Before you drag a sensitive file into any converter, see exactly what you are exposing. Compare the data-risk of a cloud upload against fully local, zero-upload processing β calculated transparently in your browser.
Estimate how much sensitive data you expose by uploading a document to a cloud converter versus processing it locally in your browser. This is a relative risk indicator based on document sensitivity, provider retention posture, and frequency β not legal advice.
Bank statements, invoices, tax forms, payroll
No published retention or audit history.
Files are transmitted to and stored on a third-party server, expanding your attack surface and retention liability.
Processing runs entirely in your browser via WebAssembly. Zero bytes leave your device.
Risk reduction
Switching to local processing
This calculator runs 100% in your browser. No inputs are transmitted or stored.
Browse private toolsThe convenience of a cloud converter hides a structural truth: to transform your file, the service must first take custody of it. That single act creates four distinct exposure vectors that no privacy policy can fully erase.
Every cloud converter must receive your file over the network and write it to a server. Even with encryption in transit, the plaintext exists on third-party infrastructure that you do not control.
Most free tools reserve the right to retain, analyze, or train models on uploaded content per their terms. "Deleted after 1 hour" still means the data was fully accessible on their systems during that window.
Uploading medical, financial, or legal documents can trigger GDPR, HIPAA, or contractual obligations. Once a file leaves your device, you have delegated custody to a vendor whose jurisdiction you may not know.
A single provider breach can expose millions of usersβ documents at once. Local processing has no centralized honeypot β there is simply nothing to exfiltrate from a server that never received your file.
FileMint runs every tool inside your browser using WebAssembly. Your documents are read from your device, transformed in local memory, and saved back β without a single byte crossing the network. There is no server to trust, no retention window to worry about, and no breach blast radius to calculate.
No transmission
Files never leave your device.
No retention
Nothing is stored server-side.
No honeypot
Nothing for a breach to expose.
It depends entirely on the document. A public marketing image carries little risk, but uploading tax returns, medical records, signed contracts, or source code to a cloud converter expands your exposure: the file is transmitted to and stored on a third-party server, often with retention and training rights buried in the terms of service. Local, browser-based tools eliminate that exposure because the file never leaves your device.
Client-side (or local) processing means the conversion runs entirely inside your web browser using technologies like WebAssembly. Your file is read from your device, transformed in browser memory, and written back to your device. No bytes are uploaded to any server, so there is no transmission, storage, or retention risk.
The calculator is a transparent relative risk indicator, not a legal or compliance assessment. It combines document sensitivity, the provider retention posture, processing frequency, and whether the file contains personally identifiable information into a 0β100 score. The methodology is open: cloud risk scales with sensitivity Γ provider exposure Γ frequency, while local risk stays near zero because nothing is transmitted.
Policies vary. Some major brands claim ISO 27001 and GDPR compliance but still store files server-side; free aggregators often state files are deleted after roughly an hour; many generic converters publish no clear retention policy at all. In every cloud case the file has already been fully transmitted and accessible on infrastructure outside your control.
As a rule of thumb, avoid uploading anything you would not email in plaintext to a stranger: government IDs, financial statements, tax forms, medical records, signed legal agreements, and proprietary source code. For these, prefer a local, zero-upload tool.
This calculator is a relative risk indicator, not a legal or compliance assessment. The model combines four transparent inputs β document sensitivity (1β10), provider retention posture, processing frequency, and whether the file contains personally identifiable information β into a normalized 0β100 cloud score. Local processing scores near zero because no data is transmitted. All computation happens in your browser; no inputs are stored or sent anywhere. For a deeper technical explanation of how to verify zero-upload behavior yourself, see our client-side processing guide.