We don't want your data.
We want your privacy.
Every document on mder.pro has a built-in expiration. When it expires, its sensitive content is permanently deleted — no manual review, no backup tier, no retention loophole.
01 · Automatic data deletion (TTL)
When you publish, you set a Time-To-Live (TTL) — the number of hours before the document expires and its sensitive content is wiped.
After expiry: blocks, metadata, and title are deleted and replaced with a placeholder. The document becomes unviewable.
02 · What gets deleted
On expiration we permanently erase:
- ▮Document content (all blocks)
- ▮Document title
- ▮Metadata and metadata fields
- ▮Rendering options
- ▮Access policies
03 · Privacy-safe analytics
We retain aggregate stats, but never linked to your documents:
- ▮Total documents created (count, not content)
- ▮Aggregate view counts (not per-document)
- ▮Document format types (anonymized)
- ▮Export counts (not export contents)
We cannot reconstruct documents from logs, link analytics to accounts, or identify which document generated which view.
04 · You can delete anytime
05 · Audit trail
Every deletion writes an immutable audit record (no document content) containing:
- ▮Document ID and deletion timestamp
- ▮Reason (TTL expired, user request, or admin action)
- ▮Who initiated deletion
Your rights
- ▮ Right to deletion — any data can be deleted immediately.
- ▮ Right to portability — export your documents anytime.
- ▮ Right to transparency — see all activity and audit logs.
- ▮ Right to privacy — no sharing, no selling of data.
Questions?
Email privacy@mder.pro or open an issue on GitHub.