Is it safe to use online file converters?
It depends entirely on what is in the file. Converting a meme, a stock photo or a public timetable through a website is fine, and anyone who tells you to panic about it is selling something. Converting a payslip, a passport scan, a signed contract, a medical result or a photo of your kid is a decision worth making deliberately — because a copy of it lands on a stranger's server, and everything after that is trust.
What "uploading" actually means
Strip away the interface and an online converter does this: your file is copied over the network onto a computer you have never seen, owned by a company you probably cannot name, in a country you did not choose. A program runs on it. A new file comes back. Somewhere, according to a policy you did not read, both copies are supposed to be deleted.
Every risk below follows from that description. None of them requires anyone to be a villain.
Risk 1: retention
Your file does not vanish the instant the conversion finishes. It has to be stored to be processed, and it usually stays stored afterwards — the download link has to keep working. Retention windows of an hour, a day, or several days are entirely normal and openly stated by most reputable services.
That is a defensible engineering decision. It is also a window during which your file sits on someone else's disk, inside their backups, within reach of anything that goes wrong there — a misconfigured bucket, a stolen credential, a subpoena, an acquisition. The policy tells you the intent. It cannot tell you the outcome.
Read the deletion promise carefully; it is an admission. "Your files are permanently deleted from our servers after 2 hours" is written to reassure you, and it does. It also confirms, in the same breath, that your files are on their servers. Both halves of that sentence are true, and people only ever read the first one.
Risk 2: the page itself
Free web tools are funded by advertising, and ad-supported pages are rarely just a page. The typical free converter loads a stack of third-party scripts: ad networks, analytics, session recorders, tag managers. Those are not part of the converter — they are commercial tenants running in the same browser tab as your document, and you are trusting every one of them, plus whoever they subcontract to.
This is also where the genuinely dodgy corner of the category lives: search results for popular conversions are a known target for malvertising, and for "download your converted file" buttons that hand you an installer instead. The converter you meant to use may be perfectly honest. The site you actually landed on may not be it.
Risk 3: jurisdiction, and other people's rules
Where the server is matters, and you usually cannot tell. A free converter with no stated corporate home may be processing your data anywhere, under any legal regime, with any level of obligation to tell you when something goes wrong.
For personal files this is an abstract worry. For work files it is often a concrete rule you are breaking: uploading a client contract, a patient record, an employee's personal data or an unreleased internal document to a random web service is a straightforward policy violation in many organisations, and under regimes like GDPR or HIPAA it can be a regulatory one — you have made an unapproved third party a processor of data that was not yours to hand over.
If the file belongs to your employer or your clients, the question is not whether the service is trustworthy. It is whether you are allowed to make that call on their behalf. Usually you are not.
Risk 4: what is inside the file that you forgot about
You are rarely uploading only what you can see.
- Photos carry EXIF metadata: GPS coordinates often accurate to a few metres, the exact timestamp, the device make and model. A photo taken at home is your home address, in a field, in the file. (You can strip this for free — see how to remove GPS from photos on iPhone.)
- PDFs carry the author name, the software that made them, the original filename and full path, and revision timestamps. Badly redacted PDFs also carry the text under the black boxes, a mistake that has ended careers.
- Office documents carry author names, company names, revision histories and tracked changes.
The conversion may strip some of this or carry it faithfully across. Either way, the original went up the wire intact.
What HTTPS does and does not do
The padlock is necessary and it is not sufficient. HTTPS protects your file in transit: nobody on the café Wi-Fi, nobody at your ISP, nobody in between can read it as it travels.
It does precisely nothing about what happens at the other end, where the file is decrypted, written to disk, and handled entirely at the operator's discretion. HTTPS protects the file from strangers on the wire; it offers no protection from the person you deliberately sent it to. "It's secure, it's got the padlock" is the single most common misunderstanding in this subject.
A workable rule
Ask one question: would I email this file to a stranger who seemed nice?
If yes — a meme, a public document, a photo already on your public profile — use whatever online converter you like and stop worrying. The risk is real but the stake is zero.
If no — anything with your face, your address, your money, your health, your family, or your employer's name on it — do it locally instead. Not because the service is presumed guilty, but because there is no reason to accept even a small risk when the local option costs nothing.
The local options, most of them free and already on your devices:
- Shortcuts on iPhone and Preview on a Mac — both free, both from Apple — cover most image, PDF and media conversions, and the Files app zips and unzips unaided.
- ffmpeg, HandBrake and ImageMagick on a desktop: free, open source, capable of essentially anything, and steeper to learn.
- A converter app that runs on-device — which you can confirm with the Airplane Mode test.
The structural argument, plainly. An on-device converter has no server — so it has no retention policy to trust, no bucket to misconfigure, no breach to disclose, and no terms to quietly change after an acquisition. The question of what they do with your file cannot arise, because they never have your file. Convexy is built that way and works in Airplane Mode — but so do Preview and Shortcuts, and those are free. Use whichever suits; just make the choice knowingly.
Common questions
Are online file converters a scam or a virus risk?
The established services are generally not scams, and treating the whole category as malware is wrong. The real hazards are narrower: ad-heavy pages loading many third-party scripts, malvertising in search results for popular conversions, and lookalike sites whose "download" button hands you an installer rather than your file. The converter is rarely the threat; the page around it sometimes is.
Is HTTPS enough to make an online converter safe?
No. HTTPS encrypts the file while it travels, so nobody in between can read it. It provides no protection whatsoever once the file arrives, where it is decrypted and stored on the operator's disk. The padlock protects you from eavesdroppers, not from the recipient you chose to send the file to.
Do online converters really delete my files?
Most reputable ones say so, with windows from an hour to a few days, and there is no particular reason to think they are lying. But you cannot verify it. You are trusting a policy, an operator, their staff, their cloud provider and their security posture — and a deletion promise is also a confirmation that the file was stored on a server in the first place.
Is it safe to convert my CV or resume online?
Think about what is in it: your full name, home address, phone number, email, employment history, and often your date of birth. That is a complete identity-theft starter pack in one document. It is not a file we would upload to a free ad-supported service to save a click, when converting it locally is free.
Can I use an online converter for work files?
Check before you do. Uploading client contracts, patient records, employee data or unreleased internal documents to an unapproved third-party service is a policy violation in many organisations, and can be a regulatory problem under GDPR or HIPAA — you have made an unvetted company a processor of data that was not yours to share. The service being trustworthy is not the same as you being permitted.
What is the safest way to convert a sensitive file?
Convert it on a device you control, so the file never leaves it. On iPhone, the free Shortcuts app handles common image and media conversions. On a Mac, Preview and Photos cover most images and PDFs. Desktop tools like ffmpeg and HandBrake are free and comprehensive. An on-device converter app also works — confirm it by turning on Airplane Mode and checking that the conversion still runs.