DOC_REF // PRIV-2026-V1

Privacy Policy

Last updated: March 22, 2026. The short version: your images never reach us, we collect minimal website analytics, and we do not sell anything about you to anyone. The long version is below. We wrote it so a normal person can actually read and understand it.
THE ACTUALLY SHORT VERSION
Do we see your images?
No. They process locally in your browser. We never receive them.
Do we store your files?
No. Nothing is uploaded. Nothing is stored. Nothing to delete.
Do we sell your data?
No. We do not sell, rent, or trade any information about you.
Do we use cookies?
Yes, minimal ones. Analytics and site function. Not advertising.
Do we collect personal info?
No account required. No name, no email, no personal data collected.
What do we collect?
Anonymous page view analytics. That's basically it.
SECTIONS
1. Who We Are2. Your Images (Read This)3. What We Actually Collect4. Why We Collect It5. Cookies6. Who Sees Your Data7. How Long We Keep It8. Your Rights9. Children10. Third-Party Services11. Security12. GDPR and CCPA13. Policy Changes14. Contact

1. Who We Are§ 1.0

FreeImageTools.org is an independent website that provides free, browser-based image processing tools. The site is operated by its owner and does not belong to a corporation, VC-backed startup, or advertising company.

There is no company account signup. No shareholder meeting where your data gets discussed. Just a website with tools that respect your privacy because that is how the site was built, not because of a legal requirement.

For any data-related questions, contact us at [email protected].

/// HUMAN TRANSLATION

We're an independent site. Not Google. Not Adobe. Not a subsidiary of anyone. One site, 25 tools, no investor pressure to monetize your data.

2. Your Images — Read This Part§ 2.0

This is the most important section. Read it.

When you use any tool on FreeImageTools, your image file is loaded into your browser's memory from your local device. Our JavaScript code processes it there, on your machine, using your CPU and your RAM. The processed output is generated in your browser and offered as a download.

At no point does your image file travel over the internet to our servers. We do not have a server-side image processing pipeline. We do not receive uploads. We do not store files. We do not have a database of processed images.

This is not a marketing claim. It is an architectural fact. You can verify it yourself by opening your browser's developer tools, going to the Network tab, and watching what requests are made when you process an image. You will see no upload of your file.

What this means practically:

  • We cannot see your images. Not even if we wanted to.
  • We cannot recover a file you forgot to download. It was never on our side.
  • No one can compel us to produce your images in a legal proceeding, because we do not have them.
  • Your GDPR / CCPA rights around image data are not implicated here, because we do not process that data at all.
  • Processing a confidential document or sensitive photo here carries no data exposure risk on our side. The risk, if any, is on your device.
/// HUMAN TRANSLATION

Your photos never leave your computer. This is the main thing. Compress your boss's confidential presentation screenshots, your own medical images, photos you'd rather not have on a random company's server. All fine here. We literally cannot see any of it. The processing is happening in your browser tabs.

3. What We Actually Collect§ 3.0

Since we do not have user accounts and do not receive your images, our data collection is minimal. Here is what we do collect.

Website Analytics
What: Page views, which tool pages are visited, approximate country, device type (desktop vs mobile), browser type, referral source (where you came from)
Why: To understand how many people use the site, which tools are popular, and where to focus improvements. This data is processed in aggregate. We cannot identify individual visitors from it.
Kept for: Up to 14 months, then deleted
Technical Data
What: IP address (anonymized), browser version, operating system, screen resolution
Why: For server logs, security monitoring, and debugging issues. Standard for any website.
Kept for: 90 days in server logs, then deleted
Cookies
What: Session cookies, preference cookies (dark mode setting), analytics cookies
Why: See Section 5 for the full breakdown. Short version: we use minimal cookies and none of them are advertising cookies.
Kept for: Session cookies expire when you close the tab. Others last 30 days to 1 year.
Feedback Submissions
What: If you use the feedback form on the homepage, we receive the text you typed
Why: To read bug reports, feature suggestions, and messages from users. We need to receive this to respond to it.
Kept for: Until acted upon, then deleted. We do not build profiles from feedback.
/// HUMAN TRANSLATION

We collect anonymous analytics about which pages people visit, some technical data for server logs, cookies (minimal ones), and the text of feedback form submissions. That's the complete list. We do not collect your name, email, address, payment info, or anything personal because we never ask for it.

4. Why We Collect It§ 4.0

Analytics data helps us understand whether the site is working. If the compress tool page has a 95% bounce rate and nobody downloads anything, something is wrong and we should fix it. If color palette is getting 10x the traffic we expected, maybe we should write more content about it. That's the use case.

Server logs exist because that is what servers do. They record requests so that when something breaks we can figure out why. After 90 days the logs are gone.

Feedback form data exists to read it and respond to it. We don't run it through a CRM. We don't build profiles. Someone sends a bug report, we read it, we fix the bug.

We do not use your data for advertising. We do not create behavioral profiles. We do not run retargeting campaigns. We do not sell anything.

5. Cookies§ 5.0

We use cookies. Here is exactly what each one does.

Session Cookie
ESSENTIAL
Keeps your browser session working while you use the site. Remembers your dark/light mode preference within the current visit.
Opt out: No — the site doesn't work without it  |  Expires: When you close the browser tab
Preference Cookie
FUNCTIONAL
Remembers your dark mode or light mode choice across visits. Without it, you'd have to toggle it every time you come back.
Opt out: Yes — you'll just lose the saved preference  |  Expires: 1 year
Analytics Cookie
ANALYTICS
Counts page views and tracks which tools people use. The data is anonymized and aggregated. We use a privacy-focused analytics tool that does not build individual user profiles.
Opt out: Yes — use the cookie consent banner  |  Expires: 30 days
Advertising Cookie
ADVERTISING
This site displays ads served by Google AdSense. Google may use cookies to show ads based on your prior visits to this site or other sites. You can opt out of personalized advertising by visiting Google's Ad Settings.
Opt out: Yes — visit g.co/adsettings or use the cookie consent banner  |  Expires: Up to 13 months

This site uses Google AdSense to display ads. Google AdSense may use cookies to serve ads based on your prior visits to this site or other websites. You can opt out of personalized ads by visiting g.co/adsettings. We do not use Facebook Pixel, remarketing tags, or affiliate tracking cookies beyond what AdSense requires.

/// HUMAN TRANSLATION

Four cookies total. One keeps the site working, one saves your dark mode preference, one counts page views, one is used by Google AdSense to show ads. You can control the last two through the cookie consent banner or Google Ad Settings.

6. Who Sees Your Data§ 6.0

This is the sharing question. Here is the complete list of who sees what.

Our Hosting Provider
Sees: Server logs, technical data
Why: The servers that serve the website are hosted somewhere. They process requests which include your IP address.
Contractually bound: Yes — data processing agreement in place
Our CDN Provider
Sees: Requests for static assets (scripts, fonts, the background removal model)
Why: Content delivery networks serve our static files faster globally. Your image files are not static assets and never pass through the CDN.
Contractually bound: Yes — standard CDN data processing terms
Our Analytics Provider
Sees: Anonymized page view data, device type, approximate country
Why: To count traffic and understand usage patterns. We use a privacy-focused analytics service that does not sell data and processes it anonymously.
Contractually bound: Yes — privacy-first analytics, no personal data sharing
Google AdSense
Sees: Cookie data and ad interaction data for serving and measuring ads
Why: This site shows display ads via Google AdSense to keep the service free. Google uses cookies to serve relevant ads. Your image files are never shared with Google through AdSense.
Contractually bound: Yes — Google's data processing terms apply
Law Enforcement
Sees: Server logs if legally required by valid court order or legal process
Why: If we receive a valid legal order compelling disclosure, we comply with the law. We would push back on overreaching requests.
Contractually bound: N/A — legal requirement
// WE DO NOT SELL YOUR DATA

We do not sell, rent, trade, or give away your personal data to data brokers or marketing companies. The site is funded by Google AdSense display ads. AdSense may use cookies for ad personalization, but we do not share your image files or personal information with advertisers. You can opt out of personalized ads at any time via Google Ad Settings.

7. How Long We Keep It§ 7.0

We keep data for as short a time as makes sense for the purpose it was collected.

Server logs
90 days
Debugging and security incident investigation
Analytics data
14 months
Standard analytics retention, then deleted or aggregated into anonymous summaries
Preference cookies
1 year
So you don't have to reset dark mode every time you visit
Feedback submissions
Until resolved
We read them, act on them, then delete them
/// HUMAN TRANSLATION

Nothing we collect sticks around longer than it needs to. Server logs gone in 90 days. Analytics gone in 14 months. Feedback gone after we deal with it. We're not building a historical archive of who visited what page when.

8. Your Rights§ 8.0

Even with minimal data collection, you still have rights over what little data we do hold.

Right to Know
You can ask what data we hold about you. Given we don't collect personal information and anonymize analytics, the answer is usually 'very little, and here's the breakdown.'
Right to Delete
You can ask us to delete what we have. Since it's mostly anonymous analytics, there may not be anything identifiable to delete. We will tell you honestly.
Right to Object
You can object to our analytics data collection by opting out of analytics cookies. Use the cookie preferences panel in the footer.
Right to Portability
If we somehow hold data about you in an identifiable form (like a feedback submission), you can ask for a copy of it.
Right to Correct
If you've submitted feedback with incorrect information, let us know and we'll update or delete it.
Right to Complain
If you think we're mishandling your data, you can complain to your local data protection authority. EU users go to their national DPA. UK users go to the ICO at ico.org.uk.

To exercise any of these rights, email [email protected]. We will respond within 30 days. Because we collect so little personal data, most requests are straightforward to fulfill.

/// HUMAN TRANSLATION

You have the right to know, delete, and control your data. The slightly funny thing is that we collect so little about you that most data rights requests resolve in about two sentences. But the rights are real and we will honor them.

9. Children§ 9.0

FreeImageTools is not directed at children under 13 (or under 16 in the EU). We do not knowingly collect any personal information from children. Since we don't collect personal information from anyone, this is largely academic.

If you are a parent and you think your child has used this site and somehow submitted personal information, contact us at [email protected] and we will address it.

10. Third-Party Services§ 10.0

Some components of FreeImageTools use third-party libraries and services. The background removal tool downloads its AI model from a CDN. Our site loads fonts from Google Fonts. Analytics is handled by a third-party analytics service.

This site is monetized with Google AdSense display advertising. Google AdSense may place cookies on your browser to serve and measure personalized ads. Google's use of advertising cookies enables it and its partners to serve ads based on your visit to this site and other sites on the internet. You may opt out of personalized advertising by visiting g.co/adsettings. For more information about how Google uses data, see How Google uses information from sites that use our services.

These third parties handle only technical and ad-related data, not your image files. Our blog may link to external sites. Once you leave FreeImageTools and land on another site, their privacy policy applies. We are not responsible for third-party privacy practices.

The open-source libraries powering our tools (browser-image-compression, heic2any, jsPDF, react-easy-crop, react-dropzone, @imgly/background-removal, and others) run locally in your browser and have no server-side data collection of their own in our implementation.

11. Security§ 11.0

The best security for image data on our platform is the fact that we never receive it. There is no image database to breach because there is no image database.

For the data we do handle (server logs, analytics, feedback), we use standard security measures: encrypted connections (HTTPS everywhere), access controls on server infrastructure, and reputable hosting and service providers.

If you discover a security vulnerability in our site, please report it to [email protected] before disclosing it publicly. We will acknowledge your report within 48 hours and work to fix real vulnerabilities promptly.

/// HUMAN TRANSLATION

Your images are safe because they never leave your device in the first place. That's the strongest possible security guarantee. For everything else we handle, we use standard web security practices. And if you find a bug, please tell us before tweeting about it.

12. GDPR and CCPA§ 12.0

If you are in the EU or UK, GDPR applies to personal data we process. Since we don't collect personal data in any traditional sense (no name, no email, no account), most GDPR obligations around consent and data subject rights operate in a simplified way here. The analytics data we collect is anonymized and therefore falls outside GDPR's scope in most interpretations. Our cookie consent mechanism covers the areas where consent is required.

If you are a California resident, CCPA gives you additional rights. We do not sell personal information (CCPA Section 1798.100). We do not discriminate against users who exercise privacy rights. To submit a CCPA request, email [email protected] with "California Privacy Request" in the subject line.

If your jurisdiction has specific data protection laws we have not mentioned here, email us. We will tell you honestly how our practices relate to those laws. Our general approach is that we collect the minimum necessary data and respect user rights. That aligns with most privacy regulations worldwide.

13. Policy Changes§ 13.0

We can update this policy when our practices change. We will update the "Last updated" date at the top. For significant changes, we will post a notice on the site.

Since there is no account system, we cannot email you directly about policy changes. Check the date at the top if you want to know whether the policy has changed since you last read it. We keep previous versions archived and will share them on request.

14. Contact§ 14.0

Privacy questions get real answers here. Here is who to contact.

PRIVACY QUESTIONS
Any question about this policy or how we handle data. Response within 5 business days.
DATA RIGHTS REQUESTS
Access, deletion, correction requests. Include 'Data Rights Request' in the subject line.
SECURITY CONCERNS
Vulnerabilities, suspicious activity. We read this one fast.
EVERYTHING ELSE
General questions, feedback, tool suggestions. We're friendly.
[END OF PRIVACY POLICY]
FreeImageTools.org — Version PRIV-2026-V1 — Effective March 22, 2026