Privacy policy and GDPR compliance

Our user’s privacy is our top priority. Your security comes first in everything we do. It is only you, who choose how your data collected, processed and used.

Personal Information

Browsing convertio.co is free of a charge. You don’t have to share any personal or sensitive information with us and you don't have to worry about the safeness of your privacy. We do journal some impersonalized data, like IP address, input and output file types, conversion duration, conversion success/error flag. This information used for our internal performance monitoring, kept for a long time and not shared with third parties.

E-mail Addresses

You may use our service without disclosing your email address as long as you stay within free tier limits. If you hit the limit, you will be offered to complete a simple registration and order a premium service. We guarantee that your email address and any personal information will not be subject to sale or lease for personal or commercial purposes.

Certain Exceptional Disclosures

Disclosure of your personal information can be done to protect our legal rights or if the information is a potential threat to the physical safety of any person. We can make the disclosure of data only in the cases stipulated by law or in a court order.

User’s Files Handling and Keeping

We convert more than 10 million files (300 TB of data) every month. We delete input files and all temporary files instantly after any file conversion. We delete output files instantly when the user clicks 'X' in web panel, otherwise, output files deleted after 24 hours. This implies that you can delete your files on your own anytime. We can’t make a backup copy of your files even if you ask us to do so. To save a backup copy of or all the contents of the file we need your user agreement.

Your files are exclusively bound to your IP address. Only the user, who initiated the conversion, can download the result file.

Security

All communications between your host, our frontend server and conversion hosts performed via secure channel with HSTS enabled, which prevents data to be altered or diverted. This completely protects your data from unauthorized access. All collected information on the website is protected from disclosure and unauthorized access by using physical, electronic and managerial protection procedures.

We keep your files in the European Union.

Cookies, Google AdSense, Google Analytics

convertio.co use cookies to store information and track user’s limits. We also use third party advertisement networks and can’t rule out the possibility that some of these advertisers will use their own tracking technologies. By placing an ad, advertisers can gather information about your IP address, browser capabilities, and other impersonalized data in order to customize your ad usage experience, measure the effectiveness of advertising, etc. Google AdSense, which is our main advertising provider, use cookies extensively and its tracking behavior is part of Google's own privacy policy. Other third party ad network providers can also use cookies under their own privacy policies.

We use Google Analytics as our main analytics software, in order to get insights about how our visitors use our website and deliver better user experience for our users. Google Analytics gather your personal data under their own privacy policy which you should review carefully.

Links to third-party websites

While browsing convertio.co, users can stumble upon links that will lead to third-party websites. Often these sites will be a part of our company’s network and you can be assured that your personal data is safe, but as a general precaution, remember to check third-parties site’s own privacy policy.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals across the EU and within the European Economic Area. It becomes enforceable on 25 May 2018.

In the terms of the GDPR, Convertio act as the data controller and data processor.

Convertio act as a data controller when it directly collects or processes personal data providing services to end users. It means that Convertio acts as a data controller when you upload files, which may contain your personal data. If you exceed the free tier limit, you will be offered to order a premium service, in which case we also collect your email address for managing your account. This privacy policy explains in detail which data we collect and share. We do collect your IP address, access times, types of the files you convert and an average conversion error rate. We do not share this data with anyone.

All your billing information is collected and processed by our payment provider – FastSpring Limited, under its own GDPR-compliant privacy policy.

Convertio does not extract or collect any data from your files, nor sharing or copying it. Convertio irreversibly deletes all your files according to “User’s Files Handling and Keeping” section of this policy.

Convertio acts as a data processor if it processes data on behalf of its customer, i.e. when you use Convertio API or any other way to process files of your own customers. As a data processor, Convertio will treat and manage your data in accordance with strict security standards, maintaining a high level of security and keeping your data inside the EU throughout the whole file conversion process.

If you have any questions regarding our privacy policy and GDPR compliance, feel free to contact our customer support.