Third Parties | ConvertUnlimited

Short answer

Trust claims must specify which build is being discussed. The privacy build is generated separately and audited for known third-party runtime references.

Build boundary

Verification path

Use the verification page, browser DevTools, and repository privacy tests to inspect the behavior instead of relying on marketing language.

Public site

Privacy build

No ads: Ad scripts and ad scaffold DOM are removed from the generated artifact.
No analytics: GTM, GA4, and platform analytics wrappers are stripped from the privacy build.
No remote fonts: Remote font references are removed.
No runtime CDNs: Required runtime libraries are served from same-origin vendored files.
No host injection: Cloudflare Web Analytics, Zaraz, Rocket Loader, email obfuscation, and injected challenge scripts must remain disabled for privacy.convertunlimited.com.

Trust topics

FAQ

Does the privacy build load Google Tag Manager?

No. GTM is stripped from the privacy build.

Does the privacy build load Cloudflare Web Analytics?

It should not. If a beacon appears in rendered HTML, that is a Cloudflare dashboard configuration problem that must be disabled.

Are vendored libraries third-party code?

They are third-party libraries served from the same origin and tracked in the repository inventory.

Review note

Trust documentation reviewed: May 2026. These pages describe the current public and privacy-build architecture and should be updated when deployment, telemetry, or runtime dependencies change.

Third-party and runtime script policy