🦆
This policy explains what information we process when you use our image uploader, website, and API. Operators of a deployment should tailor retention and subprocessors to their environment; this document describes typical data handling for the application.
Images are processed to validate that the payload is a bitmap we can render, then stored and served as PNG. We associate uploads with your account so you can manage them in the library. Duplicate bytes may reuse stored blobs to save space while keeping separate public links per user where applicable.
Published images are available at direct URLs (short random hex identifiers). Anyone with the link can fetch the image until you remove it or an administrator takes action. Do not upload confidential or personal data unless you understand that risk.
API keys authenticate automated uploads. They are stored in hashed form. Create keys in Settings and revoke any key that is exposed.
We use cookies and similar mechanisms required for sign-in, CSRF protection, and session continuity in the browser.
We retain account and image data until you delete it or your account is removed, subject to backups, legal obligations, and how your operator configures storage. Adjust logging and storage policies on the server that runs this app.
We do not sell your personal information. Data may be visible to hosting providers, administrators of this deployment, or law enforcement when legally required.
We use industry-standard practices such as hashed passwords and HTTPS on properly configured sites. No online service can guarantee perfect security.
You may update profile information, rotate API keys, and delete your account where the product allows. For other requests, contact whoever operates this deployment.
We may revise this policy as the product changes. Review this page periodically; continued use after updates means you acknowledge the new policy.