diff --git a/fillpdf.module b/fillpdf.module
index 1642cadd8f16dc385755e5ed0647f3f80633db9f..1aacf481e8c9881ffe18cef90fcb33e3028ec130 100644
--- a/fillpdf.module
+++ b/fillpdf.module
@@ -2071,10 +2071,18 @@ function fillpdf_scheme_options() {
 }
 
 /**
- * Returns the configured default scheme for FillPDF.
+ * Returns the default scheme for PDF files populated by FillPDF.
+ *
+ * For security reasons we're picking the system's file default scheme, unless
+ * it is 'public' while the more secure 'private' is available.
  */
 function fillpdf_default_scheme() {
-  return variable_get('fillpdf_scheme', 'public');
+  $site_default_scheme = variable_get('file_default_scheme');
+  if ($site_default_scheme == 'public') {
+    $scheme_options = fillpdf_scheme_options();
+    return isset($scheme_options['private']) ? 'private' : $site_default_scheme;
+  }
+  return $site_default_scheme ?: 'public';
 }
 
 /**