Privacy Policy

1. What We Collect (And What We Don't)

What We DON'T Collect

• Your file contents — For client-side conversions (90%+ of all conversions), your files never leave your browser. We never see them.
• File names or metadata — Even for server-side conversions, we don't log file names or EXIF data.
• Personal identifiers — No email required for free tier. No account, no tracking cookies.
• Third-party tracking — No Google Analytics, no Facebook Pixel, no surveillance capitalism.

What We DO Collect

• Anonymous usage statistics — We use Plausible Analytics (privacy-friendly, GDPR-compliant) to track page views and conversion type popularity (e.g., "MP3 to WAV" was used 47 times today). No cookies, no personal data, no IP tracking.
• Rate limiting data (free tier only) — To enforce the 3 server-conversions/day limit, we temporarily store a hash of your IP + user agent. This data expires after 24 hours.
• Account information (Pro users only) — If you subscribe to Pro, we collect your email address and payment information (processed by Stripe, never stored on our servers).
• Error reports — If a conversion fails, we log technical error messages (e.g., "WASM module failed to load"). No file content is included.

2. How Client-Side Conversions Work

Most conversions on The Converter happen entirely in your browser using WebAssembly (WASM) technology:

• Images (PNG, JPG, WebP, HEIC, etc.) — Converted using browser-native Canvas API and WASM decoders
• Audio (MP3, WAV, OGG, FLAC, etc.) — Converted using FFmpeg compiled to WebAssembly
• PDF operations (merge, split, compress) — Processed using pdf-lib in your browser
• Data formats (CSV, JSON, YAML, XML) — Transformed using native JavaScript

Verification: Open your browser's Network tab (DevTools) while converting a client-side file. You'll see zero network requests. Your file never leaves your device.

3. Server-Side Conversions (When Necessary)

Some conversions require server processing because they can't run in a browser (e.g., DOCX → PDF, XLSX → PDF). Here's how we handle them:

Security Measures

• Encrypted upload — Files uploaded over HTTPS (TLS 1.3)
• Isolated processing — Each conversion runs in a temporary Docker container that's destroyed immediately after
• Temporary storage — Converted files are stored in Cloudflare R2 with automatic deletion after 1 hour
• No logging — We don't log file names, contents, or metadata. Only technical error messages (if a conversion fails).
• No human access — Our team never has access to files stored on servers.

Free vs. Pro Tier

4. Analytics & Cookies

Plausible Analytics

We use Plausible Analytics, a privacy-friendly alternative to Google Analytics. Plausible:

• Does not use cookies
• Does not track users across websites
• Does not collect personal data
• Is GDPR, CCPA, and PECR compliant
• Stores data in the EU

We track: Page views, conversion type popularity (e.g., "HEIC to JPG"), referral sources. We don't track: Individual users, file names, file contents, IP addresses.

Cookies

We use minimal cookies:

• Session cookie (Pro users only) — Required for authentication. Expires when you close your browser.
• Consent cookie — Remembers your cookie consent choice for 1 year.

We do NOT use: Advertising cookies, tracking cookies, third-party cookies.

5. Third-Party Services

• Stripe (payment processing) — If you subscribe to Pro, Stripe processes your payment information. We never store credit card details. See Stripe's Privacy Policy.
• Plausible Analytics — Privacy-friendly analytics (see above). See Plausible's Privacy Policy.
• Vercel (hosting) — Our website is hosted on Vercel. See Vercel's Privacy Policy.
• Cloudflare R2 (temporary file storage) — Server-side conversions use Cloudflare R2 for temporary storage. Files are automatically deleted after 1 hour. See Cloudflare's Privacy Policy.
• Google AdSense (advertising, free tier only) — Display ads are served via Google AdSense. Ads are clearly labeled and separated from tool UI. You can opt out via Google Ad Settings. Pro users never see ads.

6. Your Rights (GDPR & CCPA)

Under GDPR (Europe) and CCPA (California), you have the right to:

• Access — Request what data we have about you (spoiler: almost nothing)
• Deletion — Request deletion of your account and data
• Portability — Request a copy of your data in a machine-readable format
• Correction — Request correction of inaccurate data
• Opt-out — Opt out of analytics (block plausible.io in your browser)

To exercise these rights, email us at privacy@theconverter.app.

7. Data Retention

• Client-side conversions — Never stored. Files are processed in your browser and immediately released from memory after download.
• Server-side conversions — Deleted from Cloudflare R2 automatically after 1 hour. Processing logs purged after 7 days.
• Rate limiting data — Expires after 24 hours.
• Account data (Pro users) — Retained until you cancel your subscription, then deleted within 30 days.

8. Security

We take security seriously:

• All connections use HTTPS (TLS 1.3)
• Server-side conversions run in isolated Docker containers
• No file content is logged or retained after processing
• Regular security audits of our open-source conversion libraries
• Minimal attack surface (most processing happens client-side)

9. Children's Privacy

The Converter is not directed at children under 13. We don't knowingly collect data from children. If you believe a child has provided us with personal information, contact us at privacy@theconverter.app.

10. Changes to This Policy

We may update this privacy policy occasionally. If we make significant changes, we'll notify users via email (Pro users) or a banner on the website (free users). Continued use after changes means you accept the updated policy.

11. Contact Us

Questions about privacy? Contact us:

• Email: privacy@theconverter.app
• General inquiries: support@theconverter.app