PDF Watermark Remover

local · offline your files stay in this browser tab

Drop a PDF. The app finds things that repeat across pages — that's the signature of a watermark. Pick the ones you want gone, hit remove, get a cleaned PDF. No upload, no server, no network calls.

How it works

A PDF page is a sequence of drawing operations. Watermarks tend to leave one of six fingerprints that body content essentially never has, so the scanner looks for each of them independently — a watermark only has to trip one.

Rotation. Body text is axis-aligned; rotated text on any page count is almost always a stamp (catches diagonal "DRAFT", embedded-font glyph-CID watermarks where the text isn't readable ASCII).

Transparent context. A text or graphics block drawn under a low-alpha or soft-mask graphics state. Body content is never transparent (catches the common pattern of a faint logo or text drawn at 20–30% opacity).

Faint color. Text drawn while the active fill color is near-white. Gated by font size (≥24pt) or page repetition so it doesn't catch light-gray page numbers or fine print (catches the classic light-gray "CONFIDENTIAL" stamp).

Repetition. Form XObjects, image XObjects, and text blocks whose bytes appear on multiple pages. The body of a document differs page to page; a watermark by definition doesn't.

When something matches, you see a preview (when the text is readable) and the pages it appears on. Tick the ones to remove. The matched XObjects are deleted from each page's Resources and their underlying stream bytes are zeroed out; text blocks are spliced out of the content stream. The watermark bytes are gone from the file — not hidden, not covered.

Privacy — verify it yourself

Your PDF never leaves this browser tab. No upload. No analytics. No third-party scripts. Five ways to confirm that, in order of paranoia:

  1. Watch the network. Open DevTools (F12) → Network tab → drop a PDF and run remove. Zero new requests after the page first loads.
  2. Disconnect your WiFi before processing. Everything still works.
  3. Try to break out. In the DevTools Console, type fetch('https://example.com'). The browser refuses with a Content-Security-Policy violation. The CSP set on this page blocks every kind of outbound call — fetch, XHR, WebSocket, tracking pixels, external scripts, the lot.
  4. Read the source. Right-click → View Page Source. Two libraries inline: pdf-lib (MIT) and pako (MIT), both audited for eval / new Function — zero matches. Plus the removal engine and UI glue. No analytics, no telemetry, no remote anything.
  5. Paranoia mode. Save this HTML file to disk and open it directly from your filesystem. Every feature still works offline, and the only request a hosted version makes — the initial page fetch — goes away too.

The one honest caveat: when this page is served from the web, the host (Netlify) logs the initial page request like any web host does. The CSP above prevents the page from making any further request after that — so your PDF and what you do with it are invisible to anyone but you. If even the page-load log bothers you, use paranoia mode.