Privacy Policy
The short version: keptimage processes your images entirely inside your own browser. We never receive, see, or store the photos you work on. The only data that reaches our servers is the account and billing information described below — never your image content.
This Privacy Policy explains how keptimage ("we", "us") collects, uses, and protects information when you use the keptimage website and application at keptimage.com (the "Service"). By using the Service, you agree to this policy.
1. Your images never leave your device
Every operation keptimage offers — background removal, metadata scrubbing, redaction, resizing, compression, format conversion, and the rest — runs locally in your web browser using code that loads once on page visit. Your image content is never uploaded to, transmitted to, or stored on our servers. You can verify this yourself on our Verify page by watching your browser's network tab while you process a photo.
2. Information we collect
Image content
None. We do not collect the photos you open or the pixels within them.
Account information
If you create an account, we collect your email address, which we use to send you a passwordless "magic link" to sign in and to contact you about your account.
Billing information
Payments are processed by Stripe. We do not receive or store your full card number. We store the identifiers and status Stripe returns to us — your Stripe customer ID, subscription ID, plan status, and any prepaid credit balance — so we can apply your plan.
Usage metadata
To enforce plan limits, we record minimal usage events: a timestamp and the name of the tool used (e.g. "redact"). These records never include file names or file content.
Anonymous rate-limiting
For visitors who are not signed in, we enforce a daily free limit using a one-way cryptographic hash of your IP address and browser type, combined with a secret salt that rotates every day (UTC). The hash cannot be reversed to identify you, and yesterday's hashes become unrecoverable once the salt rotates.
Technical and log data
Like most websites, our hosting provider records standard server logs (such as IP address, request time, and user agent) for security and reliability. We use a session cookie (HTTP-only) to keep you signed in, and your browser's local storage for preferences such as theme. Anything else the app remembers stays in your browser and is never uploaded.
What we do not use
We do not use third-party advertising, analytics, tracking pixels, or marketing cookies, and we do not sell your personal information.
3. How we use information
- To provide, maintain, and secure the Service;
- To authenticate you (magic-link sign-in) and manage your account;
- To process payments and apply your plan or credits;
- To enforce free-tier usage limits;
- To respond to support requests;
- To comply with legal obligations.
4. Legal bases (EEA/UK)
Where the GDPR or UK GDPR applies, we process personal data on the bases of: performance of our contract with you (providing the Service); our legitimate interests (security, abuse prevention, improving the Service); your consent (where requested); and compliance with legal obligations.
5. Service providers (subprocessors)
We share limited data with vendors that operate the Service on our behalf. They are bound by their own privacy commitments and may not use your data for their own purposes:
- Vercel — website and application hosting (privacy policy);
- Stripe — payment processing (privacy policy);
- Resend — transactional email delivery, such as sign-in links (privacy policy);
- Neon / Vercel Postgres — database for account and usage metadata.
6. Data retention
We keep account and billing records for as long as your account is active and as needed to comply with legal, tax, and accounting requirements. Usage-metadata records are retained only as long as needed to enforce limits. Anonymous rate-limit hashes are rendered unrecoverable when the daily salt rotates. You may request deletion of your account at any time.
7. Your rights
Depending on where you live, you may have the right to access, correct, delete, or export your personal data, to object to or restrict certain processing, and to withdraw consent. California residents have rights under the CCPA/CPRA, including the right to know and to delete — and note that we do not sell or "share" personal information as those terms are defined under California law. To exercise any right, email founder@keptimage.com. We will respond within the timeframe required by applicable law.
8. International transfers
We are based in the United States and our providers may process data in the United States and other countries. Where required, transfers rely on appropriate safeguards such as the Standard Contractual Clauses.
9. Children
The Service is not directed to children under 16, and we do not knowingly collect personal data from them.
10. Security
We use industry-standard measures to protect the limited data we hold, including encryption in transit, HTTP-only session cookies, and a strict Content-Security-Policy. Because your images are never transmitted to us, the most sensitive data you handle never leaves your control. No method of transmission or storage is 100% secure, but the architecture is designed to minimize what is at risk.
11. Changes to this policy
We may update this policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you.
12. Contact
Questions about this policy or your data? Contact us at founder@keptimage.com.