Type “compress PDF” into Google and you’ll get a dozen sites that all work the same way: you drop a file into a box, it disappears for a few seconds, and a smaller (or converted, or merged) version comes back. What most people don’t think about is where the file went during those few seconds.
On almost every one of those sites, your file was uploaded to a server somewhere, processed there, and then made available for you to download. That’s not necessarily malicious — it’s just the easiest way to build a converter. But it means a copy of your document, however briefly, existed on a computer you don’t control, sitting alongside every other file everyone else uploaded that day.
What “runs in your browser” actually means
Modern browsers can do far more than display web pages. Technologies like WebAssembly and the Canvas API let genuinely complex programs — PDF engines, image codecs, even OCR models — run directly on your device, at close to native speed. A tool built this way loads its code once, and from then on every file you feed it is read, processed, and written back out entirely in memory on your machine. Nothing is sent anywhere.
You can actually verify this yourself: open your browser’s network tab (usually under Developer Tools), run a conversion, and watch for outgoing requests. On a browser-based tool, you’ll see the page and its scripts load once — and then silence, even while a 200-page PDF is being processed.
Why it matters more than it seems
For a random meme you want resized, none of this matters much. But a lot of what people run through file converters is exactly the kind of thing you’d rather not hand to a stranger’s server: signed contracts, passport scans, payslips, medical letters, tax documents. Once a file is uploaded, you’re trusting that site’s retention policy, its security practices, and everyone downstream of it — none of which you can verify from a “your file will be deleted after 1 hour” notice.
Processing locally sidesteps the question completely. There’s no server log to worry about, no retention window to trust, and no breach at a converter site that could ever involve your document — because it was never anywhere but your own computer.
How to tell the difference
A genuinely private tool usually says so plainly, and often still works with your Wi-Fi turned off once the page has loaded — a simple, honest test. If a “privacy-friendly” converter needs an active internet connection for every single file, it’s uploading something, no matter what the marketing copy says.