Compliance

Our Approach

AVConvert is designed with privacy as a core architectural principle. Because all file processing occurs entirely within your browser, most data protection concerns are eliminated by design. We never receive, process, or store your files on any server.

GDPR EU

General Data Protection Regulation (EU) 2016/679

AVConvert is fully compatible with GDPR requirements:

• No personal data processing: We do not collect, process, or store any personal data. Your files remain on your device at all times.
• No data controller obligations: Since no personal data is transmitted to us, the typical data controller/processor relationship does not apply.
• No cookies or tracking: We do not use cookies, local storage, or any form of user tracking.
• Data minimization by design: Our architecture ensures zero data collection, exceeding GDPR's data minimization principle.
• Right to erasure: Since we store nothing, there is no data to erase. Closing your browser tab removes all processed data from memory.

Third-party CDNs used to deliver the FFmpeg WebAssembly runtime may log standard HTTP request metadata (IP addresses, user agents). These services operate under their own GDPR compliance obligations.

CCPA / CPRA California

California Consumer Privacy Act & California Privacy Rights Act

AVConvert complies with CCPA/CPRA requirements:

• No sale of personal information: We do not sell, share, or disclose personal information to any third party.
• No collection of personal information: We do not collect any categories of personal information as defined under CCPA.
• Right to know: We collect no personal information. There is nothing to disclose.
• Right to delete: No personal information is stored. Nothing requires deletion.
• Right to opt-out: There is no data sharing or selling to opt out of.
• Non-discrimination: All users receive identical service regardless of privacy choices.

PIPEDA Canada

Personal Information Protection and Electronic Documents Act

AVConvert's client-side architecture aligns with PIPEDA principles:

• No personal information is collected, used, or disclosed.
• No consent is required because no personal information is processed.
• The purpose of the Service is fully transparent: browser-based media conversion with no data transmission.

LGPD Brazil

Lei Geral de Proteção de Dados

AVConvert complies with LGPD by virtue of its architecture:

• No personal data is collected or processed.
• No data is transferred internationally, as all processing is local.
• No legal basis for processing is needed because no processing of personal data occurs.

UK GDPR UK

United Kingdom General Data Protection Regulation

The same protections that apply under EU GDPR apply under UK GDPR. AVConvert does not collect, process, or store personal data of UK residents.

POPIA South Africa

Protection of Personal Information Act

AVConvert does not process personal information as defined by POPIA. All file handling is performed locally within your browser.

Children's Privacy

AVConvert does not knowingly collect any information from children under 13 (COPPA), under 16 (GDPR), or any other age-based threshold. Since we collect no data from any user, these protections are satisfied by design.

Contact

If you have questions about our compliance posture or need documentation for your own compliance requirements, please contact us at the email address listed on the avconvert.app domain.