Privacy Policy

Konvrt ("we", "us", "our") operates the konvrt.com website and file conversion service. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

Our core principle is simple: your files never leave your device. All file conversions happen locally in your browser using WebAssembly. We do not upload, store, or process your files on our servers.

2.1 File Conversion Data

We do not collect, transmit, or store the contents of any file you convert. Conversions are performed entirely client-side in your browser.

We do collect anonymous conversion metadata for analytics and usage enforcement:

• File name (optional, for your conversion history)
• Input and output format (e.g., "PNG to WebP")
• File size (input and output, in bytes)
• Conversion duration (in milliseconds)
• Conversion status (completed, failed, cancelled)
• A randomly generated session identifier

This metadata is used to enforce daily conversion limits and to display your conversion history in the dashboard.

2.2 Account Data

If you create an account, we collect:

• Email address
• Name (if provided)
• Hashed password (we never store plain-text passwords)

Account creation is optional. You can use Konvrt's free tier without creating an account.

2.3 Payment Data

Payments are processed by our payment provider. We do not collect or store credit card numbers, bank account details, or other payment credentials. Their privacy policy governs the handling of payment data.

2.4 Automatically Collected Data

Like most websites, our server logs may record your IP address, browser type, operating system, referring URL, and pages visited. This data is used for security monitoring and is not linked to your account or conversion activity.

• Service operation: Enforcing usage limits, displaying your dashboard and conversion history.
• Account management: Authentication, password resets, team invitations.
• Product improvement: Aggregate analytics on which formats and features are most used. This data is anonymized.
• Security: Detecting abuse, rate limiting, and protecting the service.

We do not sell your data to third parties. We do not use your data for advertising. We do not train AI models on your files or data.

Account data and conversion metadata are stored in our database hosted by Convex. Data is encrypted in transit (TLS) and at rest.

Your converted files exist only in your browser's memory and are discarded when you close the tab or navigate away. We have no ability to access or recover your files.

• Conversion metadata: Retained for the lifetime of your account. Anonymous session data may be purged after 90 days.
• Account data: Retained until you delete your account.
• Server logs: Retained for up to 30 days, then deleted.

You have the right to:

• Access your personal data by viewing your dashboard and account settings.
• Delete your account and all associated data by contacting us.
• Export your conversion history from the dashboard.
• Object to processing by contacting us.

If you are in the European Economic Area (EEA), you also have rights under the GDPR including the right to data portability and the right to lodge a complaint with a supervisory authority.

We use minimal cookies required for the service to function:

• Authentication cookies: Session tokens to keep you signed in.
• Session identifier: A random ID stored in sessionStorage (not a cookie) to enforce usage limits for anonymous users.

We do not use third-party tracking cookies, advertising cookies, or analytics cookies.

• Convex: Database hosting. Stores account data and conversion metadata.
• Payment Provider: Payment processing. Handles purchases and refunds.
• Vercel: Website hosting and CDN.

Each third-party service has its own privacy policy. We select providers that meet reasonable security and privacy standards.

Konvrt is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

We may update this policy from time to time. Material changes will be communicated via email (for account holders) or a notice on the website. The "Last updated" date at the top reflects the most recent revision.

For privacy-related questions or requests, email us at privacy@konvrt.com.