How can I verify my photo isn't being uploaded?

Open your browser's DevTools, click the Network tab, then drop a file and convert. You'll see no outbound request carrying the image bytes. You can also disconnect from the internet entirely after the page first loads — conversion still works because the code is cached locally as a Progressive Web App.

What metadata is in a HEIC photo?

Typical iPhone HEIC files contain EXIF metadata: camera model, lens, ISO, shutter speed, GPS latitude/longitude (if Location Services were on), and the exact timestamp the photo was taken. Uploading the file hands all of that to whoever runs the server.

Will the JPG output still have my GPS location?

By default the JPG keeps the EXIF metadata, including GPS. If you want to strip it, Windows Explorer's right-click 'Properties → Remove properties' menu or macOS Preview's 'Tools → Show Inspector → GPS → Remove Location' handles it after the conversion.

Is this really faster than upload-based converters?

For typical iPhone photos (2–5 MB), yes — usually noticeably faster, because there's no upload round-trip. The bottleneck becomes your CPU rather than your network.

Does this work on a cellular connection?

Yes, and once the page has loaded once it works with no connection at all. The conversion runs entirely on-device.

How to Convert HEIC to JPG Without Uploading Your Photos

Search for "convert HEIC to JPG" and you'll get a wall of look-alike sites: same green CTA, same "100% free, no signup," same instant promise. Pick any of the top ten. Open DevTools, drag your photo in, and watch the Network tab. Almost every one of them does the same thing: it uploads your photo to a server in Frankfurt or São Paulo, runs the conversion there, and hands you back a JPG download URL.

That's a perfectly normal architecture. It's also a privacy trade you may not realize you're making. Here's what's actually happening, and how to do the conversion without it.

Convert HEIC to JPG locally

What's in a HEIC photo, exactly

An iPhone HEIC file is a container. The image is one part of it. The rest is metadata — and there's a lot:

The make and model of the camera (which tells someone you have an iPhone 16 Pro)
The lens, ISO, shutter speed, and aperture
The exact timestamp the shutter clicked, down to the second
GPS latitude and longitude, if Location Services were on for Camera
The orientation of the phone at capture
A unique image identifier the iPhone uses internally

When you hand a HEIC file to an upload-based converter, you hand all of that to whoever runs the server. Most operators are reasonable; some aren't. Either way, you're trusting that:

The TLS connection between you and them isn't intercepted (usually fine).
They delete the file when they say they delete it (you can't actually verify this).
Their server isn't compromised today (you have no way to know).
They aren't selling the metadata derived from your photo (the privacy policy probably says they aren't, but enforcement is a different question).

The local-first alternative

Browsers have changed in the last few years. They can now run native-speed code through WebAssembly (WASM), which means image decoders that used to require a desktop install can run in a tab. The HEIC decoder used by our converter is a WASM build of libheif — the same library used by macOS Preview. It runs on your laptop's CPU, in your browser sandbox. The file never gets posted anywhere.

The page itself is small (a few hundred kilobytes of code) and your photo is large (a few megabytes). If the conversion were happening on a server, the page would have to upload all those bytes. It doesn't.

How to do it in three steps

Open freefileconverter.ai/heic-to-jpg in any modern browser.
Drag your .heic file (or several at once) onto the drop zone.
Click Convert and download the resulting JPG.

That's the whole flow. Total time for a typical 3 MB iPhone photo: under one second on a recent laptop, a couple of seconds on a phone.

How to verify it really isn't uploading

Don't take our word for it. Two ways to check:

1. Open DevTools' Network tab

Right-click the page → Inspect → Network. Hit the record button if it isn't already on. Drop your file and convert. Look for any POST request with your file's size as the payload. There won't be one. The only requests will be the initial page load (HTML, JS, CSS) and small analytics pings — no photo bytes leave.

2. Turn off Wi-Fi after the page loads

Hard mode: load the page once, then disconnect from Wi-Fi or cellular entirely. Drop your file and convert. It still works, because the conversion code is cached locally as a Progressive Web App. An upload-based converter would error out the moment you went offline. Local-first doesn't.

Why doesn't everyone do this?

Two reasons:

Business model. Most converter sites are ad-supported. They want you to stay on the site while a server churns through your file, so they can serve you more impressions. A site that closes the tab in 800 milliseconds isn't great for ad inventory.
Engineering effort. Server-side conversion is the default and has been forever — there's a thousand ImageMagick tutorials online and zero WebAssembly libheif tutorials. The defaults haven't caught up.

Squoosh (Google's image compressor) showed local-first was possible. We've extended the approach to HEIC, HEIC→PNG, HEIC→PDF, PDF→JPG, and around 30 other formats.

What about the JPG output's metadata?

Important nuance: by default, the JPG output preserves the original EXIF metadata, including GPS coordinates. If you're sharing the photo somewhere it shouldn't have your location:

Windows: right-click the JPG → Properties → Details → Remove Properties and Personal Information.
macOS: open in Preview → Tools → Show Inspector → click the GPS tab → Remove Location.
iPhone: share the photo with the "Options" sheet collapsed → Location: Off.

The conversion doesn't strip metadata because most people want it (date and orientation are useful). Stripping it is a different deliberate step.

One last thing

The honest pitch: "no upload" isn't a marketing claim if you can verify it in 20 seconds. We added the DevTools test above because the only way to trust a privacy claim is to be able to check it yourself.

Open the HEIC to JPG converter