FreeFileConvert is committed to protecting your data and running a secure, reliable conversion service. This page outlines our technical and organizational security measures.
Conversions run on infrastructure using isolated containers. Each conversion job is executed in its own container, with workloads grouped by type (e.g. video, document, ebook, archive, OCR). Your files are processed in an environment that is isolated from other users' jobs, reducing the risk of cross-user access or data leakage. We do not provide permanent storage; containers process your files and the application layer handles retention and deletion.
We do not keep your files indefinitely. Uploaded files are retained for a limited time so we can run the conversion. Once a conversion finishes, both the original and converted files are kept for a short time so you can download your results. After that, a scheduled process automatically deletes the files from disk and marks them as removed in our systems. If you delete a file yourself from the dashboard, it is expired immediately and removed on the next cleanup run. We intentionally avoid long-term storage of your content.
In transit: All traffic to and from FreeFileConvert is encrypted over HTTPS (TLS). We use current protocols and work with our infrastructure providers to keep the network protected.
At rest: Account data and notification email addresses associated with file conversions are encrypted at rest.
Protected areas of the web application require authentication. Account registration includes email verification; passwords are hashed and never stored in plain text. API access, where available, is also authenticated. Internal systems are restricted by role and access is logged.
We follow secure development practices, including dependency management, secure configuration, and regular updates. Our infrastructure and application are maintained with security and reliability in mind.
We take privacy seriously and aim to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) where it applies. For details on what data we collect, how we use it, and your rights, please see our Privacy Policy.
If you have security-related questions or want to report a vulnerability, please contact us via our contact page.