keptimage
Open App
Radical transparency

Don't trust us. Verify it yourself.

Open DevTools, switch to the Network tab, process a photo. Your image never leaves your browser — see for yourself.

Open the app Show me how

Verify in five steps.

Works in Chrome, Edge, Firefox and Safari. No install required — DevTools ships in every modern browser.

  1. Open the app

    Click /#/app in a new tab. Keep this tab open as a guide.

  2. Open DevTools

    Press F12 on Windows or Cmd + Option + I on Mac. Or right-click anywhere on the page and choose Inspect.

  3. Switch to the Network tab. Disable cache. Clear.

    Tick the "Disable cache" checkbox so the browser doesn't quietly reuse anything. Click the trash icon to clear existing entries.

  4. Use any image tool

    Start with Remove Metadata or Resize. Drop a photo in and run it.

  5. Watch the Network tab during processing

    Filter by "Fetch/XHR". Your image never appears in any request. The one call keptimage makes per run is a tiny POST /api/usage/track carrying only the tool name (e.g. "metadata") to count it against the free daily limit — click it and inspect the payload: no image, no name, no pixels. Everything else is the initial page load.

Or watch from here, no DevTools required.

Live counters below come from the same browser API your DevTools reads. Drop a photo, click Run, and see whether the "keptimage" number moves. (It won't.)

Live network monitor resource entries · PerformanceObserver
To keptimage servers
0
0 during last run
To third-party CDNs
0
0 during last run
Total since page load
0
includes this page
Waiting for an image…

What a sketchy version would look like.

This is the architecture nearly every image SaaS uses. Avoid any tool that does this with private photos, IDs, or medical images.

// What most image tools do — DO NOT use any tool that does this
// with private photos, IDs, or medical images:
fetch('/api/process', {
  method: 'POST',
  body: yourImageFile,   // your photo leaves your browser here
});

// keptimage — everything stays in memory:
const bitmap = await createImageBitmap(file);
// ...draw to a canvas, transform locally...
canvas.toBlob(blob => download(blob));
// no fetch, no upload — the result is offered as a download

Read every line of source.

Nothing keptimage ships is minified or obfuscated — open any file below, or view-source on any page to read the rest.

js/app.js js/ui.js js/usage.js js/tools/metadata-scrub.js js/tools/resize.js js/auth.js

What we DO send.

Radical transparency means writing down everything — including the small stuff.

A usage counter. Each time you run a tool, your browser sends the tool's name (e.g. "metadata") to /api/usage/track so we can enforce the free daily limit — never the image, its name, size, or pixels. Signed in, it's tied to your account; signed out, to a one-way hash of your IP that rotates every day.

Account & billing. If you sign in, your email address and a session cookie. If you upgrade, Stripe handles the payment — we never see your card. On load, the app asks our server once whether you're signed in (/api/me).

That's it. No analytics SDK, no crash/error reporting, no third-party trackers, no file names, no hashes, no image dimensions, no IP-to-image correlation. The Network tab confirms it in real time — you'll see one small /api/usage/track call per run, carrying just the tool name.

Audit history.

The plan is to stop being the only voice telling you we're trustworthy.

Target: independent security audit by a third-party firm (Cure53 or Trail of Bits). The full report will be published on this page — including any findings and our remediation. No NDA-protected summaries.

Ongoing: we keep this page updated with every JS dependency, every CDN we load from, and the cryptographic hash of each release bundle. If something changes, you'll see it here first.

Ready to use a tool you can actually inspect?

Open keptimage