Security, privacy & data protection

How processing works (client-side / local-first)

Image conversion (for example PNG or JPG to WebP, favicon ICO, SVG rasterization) and most PDF operations (merge, split, reorder pages, compress, unlock, protect, images to PDF) run directly in your web browser using JavaScript and standard browser APIs (Canvas, PDF.js, pdf-lib, and related libraries).

When you click "convert" or "download", the bytes of your file are read from your disk into memory inside the browser tab, transformed, and offered back to you as a download. In normal use, raw file contents are not sent to File Utils application servers for processing. That model is often described as client-side, local, or offline-friendly (you still need to load the app once over the network unless you self-host a built copy).

What we do not do with your files

• No central file storagefor your uploads as part of conversion. There is no "your documents inbox" on our backend tied to these tools in standard deployment.
• No account is required, so we do not link conversions to a user profile on our side for these browser-only flows.
• Tools do not rely on sending the full PDF or image to a proprietary "conversion API" to perform the core merge, split, reorder, format change, or similar actions described on this site.

If you deploy your own instance, you remain responsible for your hosting provider's logs (for example access logs, TLS termination, or CDN analytics). The application design still keeps conversion workin the visitor's browser.

Network requests you should know about

Loading the site pulls HTML, JavaScript, CSS, fonts, and static assets (for example the PDF.js worker file) from your host or CDN. Those requests are typical for any web app. An optional rate-limit ping may be used on batch actions to reduce abuse; it does not need your file bytes.

Third-party libraries (PDF.js, pdf-lib, encryption helpers, icon sets) run in your tab like the rest of the app. Review your deployment's subresource integrity and update policy if you operate in a regulated environment.

Passwords, confidential PDFs, and operational security

When you unlock or protect a PDF, passwords exist only in your browser memoryfor the duration of the operation. Close the tab when finished on a shared computer. We still recommend following your organization's policy for classified or personal data. Browser-based tools are convenient but cannot replace enterprise DLP, auditing, or legal review.

After unlocking, the exported copy may be rasterized (image-based pages) depending on the method used; verify the output meets your compliance needs before destroying originals.

Cookies, analytics, and marketing trackers

The open-source-style deployment of File Utils described here does not require marketing cookies for core conversion. If you add Google Analytics, Plausible, or similar to your own deployment, disclose that in your privacy policy. This repository cannot make legal promises for your domain.

Best practices for users

• Keep backups before merging, splitting, or compressing important contracts.
• Use an up-to-date browser (Chrome, Firefox, Edge, Safari) for best PDF.js support.
• For maximum isolation, run the tool on an air-gapped or offline machine after installing a local build. Contact your administrator for internal distribution.