Your files are your business. We've built CocoConvert with security and privacy at the core so you can convert with confidence.
All file transfers between your browser and our servers use TLS 1.3 encryption. Your files are never transmitted in plain text, ensuring complete confidentiality during upload and download.
Uploaded files and converted outputs are automatically deleted from our servers within 1 hour of conversion. We do not retain your files beyond what is needed to complete the conversion process.
CocoConvert runs on Google Cloud Platform with enterprise-grade security. Our infrastructure benefits from Google's physical security, network protection, and continuous monitoring capabilities.
Your files are processed entirely by automated systems. No CocoConvert employee or contractor can view, access, or read the content of your uploaded files at any point during the conversion pipeline.
Every uploaded file undergoes strict MIME type and extension validation before processing. Malicious or unsupported files are rejected immediately, protecting both you and our infrastructure.
We never share, sell, or provide your files to any third party. Conversion happens entirely within our own infrastructure — your data never leaves our controlled environment.
Our entire platform is served over HTTPS with HSTS headers enabled. This prevents man-in-the-middle attacks and ensures your browser always connects securely to cococonvert.com.
Our conversion engines, dependencies, and container images are updated on a regular cycle. We monitor for CVEs and apply patches promptly to maintain a hardened environment.
When you upload a file, it is transmitted over an encrypted TLS connection to our servers hosted on Google Cloud Run. The file is temporarily stored in memory or an ephemeral container filesystem for the duration of the conversion. Once the conversion completes and you download the result, both the original and converted files are queued for deletion.
All files are automatically purged within 60 minutes. Our Cloud Run containers are stateless — when a container instance scales down, any residual data is destroyed along with the container. We do not back up, archive, or retain user-uploaded files.
If you create an account, we store only your name, email address, and authentication provider. Usage statistics (conversion count, minutes used) are recorded for quota enforcement. We never store the content of your files in your account or in our database.
If you discover a security vulnerability, please report it responsibly by emailing security@cococonvert.com. We take all reports seriously and will respond within 48 hours.
Your files stay private. No storage. No sharing. Just fast, secure conversion.
🥥 Start Converting