1. Your Files Never Leave Your Device

We operate with a strict zero-knowledge policy on your file content. Our application is designed so that we physically cannot access your files. (For analytics on general site usage, see section 5.)

🚫 No Server Uploads
Your files are never sent to our servers. All conversions happen locally in your browser.
🚫 No User Accounts
We do not require registration, login, or personal information to use our tools.
🚫 No File Logging
We do not track filenames, file sizes, or file content metadata.
🚫 No Facial Recognition
We do not scan images for faces or biometric data.

2. How It Works (Client-Side Processing)

Unlike traditional online converters that require you to upload your sensitive documents to a remote server, xyzconverter uses advanced web technologies (WebAssembly and modern Browser APIs) to process your files strictly within your device's memory.

The Journey of Your File:

You select a file from your device.
Your browser grants temporary access to that specific file.
The conversion code runs locally on your CPU/GPU.
The converted file is saved directly back to your device.
At no point does the file leave your computer or phone.

3. GDPR Compliance

We are fully committed to the principles of the General Data Protection Regulation (GDPR). Our unique architecture serves privacy by design:

Lawful Basis

Since we do not collect or process personal data on our servers, strict "lawful basis for processing" (like consent or legitimate interest for data storage) does not apply to file content—because we never grasp it.

Your Rights

Right to Access/Rectification: Not applicable (we hold no data to access or fix).
Right to Erasure ("Right to be Forgotten"): You do not need to ask us to delete your files because we never had them.
Right to Portability: Your files remain on your device, ensuring full portability at all times.

4. Security Information

Security is built into the architecture of our application.

HTTPS Encryption: Our website is served exclusively over HTTPS, ensuring the integrity of the application code delivered to your browser.
Sandboxed Environments: Conversions operate within the secure sandbox of your modern web browser.
Third-Party Libraries: We use open-source libraries (e.g., for PDF and image processing) that run client-side. We regularly audit these dependencies for security vulnerabilities.

5. Analytics, Cookies & Hosting

Your files never leave your device. To understand how the site is used and improve it, we use Google Analytics 4 (loaded via Google Tag Manager) — with privacy-friendly settings and an opt-in banner on first visit.

What we measure (only after you accept)

Anonymized visits (page views, country, device type)
Which tools are most used (e.g. "xyz-to-pdf was opened")
Aggregated performance metrics (loading times, errors)

What we never collect

Your files: never uploaded — conversion runs in your browser only
File names, sizes or content: not logged, not tracked
Personal identifiers: no email, no account, no fingerprinting
IP addresses: Google Analytics IP anonymization is enabled

Consent & cookies (GDPR)

On your first visit we display a consent banner with Accept and Reject buttons. We use Google Consent Mode v2: by default, analytics and advertising storage are denieduntil you explicitly accept. Your choice is stored locally in your browser (no server tracking of consent).

To change your mind, clear your browser site data for xyzconverter.com — the consent banner will reappear.

Hosting

This website is served via a global CDN. The host may keep standard, non-identifiable server logs (access times, error rates) strictly for security and reliability.

Privacy Questions?

If you have technical questions about our implementation or specific privacy concerns, please open a discussion on our development repository.

Contact via GitHub

Privacy Policy & Security