GDPR Compliance Statement
How We Comply with GDPR
wsotoolz.com is built with GDPR compliance as a core principle. Because all processing happens in your browser with zero server involvement and analytics are anonymized, most GDPR requirements do not apply. Below is our detailed compliance statement.
Key GDPR Compliance Points
Data Processing Architecture
All file processing occurs within your browser using:
- JavaScript: For general image/document manipulation
- WebAssembly (WASM): For high-performance compression and format conversion
- Browser APIs: Canvas, File Reader, Blob storage (all ephemeral)
No data is ever transmitted to our servers. Your browser is the only processing environment.
No Personal Data Collection
We do not collect, process, or store:
- Names, email addresses, or phone numbers
- Files you upload (they never leave your device)
- Precise location data
- Device identifiers or cookies for tracking
- IP addresses associated with your activity
Analytics (Privacy-Compliant)
We use Vercel Analytics and Google Tag Manager for anonymized aggregation only. They collect:
- Aggregated, anonymized page view statistics
- General geographic region (country level, not individual IP)
- Browser type and basic device category
This anonymized data is sufficient for us to understand traffic patterns without infringing on privacy rights.
Data Subject Rights (Not Applicable)
Because we do not collect personal data, you have no need to exercise GDPR data subject rights. However:
- Right to Access: No personal data is stored.
- Right to Erasure: No data to erase (local storage is your choice).
- Right to Portability: No data to export.
- Right to Object: You can simply stop using the Service.
Your Browser's Local Storage
We may store your theme preference (light/dark mode) in your browser's localStorage. This is:
- Stored locally on your device only
- Never transmitted to our servers
- Entirely under your control (you can clear it anytime)
Third-Party Services
We use only privacy-respecting services:
- Vercel (Hosting & Analytics): GDPR-compliant, anonymized
- Google Tag Manager: Anonymized event aggregation only
We do not share personal data with any third parties.
Breach Notification
In the unlikely event of a server-side security breach, we would immediately:
- Notify affected users within 72 hours (as required by GDPR Article 33)
- Provide details of the breach and its impact
- Offer recommended remediation steps
However, because all processing is client-side and we do not store files, the risk of a breach affecting your data is exceptionally low.
Data Protection Impact Assessment (DPIA)
A DPIA (required under GDPR Article 35) is not necessary for wsotoolz.com because:
- We process no personal data
- Processing is entirely automated on the client side
- No sensitive data categories are involved
International Data Transfers
Not applicable. Because data is processed entirely in your browser and never transmitted to our servers, there are no international transfers of personal data.
Contact & Disputes
If you believe we have violated GDPR or have concerns about our data practices, please contact:
support@wsotoolz.com
You also have the right to lodge a complaint with your national data protection authority.
Policy Updates
This GDPR Compliance Statement may be updated periodically. The most recent version is always available on this page. Your continued use of wsotoolz.com constitutes acceptance of any updates.
Last Updated: July 8, 2026