Privacy Policy
Last updated: 25 April 2026
TL;DR
MySafePic does not collect, store, or transmit your photos. The entire scanning and metadata-removal process happens inside your web browser. Your photos never leave your device. We do not have a copy of them. We could not give them to anyone — not advertisers, not law enforcement, not ourselves — because we never receive them in the first place.
1. Who we are
This website (MySafePic) is operated by an individual ("the operator") as a personal project. For privacy questions, contact: [email protected].
This Privacy Policy explains what data is and is not handled when you use mysafepic.com and the tools available on it.
2. The photos you analyse
When you select or drop a photo on MySafePic, the photo and its metadata are processed entirely on your own device, by JavaScript running in your browser. Specifically:
- Photos are read directly from your device using the browser's File API.
- EXIF metadata is parsed in your browser using the open-source
piexifjslibrary. - The "cleaned" copy you can download is generated in your browser.
- No photo, no metadata, and no derived data is ever uploaded to any server.
We have no access to your photos under any circumstance.
3. Data we do collect
Even though we do not handle your photos, your browser still communicates with our hosting provider when you load the site. The following limited information is involuntarily exchanged:
| Data | Purpose | Stored by |
|---|---|---|
| IP address (truncated) and request headers | Required by the HTTP protocol; used briefly to deliver the page and detect abuse | Our hosting provider, in standard server logs |
| Your language preference | To remember the language you chose | Your browser's localStorage — never sent to us |
| Approximate geolocation (country) | Inferred by the hosting CDN to route requests; we do not store it ourselves | Our hosting provider |
We do not run our own analytics. We do not set tracking cookies of our own. We do not maintain user accounts on the free version of the site.
4. Third-party services
The site uses the following third parties, each of which has its own privacy policy:
- Google AdSense — displays advertisements. AdSense uses cookies and similar technologies to serve and measure ads. Some of these may be considered personalised advertising depending on your jurisdiction. For details and controls, see https://policies.google.com/technologies/ads and https://adssettings.google.com.
- Hosting and CDN providers — deliver the site files. They may keep brief access logs containing IP addresses for security and performance.
- JavaScript libraries loaded from CDNs — the site loads small open-source libraries (React, piexifjs, etc.) from public CDNs. These CDNs may log requests; the libraries themselves do not transmit your data.
We do not share information with third-party services beyond what is necessary to serve the page and the advertising mentioned above.
5. Cookies
We do not place tracking cookies of our own.
The Google AdSense scripts described above may place cookies on your device for ad personalisation, frequency capping, and fraud prevention. You can opt out of personalised Google ads at https://adssettings.google.com. In the European Economic Area, the United Kingdom, and Switzerland, AdSense will request your consent before setting non-essential cookies; you may refuse and continue to use the site.
6. Your rights under data protection law
Because we do not collect personally identifying information about you in any database we control, most data-subject requests will return "we have no data about you." That said, you have the following rights and may exercise them by emailing [email protected]:
- Access — ask whether we hold any data about you.
- Rectification — ask us to correct any data we may hold.
- Erasure — ask us to delete any data we may hold.
- Objection / restriction — object to processing.
- Portability — receive any data we may hold in a portable format.
- Withdraw consent — where processing is based on consent.
We aim to respond within 30 days.
Brazil (LGPD)
If you are in Brazil, you have the rights set out in Lei Geral de Proteção de Dados (Lei 13.709/2018), including those listed above. The legal basis for the limited processing described in Section 3 is legitimate interest in operating the site (Art. 7, IX). You may file a complaint with the Autoridade Nacional de Proteção de Dados (ANPD) at https://www.gov.br/anpd.
European Economic Area, United Kingdom, Switzerland (GDPR / UK GDPR / FADP)
If you are in the EEA, the UK, or Switzerland, you have the rights set out in the General Data Protection Regulation and equivalent national laws. Our legal basis for the limited processing described in Section 3 is legitimate interest (Art. 6(1)(f) GDPR) in operating and securing the website. You may lodge a complaint with your local data-protection supervisory authority.
California (CCPA / CPRA)
If you are a California resident, you have the rights set out in the California Consumer Privacy Act as amended by the CPRA. We do not sell or share personal information as defined by the CCPA. You may exercise your rights by contacting [email protected].
7. Children
MySafePic is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect data from children. If you believe a child has provided personal data to us, please contact us and we will delete it.
8. Security
We follow standard practices for the parts of the site we operate: HTTPS for all traffic, current versions of dependencies, and a Content Security Policy on pages that warrant one. The strongest protection of your photos, however, is structural: we cannot leak data we never receive.
9. International transfers
The hosting providers used for this site are based in multiple regions; data passing through them (such as IP addresses in logs) may be processed outside your country. Where applicable, providers we use rely on Standard Contractual Clauses or equivalent transfer mechanisms.
10. Changes to this policy
We may update this policy. Material changes will be reflected in the "Last updated" date at the top. Older versions are available on request.
11. Contact
For any privacy-related question or request:
Email: [email protected]