Compliance

Our Approach

AVConvert is designed with privacy as a core architectural principle. Because all file processing occurs entirely within your browser, we never receive, process, or store your files on any server.

We do use two third-party services that involve limited data collection: Cloudflare Web Analytics for aggregate, cookie-free usage statistics, and Google AdSense for advertising, which may use cookies and collect browsing data for ad personalization. The compliance notes below reflect this.

GDPR EU

General Data Protection Regulation (EU) 2016/679

AVConvert is fully compatible with GDPR requirements:

• File processing: We do not collect, process, or store any files you convert. Your files remain on your device at all times.
• Analytics (Cloudflare Web Analytics): We use Cloudflare Web Analytics, which collects only aggregated, non-personal usage data without cookies or fingerprinting. This does not constitute personal data processing under GDPR.
• Advertising (Google AdSense): We use Google AdSense, which may set cookies and process personal data (including IP address and browsing behavior) for ad personalization. Google acts as an independent data controller for this processing. Where required by GDPR, Google obtains consent through its own consent mechanisms. You may opt out via Google's Ads Settings.
• Right to erasure: We store no file or personal data ourselves. For data processed by Google AdSense, exercise your rights directly with Google per their privacy policy.

Third-party CDNs used to deliver the FFmpeg WebAssembly runtime, and Cloudflare's analytics service, may log standard HTTP request metadata (IP addresses, user agents) under their own GDPR compliance obligations.

CCPA / CPRA California

California Consumer Privacy Act & California Privacy Rights Act

AVConvert complies with CCPA/CPRA requirements:

• No sale of your files or personal data by AVConvert: We do not sell or disclose any personal information we directly collect (which is none, outside of what third-party services collect on our behalf).
• Google AdSense: Google AdSense may collect personal information (browsing behavior, device identifiers) for targeted advertising. Under CCPA, this may qualify as a "sale" of personal information. California residents may opt out of personalized advertising via Google's Ads Settings or by enabling the Global Privacy Control (GPC) signal in their browser.
• Cloudflare Web Analytics: Collects only aggregated, anonymous usage data. No personal information is sold or shared.
• Right to know / delete: AVConvert holds no personal data. For data held by Google, contact Google directly per their CCPA disclosures.
• Non-discrimination: All users receive identical service regardless of privacy choices.

PIPEDA Canada

Personal Information Protection and Electronic Documents Act

AVConvert's client-side architecture aligns with PIPEDA principles:

• AVConvert does not collect, use, or disclose your files or personal information directly.
• Cloudflare Web Analytics collects aggregated, anonymous usage data without identifying individuals.
• Google AdSense may collect personal information (browsing data, device identifiers) for advertising purposes. Google's own privacy policies and consent mechanisms apply to this data collection.
• The core purpose of AVConvert is fully transparent: browser-based media conversion with no file transmission to any server.

LGPD Brazil

Lei Geral de Proteção de Dados

AVConvert complies with LGPD by virtue of its architecture:

• AVConvert does not collect or process personal data directly.
• Cloudflare Web Analytics collects only aggregated, anonymous data.
• Google AdSense may process personal data internationally. Google's own LGPD compliance and data transfer mechanisms apply to their processing.

UK GDPR UK

United Kingdom General Data Protection Regulation

The same framework that applies under EU GDPR applies under UK GDPR. AVConvert does not directly collect, process, or store personal data of UK residents. Google AdSense, as an independent data controller, handles its own UK GDPR obligations for any advertising data collected from UK visitors.

POPIA South Africa

Protection of Personal Information Act

AVConvert does not directly process personal information as defined by POPIA. All file handling is performed locally within your browser. Google AdSense, as an independent responsible party, handles its own POPIA obligations for advertising data collected from South African visitors.

Children's Privacy

AVConvert does not knowingly collect any information from children under 13 (COPPA) or under 16 (GDPR). AVConvert itself collects no data from any user. However, Google AdSense may serve ads and collect data; AVConvert is not intended for children and does not knowingly direct advertising to minors. If you believe a child has been exposed to targeted advertising through our site, please contact us.

Contact

If you have questions about our compliance posture or need documentation for your own compliance requirements, please contact us at the email address listed on the avconvert.app domain.