How privacy works
We can't ask you to read our source code, so instead we make our privacy promise verifiable. This page explains, in plain language, how the tools process your files on your own device — and how you can confirm in about 30 seconds that nothing is uploaded.
How Private Tools works
You open a tool
Each tool is its own page you can reach straight from a search result. There's no sign-up wall and no upload step before you start.
Your browser downloads the tool's code
Like any website, the page and its JavaScript load once from our server (or a CDN). From then on, the logic that does the work lives in your browser.
Your file is processed locally on your device
When you pick a file, it's read and processed in your browser's memory using JavaScript, WebAssembly and Web Workers — right there on your machine.
The file is never uploaded to our server
There is no upload request. The bytes of your document stay on your device the whole time the tool is running.
We don't store your files
Because nothing is uploaded, we never receive your file names, contents, images or documents — so there is nothing for us to keep, see or share.
How to verify it yourself
Don't take our word for it. Your browser already ships with everything you need to check. Here is the 30-second version:
Open your browser's developer tools
Press F12, or right-click the page and choose Inspect (Cmd+Option+I on a Mac).
Go to the Network tab
It lists every request your browser makes. Leave it open while you work; you can tick "Preserve log" so nothing scrolls away.
Pick a file and run the tool
Use the tool as you normally would — for example, merge two PDFs or remove the metadata from a photo.
Watch the requests
While the tool works, you will NOT see your file being uploaded. The result is produced with no outbound request carrying your document.
What you may see
A tiny anonymous usage event (which tool ran, and whether it succeeded) sent to /api/track. It never contains your file or its contents — see exactly what we collect below.
- how-privacy-worksdocument200
- app.cssstylesheet200
- main.jsscript200
- general-sans.woff2font200
- api/trackbeacon204
0 file uploads — No request carries your file after you pick it. The only outbound call is an anonymous /api/track event.
Honest about the limits
Privacy-first doesn't mean we overpromise. A few things we are careful never to claim:
A signature you draw or type onto a PDF is a visual signature. It is not a certificate-based, legally binding electronic signature (such as a qualified eIDAS e-signature).
Blurring or drawing over part of an image is a visual edit. Where the underlying pixels aren't actually removed, it can sometimes be reversed — so don't rely on blur alone as secure removal of sensitive data. Use solid black-out and re-export instead.
Some conversions (HEIC, AVIF, WebP and similar) depend on what your browser supports. Where your browser can't do it, the tool tells you honestly instead of pretending it worked.
What we do collect
To learn which tools are useful, we record a small, anonymous usage event when a tool runs: which tool it was and whether it succeeded or failed, plus the coarse data any website sees (rough country, browser type, referrer). These events never include your files, file names, or their contents — there is nothing personal in them. Full detail is in our Privacy Policy.
Try a private tool
Browse by category
Frequently asked questions
Do my files get uploaded to a server?
No. Every tool processes your file in your browser, on your own device. There is no upload step — and you can confirm it yourself in the Network tab of your browser's developer tools.
Can I remove metadata from a PDF or photo without uploading it?
Yes. The Remove PDF metadata and Remove image metadata tools strip metadata entirely in your browser, so the file never leaves your device.
Do the tools work offline?
Once the page has loaded, most tools keep working even if you go offline, because the processing runs locally. Only the initial page load needs a connection.
Is this open source?
Not currently. Instead of asking you to trust the code, we make privacy verifiable: open your browser's Network tab, run any tool, and confirm that no file is uploaded.
Why should I trust a "no upload" claim?
Because you don't have to trust it — you can check it. Open developer tools, run any tool, and watch that your file produces no upload request.