Our Data Philosophy
At Crop Image, we believe your visual data is your own. Our technical architecture is designed around "Local-First" principles, meaning your images are processed within your browser sandbox and never touch our servers.
Information Collection
We minimize data collection to the absolute necessity required to maintain service stability and improve user experience.
We Process (Locally)
- Image pixel data
- File metadata (EXIF)
- Crop coordinates
We Store (Servers)
- Account email (if signed up)
- Subscription status
- Usage telemetry (anonymous)
Cookie Policy
We use essential cookies to maintain your session and remember your preferences (like theme or default output format). We do not use third-party tracking or advertising cookies.
- Authentication: Keeping you logged into your account.
- Preferences: Saving your preferred aspect ratios.
- Analytics: Understanding general traffic patterns via privacy-friendly tools.
User Rights (GDPR/CCPA)
Regardless of your location, we extend high-level data rights to all users:
- Right to Access: Request a copy of the minimal data we hold.
- Right to Erasure: Delete your account and all associated data instantly.
- Right to Portability: Export your account settings and history.
- Right to Object: Opt-out of any non-essential telemetry tracking.
Third-Party Services
To provide our service, we rely on a few trusted infrastructure partners who adhere to strict security standards:
- Stripe: Payment processing (we never see your card details).
- Vercel: Website hosting and edge distribution.
- Postmark: Transactional email delivery.
Security Protocols
Our application uses industry-standard TLS encryption for all data in transit. Because we use WebAssembly for client-side processing, the "attack surface" for your image data is virtually non-existent on our backend.
Questions?
If you have concerns about how we handle your data, please contact our Data Protection Officer at privacy@cropimage.io.