iformat.io Logo iformat.io
Security & privacy

What actually happens to your files.

No legal fine print. Here's a plain-English tour of how iFormat handles your uploads — including the parts most free file tools don't want to talk about.

🔒

TLS 1.2+ everywhere

Every upload and download rides encrypted HTTPS. Nothing goes over the wire in the clear.

🗑️

30-minute auto-delete

Server-processed files are wiped within 30 minutes. No backups, no cold storage, no "just in case" copies.

🖥️

Client-side when possible

Many image and PDF jobs run entirely in your browser via WebAssembly — the file never leaves your device.

🚫

No ads, no trackers

Zero third-party ad networks. Zero behavioural tracking. We use Umami for anonymised, cookie-free traffic counts and nothing else.

The full journey of a file

Here's the sequence of events when you drop a file into an iFormat tool:

  1. Your browser inspects the file first. Many tools (image resize, PDF split, format detection) run in JavaScript or WebAssembly on your device. If that's enough, we never see the file.
  2. If a server-side step is needed, the file uploads over HTTPS to our Hetzner-hosted infrastructure in Frankfurt, Germany.
  3. The file lives in a per-request temp directory. It's readable only by the worker that's processing it. No shared storage, no S3 bucket with a public prefix.
  4. Once the conversion is done, you download the result. Both the upload and the output are permanently deleted within 30 minutes — usually within a few minutes of your download.
  5. We keep no copy. Not for QA, not for training data, not for anything.

What we log — and what we don't

We keep operational logs so we can fix bugs and stop abuse. They contain:

  • Tool used (e.g. "png-to-jpg"), file size, and processing time — for capacity planning
  • An anonymised session identifier — for rate limiting the free tier
  • Error stack traces — for debugging failed conversions

We do not log file contents, file names, file previews, thumbnails, or any of the transformed output.

Third parties we actually use

The complete list, and what each one sees:

  • Cloudflare — edge CDN and DDoS protection. Sees request URLs and IP addresses, not file content.
  • Stripe — payments for Pro subscribers only. Sees your billing details, not your files.
  • Brevo — transactional email (receipts, password resets). Sees your email address, not your files.
  • Google Sign-In — optional social login. If you use it, Google sees that you signed in — nothing about your files.
  • Umami (self-hosted) — cookie-free page-view analytics. No cross-site tracking, no personal identifiers.

That's it. No ad networks. No data brokers. No "analytics partners". Nothing that follows you around the web.

GDPR & your data rights

iFormat is operated from India with servers in the EU (Frankfurt), and we follow GDPR data-handling principles for every user regardless of location:

  • Right to access — email us and we'll send you everything on your account.
  • Right to delete — you can delete your account from your dashboard at any time. Everything associated goes with it.
  • Right to portability — your conversion history exports as JSON on request.
  • Right to object — no marketing emails without opt-in, and any opt-in is one-click to reverse.

Reporting a security issue

If you find a vulnerability, please email [email protected] with a proof-of-concept. We'll respond within one business day and won't send lawyers after researchers acting in good faith.

Last updated: 2026-06-22. If any of the above stops being accurate, this page gets updated the same day.