Is ChatToPDF safe?
A fair question — a WhatsApp export can hold years of private conversation. Here is every security and privacy claim we make, stated specifically enough to be checked, with the honest alternative for chats you shouldn't upload anywhere.
Page reviewed and updated 9 July 2026.
Encrypted in transit and at rest
Uploads travel over HTTPS (TLS 1.3). Files are stored on AWS S3 with server-side encryption (AES-256). The only access path to a raw chat file is the automated processing pipeline itself.
Automatic deletion after 7 days — no exceptions
Seven days after a job is created, the source file and the generated PDF are both deleted by a scheduled job that runs against every record older than seven days — including unpaid and abandoned jobs. This is the same schedule stated in our privacy policy; the policy and the actual deletion cron were reconciled and verified on 8 July 2026.
No human reads your chat
Parsing, rendering, and voice-note transcription are fully automated. There is no review step, no moderation queue, and no analytics that touch message content. When voice transcription is used, only the audio files (never the chat text) are sent to Deepgram's API, whose terms prohibit training on API-submitted data by default.
Don't want to upload at all? Use our open-source tool
If your chat is too sensitive to upload anywhere, we publish a free, MIT-licensed command-line converter — whatsapp-chat-to-pdf on GitHub (also on PyPI and npm) — that runs 100% on your own machine. Text-only output, but nothing ever leaves your computer. We'd rather you use that than upload something you're uncomfortable with.
Your card details never touch our servers
Payments are handled by PCI-DSS Level 1 payment processors (card checkout via our merchant of record, or PayPal). We receive a payment confirmation — never card numbers. Every purchase is a one-time charge: no subscription, nothing stored for recurring billing.
7-day money-back guarantee, in writing
If the output isn't what you needed, contact us within 7 days for a full refund — the terms are in our refund policy, not just on a landing page.
What we log, and what we never do
We keep operational logs (job status, error traces, payment records) for debugging and tax compliance — detailed retention periods are in the privacy policy. We do not sell, share, or analyze the content of your conversations, and no chat content is used to train AI models — see our AI policy.
Honest limitations
We're a small, independent product — not a company with a SOC 2 report or an external audit certificate, and we won't pretend otherwise. What we offer instead is verifiability: a short, specific deletion schedule you can hold us to, a privacy policy that matches the actual system behaviour, an open-source local tool for the cases where uploading is the wrong call, and a refund policy in writing. If you have a security question this page doesn't answer, ask us directly — security questions get answered first.