Last updated: May 27, 2026
This Privacy Policy describes how Shift ("we", "us", "our") collects, uses, and protects your information when you use our file conversion service at shiftconvert.me.
When you create an account, we collect your email address. No other personal information is required or stored.
Files you upload for conversion are processed in isolated pipelines and permanently deleted from our servers within 24 hours. We do not read, analyze, sell, or share the contents of your files.
We automatically collect standard server log data including IP address, browser type, pages visited, and timestamps. This data is retained for up to 24 months and used exclusively for security monitoring and service reliability.
We use only essential session cookies required for authentication and service functionality. We do not use analytics, advertising, tracking, or remarketing cookies.
We use your Personal Data solely to:
We do not sell, rent, or share your Personal Data with third parties for commercial purposes.
| Data Type | Retention Period |
|---|---|
| Account information (email) | Duration of account + 24 months after closure |
| Uploaded files | Permanently deleted within 24 hours of conversion |
| Server logs (IP, timestamps) | Up to 24 months |
| Session cookies | Deleted when browser session ends |
When retention periods expire, data is securely deleted from our systems. Residual copies may remain in encrypted backups for a limited period and are not restored except for security or disaster recovery purposes.
Your data may be processed on servers located outside your country. Where required by applicable law, we ensure international transfers are subject to appropriate safeguards. No transfer of your Personal Data will occur to any organization or country without adequate security controls in place.
Depending on your jurisdiction, you may have the right to:
GDPR (EU/EEA users): You have the rights listed above under the General Data Protection Regulation. To exercise them, contact us at the address below. We will respond within 30 days.
CCPA / CPRA (California residents): You have the right to know what Personal Data we collect, to delete it, to opt out of its sale (we do not sell data), and to non-discrimination for exercising your rights.
CalOPPA (California residents): We do not track users across third-party websites and do not respond to Do Not Track signals as we do not engage in cross-site tracking.
To exercise any of these rights, contact us at the address below.
The Service is not directed at anyone under the age of 16. We do not knowingly collect Personal Data from children under 16. If you believe a child has provided us with Personal Data, contact us and we will delete it promptly.
We may disclose your Personal Data only in the following circumstances:
We use commercially reasonable means to protect your Personal Data. However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we will notify registered users by email prior to the change taking effect.
If you have questions about this Privacy Policy or wish to exercise your data rights: