1. Who is responsible?
FileMorph is operated by [PLACEHOLDER: Full name], [PLACEHOLDER: Address]. Contact: [PLACEHOLDER: email]. See Impressum for full contact details.
2. What data we process
Uploaded files: Files you upload for conversion or compression are processed entirely server-side and deleted immediately after the converted output is returned to you. No file content is stored, logged, or retained in any form.
Server logs: Our web server automatically records standard access log data for each request: IP address, request timestamp, HTTP method, URL path, response status code, and response size. These logs are retained for a maximum of 30 days for security and debugging purposes, then automatically deleted.
API keys: If you generate an API key via the command-line tool, the SHA-256 hash of your key is stored in a local file on the server. The plaintext key is never stored.
3. Legal basis (GDPR Art. 6)
Server log processing is based on our legitimate interest (Art. 6(1)(f) GDPR) in operating a secure and reliable service.
4. Hosting
This service is hosted at [PLACEHOLDER: hosting provider name and country]. Your requests are routed through their infrastructure. See [PLACEHOLDER: hosting provider's] privacy policy for their data processing terms.
5. Your rights (GDPR)
You have the right to access, rectify, erase, and restrict processing of your personal data (Art. 15–21 GDPR). To exercise these rights, contact us at [PLACEHOLDER: email]. You also have the right to lodge a complaint with your local data protection authority.
6. No cookies, no tracking
FileMorph Community Edition does not use cookies, local storage for tracking, analytics, or any third-party tracking scripts. The only external resource loaded is the Tailwind CSS CDN for styling.
7. Changes to this policy
We may update this policy when the service changes (e.g., when Cloud Edition launches with accounts and file storage). The date at the top indicates the current version.