Convert
Convert.FAST Current

Transform files between formats
Compress.FAST

Shrink files without losing quality
PDF.FAST Soon

Professional PDF tools
Extract.FAST

Pull images from documents
Tools.FAST

Your complete file toolkit

100

Your data, protected

Security & Privacy

Your files are your business. We built every layer of Convert.FAST to keep it that way.

Last updated: February 2026

Encryption

All connections to Convert.FAST use TLS 1.3 with perfect forward secrecy — your files are encrypted from the moment they leave your browser. On our servers, files are encrypted at rest using AES-256-GCM. Each file receives a unique encryption key derived via HKDF-SHA256 with a random salt, meaning that even if one key were compromised, no other file would be affected. During conversion, files are decrypted only in memory for the duration of processing, then immediately re-encrypted. Decrypted data is never written to disk.

Data Isolation

Each conversion job runs in complete isolation. Files are stored in per-job directories with unique identifiers, encrypted with per-file keys, and accessible only through authenticated download endpoints that verify ownership. No Convert.FAST team member can access your file contents — there are no admin endpoints for viewing or downloading user files, and encryption keys are managed programmatically without manual access.

Where Your Data Lives

For standard conversions, your files are stored and processed entirely on infrastructure we own in the European Union. Files stream from your browser to our servers in Germany, encrypted with TLS 1.3.

For AI-powered features (audio transcription, and upcoming OCR/upscaling), files are sent to vetted GDPR-compliant providers. See How Your Files Are Processed below for details on our provider requirements.

No Permanent Storage

Convert.FAST intentionally does not provide permanent file storage. We are a file conversion service, not a cloud storage provider. Your files exist on our servers only for the time needed to process them and for you to download the results. After 1 hour, all files — both input and output — are permanently and irreversibly deleted.

Automatic Deletion

All files are automatically deleted 1 hour after conversion completes—regardless of plan tier. You can also delete files immediately after downloading. Once deleted, files are securely wiped and cannot be recovered.

What we retain (for billing and fraud prevention): job identifiers, conversion type, file sizes, processing time, and credits consumed.

What we do NOT store:

  • Filenames (only file extensions)
  • File contents or thumbnails
  • EXIF metadata extracted from images
  • Raw IP addresses (we store only irreversible HMAC-SHA256 hashes for abuse prevention)

How Your Files Are Processed

Standard Conversions (Images, Documents, Ebooks, Archives)

For the vast majority of conversions—image format changes, document conversions, ebook transformations, and archive operations—we process files entirely on infrastructure we own in the European Union. Your files never leave our servers. We use open-source libraries (libvips, FFmpeg, Pandoc) with no external API calls.

AI-Powered Features (Audio Transcription, Coming Soon: OCR, Upscaling)

Some advanced features use specialized AI providers to deliver quality that local processing cannot match. For these features:

  • GDPR-compliant providers only. We use providers with full Data Processing Agreements and Standard Contractual Clauses.
  • No AI training. Your files are never used to train models. Processing is solely for your requested conversion.
  • Immediate deletion. Files are deleted from provider systems immediately after processing completes.
  • Processor role. Providers act as data processors under our instructions—they cannot use your data for any other purpose.

We carefully vet all AI providers based on privacy practices, security certifications, and GDPR compliance—not just performance.

Privacy by Default

Image metadata stripped by default. EXIF data including GPS coordinates, camera info, and timestamps are removed from converted images to protect your privacy.

Audio metadata preserved by default. ID3 tags (artist, album, title) and chapter markers are retained during audio conversion to maintain playback organization. No personal or location data is typically embedded in audio files.

No AI training. Ever. We do not use your files to train, fine-tune, or improve any machine learning model — ours or anyone else's. Your content is processed solely for the conversion you requested, then deleted.

No content analysis. We do not scan, fingerprint, index, or analyze your file contents for advertising, profiling, or any purpose other than conversion. We have no interest in what your files contain.

No filename analysis. We don't log, analyze, or monetize your filenames. We have no interest in what you're converting or why.

Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access your job metadata
  • Delete your files immediately (manual delete button) or request account data deletion
  • Export your job history
  • Object to processing

To exercise your rights, email privacy@convert.fast. We respond within 30 days. See our full Privacy Policy for details.

Contact