Security at ConvertIntoMP4

We treat every file as sensitive by default. Our file lifecycle is designed so that nothing persists longer than absolutely necessary:

• Input files are deleted from our servers immediately after conversion completes
• Output files are stored temporarily on Cloudflare R2 and automatically purged within 2 hours
• Users can manually delete converted files at any time before the 2-hour window expires
• No backups of user files are ever created — deletion is permanent and irreversible
• Conversion metadata (job ID, format, status) is stored in Redis with a 24-hour TTL and then purged

All data in transit between your browser and our servers is encrypted using industry-standard protocols:

• 256-bit TLS/SSL encryption on every connection — uploads, downloads, API calls, and webhooks
• HSTS (HTTP Strict Transport Security) enabled with a 2-year max-age and preload directive — browsers are forced to use HTTPS
• TLS 1.3 supported via Cloudflare for the fastest, most secure handshake
• Download links use HMAC-signed URLs with expiration timestamps — they cannot be guessed or reused

Every conversion runs in its own isolated process to prevent cross-contamination between users:

• Each conversion job runs as an isolated process with its own temporary directory
• Files are bound to the user's session — no other user or process can access them
• LibreOffice instances run with unique UserInstallation paths to prevent state leakage between concurrent conversions
• Temporary files are cleaned by a disk janitor process that removes orphaned files every 5-30 minutes

Our infrastructure is hosted entirely in the European Union with enterprise-grade providers:

• Hetzner Cloud dedicated server in Helsinki, Finland (EU) — your data never leaves EU jurisdiction during processing
• Cloudflare CDN provides global edge caching, DDoS protection, and WAF (Web Application Firewall) rules
• Cloudflare R2 object storage for temporary file storage — no egress fees, EU-compliant
• PostgreSQL database and Redis cache run on the same Hetzner server — no cross-network data transfer
• Docker containerized deployment with health checks on all services

ConvertIntoMP4 is built with privacy-by-design principles and complies with major data protection regulations:

• GDPR compliant — we process the minimum data necessary, honor all data subject rights, and provide full transparency
• Data Processing Agreement (DPA) available for business customers upon request
• Privacy by design — files are auto-deleted, no human reviews content, no data is used for training
• Maximum 2-hour retention for all user files — no long-term storage of conversion data
• CCPA compliant — California residents can request data access and deletion
• See our GDPR, Privacy Policy, and DPA pages for full details

If you create an account, we protect it with multiple layers of security:

• Two-factor authentication (2FA) via TOTP — compatible with Google Authenticator, Authy, and other authenticator apps
• Passwords hashed with bcrypt — we never store plaintext passwords
• Session management with secure, HttpOnly cookies and CSRF double-submit protection
• OAuth sign-in via Google and GitHub — no password needed, tokens stored server-side only
• Login attempt rate limiting and suspicious activity detection

Our REST API is protected with multiple security layers for developers and integrations:

• API key authentication with hashed storage — keys are shown once at creation and never stored in plaintext
• HMAC-signed webhooks — every webhook delivery includes a cryptographic signature you can verify
• Rate limiting — 60 requests per minute per API key with X-RateLimit-* headers
• CORS protection — cross-origin requests restricted to authorized domains
• Input validation via Zod schemas on every endpoint — malformed requests are rejected before processing

Every uploaded file is scanned for malware before conversion begins:

• ClamAV antivirus scans all uploads in real time before they enter the conversion pipeline
• Infected files are immediately rejected and deleted — they are never processed or stored
• Virus definitions are updated automatically to protect against the latest threats
• ZIP bomb detection prevents decompression attacks from overloading the system

All 13 of our conversion engines are open-source software, publicly auditable, and trusted by millions:

• FFmpeg — video and audio conversion
• Sharp (libvips) — high-performance image processing
• ImageMagick — image format fallback
• LibreOffice — document conversion (PDF, DOCX, XLSX, PPTX)
• Pandoc — markdown and markup conversion
• Calibre — ebook format conversion
• Ghostscript — PDF compression and processing
• pdf-lib — PDF operations (merge, split, rotate)
• vtracer & potrace — image-to-SVG vectorization
• Puppeteer — website-to-PDF/PNG capture
• fonttools — font format conversion
• 7-Zip — archive compression and extraction

No proprietary, closed-source, or third-party conversion APIs are used. Your files never leave our server during processing.

Questions?

If you have security concerns or want to report a vulnerability, contact us at [email protected]. We take every report seriously and will respond within 48 hours.