PDF Metadata Cleaner

METADATA PDF PRIVACY

About this tool

Strip the fingerprint your PDF leaves

View, edit, or strip every metadata field from a PDF — author, creation date, producer, and more. 100% in your browser.

RT-IMG-016 · Image & File

Drop a PDF here or click to choose Read, edit, or strip every metadata field

No PDF loaded yet.

💡 What gets stripped: the document's /Info dictionary — Title, Author, Subject, Keywords, Creator, Producer, Creation date, Modification date. XMP metadata (separate stream used by some apps) is reset to a minimal pdf-lib-default stamp. The page content itself is untouched.

Drop a PDF to begin.

🔒 PDFs stay on your device. Metadata editing happens entirely in your browser using the self-hosted pdf-lib library. Nothing is uploaded — verify in DevTools → Network.

How to clean PDF metadata

Add your PDF

Drag your file onto the dropzone or click to choose. The tool reads the metadata and shows every standard field — Title, Author, Subject, Keywords, Creator, Producer, and both dates.

Review what's in there

Many PDFs carry surprising fingerprints — the original Word document's author name, the precise creation timestamp, the version of Acrobat Pro used to export it. Confidential? Embarrassing? Either way: now you can see it.

Edit or strip

Type into any field to change it. Use Strip all metadata to clear every field at once — useful before sharing a PDF outside your organisation. Restore original undoes your edits if you change your mind.

Save the scrubbed PDF

Click Save scrubbed PDF. The downloaded file has the metadata you specified (or empty fields if you stripped). The page content — text, images, layout — is byte-for-byte unchanged.

PDF metadata — the fingerprint you didn't know you left

Every PDF carries a metadata block alongside the visible page content. When you export a PDF from Microsoft Word, the document's author name (the Windows account that owns the Word installation) is copied into the PDF's Author field. When you scan a document on a multi-function printer, the device's serial number and firmware version often end up in the Producer field. When you fill in a form in Acrobat and save it, your installed Acrobat license name lands in the Creator field. None of this is visible when you open the PDF — but it's all there in the file, readable by any tool that knows where to look.

Why this matters more than people think

The most common journalism-and-leaks story of the past decade has been an unredacted PDF where the author or contributor's name was preserved in the metadata block — sometimes despite explicit redaction of the visible content. Tax filings, government documents, internal corporate memos, legal motions: all have leaked sensitive information through metadata fields that the user assumed were either empty or removed. Adobe Acrobat Pro has a "Sanitize Document" feature for exactly this reason; the feature is hidden in submenus and rarely used by anyone outside professional information-security roles.

90% of PDF metadata leaks happen because the person sharing the file never knew it was there in the first place. Visibility is the first half of the fix.

The APAC compliance angle

Metadata leakage is a documented attack vector across Singapore's public sector (the PDPC has issued specific guidance on metadata sanitisation), Hong Kong's legal sector (the Hong Kong Bar Association recommends metadata cleaning for all client-facing document deliveries), Malaysia's banking sector (Bank Negara's outsourcing guidelines explicitly call for metadata controls), Indonesia's government workflow (the Ministry of Communications has flagged metadata as a high-risk leakage path), and Vietnam's and the Philippines' BPO sectors (client contracts increasingly mandate metadata sanitisation before forwarding). Across the region, the same trend: metadata controls are moving from "nice to have" to contractual.

What this tool does — and what it doesn't

This tool edits or clears the standard PDF /Info dictionary — the eight metadata fields shown in the form. It also resets the XMP metadata stream (the parallel metadata block used by Adobe products) to a minimal pdf-lib-default value. What it does NOT touch: the page content itself (text, images, layout), embedded fonts (which can themselves carry vendor signatures), JavaScript actions, form-field default values, embedded files (PDF attachments), or comments and annotations (which carry their own author information). For complete sanitisation including those layers, you need Adobe Acrobat's Sanitize Document feature or a desktop tool like Adobe LiveCycle.

10 Things to Know About PDF Metadata

The PDF specification defines a dictionary called /Info with 8 standard fields: Title, Author, Subject, Keywords, Creator, Producer, CreationDate, ModDate.

Adobe introduced a parallel metadata system called XMP (Extensible Metadata Platform) in 2001. Modern PDFs often have BOTH /Info and XMP carrying the same data — leakage can happen via either path.

The Producer field tells you the EXACT software that produced the PDF — including version numbers. "Microsoft Word 365 (16.0.17328.0)" tells an attacker more than you might want.

The Author field defaults to the OS account name on Windows. Many PDFs share a user's real name (or worse, internal username) without the user ever noticing.

Creation date precision is to the second, including timezone. That's enough to correlate document authorship with calendar events or surveillance logs.

Modification date updates every time you save a PDF, including from Preview on macOS or a browser's PDF viewer. Tools sometimes leak edit timestamps unintentionally.

PDF/A (the archival standard) actually REQUIRES metadata — and forbids removing certain fields. If you need PDF/A compliance, edit (don't strip) metadata.

The 2008 ISO PDF standard formalised metadata fields; older PDFs may use proprietary Adobe extensions that this tool doesn't surface but pdf-lib still cleans during re-save.

Annotations, form fields, and digital signatures carry their own metadata — including the signer's identity. This tool doesn't touch those, only the document-level metadata.

The Singapore PDPC's 2018 advisory specifically calls out metadata as a "common source of inadvertent personal data disclosure" — meaning unintentional metadata leakage can be a notifiable breach under PDPA.

FAQ

No. The pdf-lib library runs entirely in your browser. Your PDF is read into memory, metadata is rewritten in memory, and saved back to your downloads. Open DevTools → Network and watch — there's no outbound traffic.
No. The /Info dictionary is informational — PDF readers don't depend on it to display the document. Stripping every field is safe for any PDF that doesn't claim PDF/A compliance.
pdf-lib re-writes the XMP stream as part of every save operation, using a minimal default. So your edits to /Info fields are reflected in XMP automatically. If your PDF has rich XMP metadata (Adobe Creative Cloud workflows), it gets reset rather than preserved.
No. Annotations (comments, highlights, sticky notes) and form field properties have their own author metadata that this tool does NOT touch. For complete sanitisation including those layers, use Adobe Acrobat's "Sanitize Document" feature.
No. PDFs can contain embedded file attachments (other PDFs, spreadsheets, images, even executables). Those carry their own metadata that this tool doesn't reach. The /Info dictionary is document-level only.
YYYY-MM-DD or YYYY-MM-DD HH:MM (both work). Empty field means clear the date entirely. pdf-lib writes the date in the PDF spec's full format (D:YYYYMMDDHHmmSS+TZ) on save.
Restriction-only protection (no-print, no-edit) is bypassed via pdf-lib's ignoreEncryption flag. Open-password protection is not — remove the password in Adobe Acrobat or macOS Preview first.
Yes — type into any field. The PDF spec also allows arbitrary custom keys in the /Info dictionary, but those aren't covered by this tool. For custom keys you need Adobe Acrobat's Document Properties dialog.
Marginally — usually within a kilobyte. The metadata block is tiny compared to page content. Stripping fields reduces the file size by a few hundred bytes; adding long values increases it correspondingly.
Yes on iOS Safari and Chrome on Android. The form reflows to a single column on phone-width screens. All editing happens locally — same privacy story as desktop.

PDF Metadata Cleaner