🔐

TLS 1.3 everywhere

All connections use TLS 1.3. Older protocol versions are rejected. HSTS enforced with a 1-year max-age and preload list inclusion.

🏗️

Isolated containers

Every conversion job runs in an ephemeral container with no network access and no persistent storage. Containers are destroyed immediately after the job completes.

🔑

AES-256 at rest

All stored files are encrypted with AES-256-GCM. Encryption keys are managed by AWS KMS with automatic rotation. No QuickConvert employee can access your files.

🛡️

DDoS protection

Infrastructure protected by Cloudflare's global network with automatic DDoS mitigation and WAF rules.

🔍

Vulnerability disclosure

We run a responsible disclosure programme. If you find a security issue, please email security@quickconvert.uk. We aim to respond within 24 hours.

📋

SOC 2 Type II

QuickConvert is SOC 2 Type II certified. Annual audits cover security, availability, and confidentiality. Report available to Enterprise customers under NDA.