// Trust & Security Report
No commercial legal entity — Pandoc is an open-source project (GPL v2+) primarily maintained by John MacFarlane and contributors, hosted at github.com/jgm/pandoc
Universal document format converter distributed as a command-line tool and a Haskell library (used to build custom readers/writers/filters). No hosted/SaaS product, no team or enterprise tier, no accounts.
Certifications held
0
Maturity
Unknown
Trains on your data
No
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 8 unconfirmed / not-held certifications
source: pandoc.orgNo public evidence. Pandoc has no company, trust center, or compliance page; SOC 2 does not apply to a locally-run open-source CLI tool with no vendor-hosted service.
source: pandoc.orgNo public evidence. No ISMS scope exists because there is no hosted service or company entity to certify.
source: pandoc.orgNo public evidence and not applicable — Pandoc processes files locally on the user's machine; there is no vendor-side handling of PHI to attest to.
source: pandoc.orgNo formal GDPR compliance statement published. The code signing policy states the program 'will not transfer any information to other networked systems unless specifically requested by the user or the person installing or operating it,' which is a strong privacy-by-design posture but not a documented GDPR compliance program.
source: pandoc.orgNo public evidence; not applicable — no payment processing, no hosted service.
source: pandoc.orgNo public evidence; not applicable — Pandoc has no AI/ML features.
source: pandoc.orgNo public evidence; not applicable — no cloud service is offered by the project.
source: pandoc.orgNo public evidence; not applicable — no hosted federal-facing service.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Not offered
Data region
Not applicable — all conversion happens locally on the user's own machine; no data is transmitted to any Pandoc-operated server by default.
Pandoc has no AI/ML functionality and there is no vendor-operated service that could collect or train on user documents. It is a local conversion tool; per its own code signing policy it 'will not transfer any information to other networked systems unless specifically requested by the user or the person installing or operating it.'
// Security controls
Data transmission
Local-only tool by default; does not transfer data to networked systems unless the user explicitly requests it (e.g., fetching a remote resource referenced in a document)
pandoc.orgVulnerability disclosure
Report via email to the maintainer (jgm@berkeley.edu); a published GitHub security policy exists but only the most recent release receives security fixes
github.comRelease signing
Windows binaries are code-signed via a free certificate from SignPath.io / SignPath Foundation; release approval is limited to two named maintainers (John MacFarlane, Albert Krewinkel)
pandoc.orgKnown risk area (output safety)
Pandoc's own documentation warns that HTML it generates is not guaranteed safe: if the raw_html Markdown extension is enabled, untrusted input can inject arbitrary HTML, and even with it disabled, dangerous content can appear in URLs/attributes
pandoc.org// Products & data scope
data: Operates on files supplied locally by the user; no network calls unless the user's document/command explicitly requires fetching a remote resource
Primary distribution; free and open source under GPL v2 or later; no account, no cloud component
data: Embedded in a host application; same local-only default behavior as the CLI
Used to build custom readers/writers/filters in Lua or Haskell; distribution and licensing identical to the CLI
// What to watch
- Identity conflation risk: 'Pandoc' (pandoc.org, open-source GPL document converter maintained by John MacFarlane) is a completely different entity from 'PandaDoc' (pandadoc.com, a commercial SaaS e-signature/document platform that does hold SOC 2 Type II, HIPAA, and GDPR compliance claims). These must never be merged in the listing; PandaDoc's certifications do not apply to Pandoc.
- No commercial entity: Pandoc is an open-source project with no company, trust center, privacy policy, or terms of service page. Standard SaaS vendor compliance certs (SOC 2, ISO 27001, HIPAA) do not apply to this project type and should not be implied as 'in progress' or 'available on request.'
- No public privacy policy or terms-of-service page found on pandoc.org; GPL license/COPYRIGHT file on GitHub is the closest equivalent to legal terms.
- Category fit: Pandoc has no AI/ML functionality — it is a general-purpose document format converter. Confirm with the AIFOXX catalog team whether it belongs in an 'AI tools' directory or should be recategorized/labeled as a developer utility.
// At a glance
Pricing model
Free and open source (GPL v2+); no paid tiers
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on No commercial legal entity — Pandoc is an open-source project (GPL v2+) primarily maintained by John MacFarlane and contributors, hosted at github.com/jgm/pandoc's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-08. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
pandoc.org