive data for advertising and do not sell it to third parties.
6. Collaboration and Third-Party Personal Data
When you invite collaborators to a project, you provide their email addresses to us. We use these email addresses to:
- Send invitation emails via Azure Communication Services
- Associate collaborators with project access roles (Owner, Editor, Viewer)
- Facilitate cloud folder sharing through Google Drive or OneDrive
Your responsibility: By providing collaborator email addresses, you represent that you have obtained appropriate consent from those individuals to share their email addresses with us for the purposes described above. We use collaborator information solely for project collaboration and do not use it for marketing purposes.
7. Data Retention
In addition to the retention periods in our corporate Privacy Policy:
- Project metadata: Retained while your account is active; deleted within 90 days after account closure or project deletion
- User settings: Retained while your account is active; deleted within 90 days after account closure
- OCR results: Stored as part of project metadata and subject to the same retention period
- Collaboration data: Collaborator records are removed when a collaborator is removed from a project or the project is deleted
- Browser local storage: Persists until cleared by the user or browser
- Local files (.rdln, PDFs): Remain on your device indefinitely — we have no access to or control over locally stored files
8. International Data Transfers
All server-side data is stored and processed in the United States using Microsoft Azure infrastructure. If you access the App from outside the United States, your data will be transferred to and processed in the United States. By using the App, you consent to this transfer.
When you use OCR features, document images are processed by Microsoft Azure Computer Vision in the United States. Microsoft Azure maintains compliance certifications including SOC 2, ISO 27001, and GDPR data processing agreements where applicable.
9. Your Rights
In addition to the rights described in our corporate Privacy Policy, you can:
- Export your data: Use the App's export features to save your markups in standard formats (PDF, JPEG, PNG, BMP, SVG, DXF) at any time
- Disconnect cloud accounts: Remove Google Drive or OneDrive connections through the App
- Clear browser data: Delete all locally stored tokens and preferences via browser settings
- Delete your account: Request account deletion via the account management site or by contacting privacy@archcorelab.com. When you delete your account, all associated server-side data (project metadata, user settings, OCR results) is permanently deleted within 90 days.
- Revoke cloud access: You may revoke RED LINE PDF's access to your Google account at any time via Google Account permissions, and to your Microsoft account via Microsoft account apps
- Opt out of OCR: OCR features are always user-initiated — no document data is ever sent for processing without your explicit action
10. Children's Privacy
The App is designed for professional use and is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete it promptly.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a revised effective date. Continued use of the App after changes take effect constitutes acceptance of the updated policy.
12. Contact
For privacy-related questions specific to RED LINE PDF:
- Privacy inquiries: privacy@archcorelab.com
- General support: support@archcorelab.com
- Corporate Privacy Policy: www.archcorelab.com/privacy
Copyright © 2025-2026 ARCH-CORE LAB, LLC. All rights reserved. RED LINE PDF is a product of ARCH-CORE LAB, LLC.