Security

Local Image Processing

Your uploaded images are processed entirely within your browser using client-side JavaScript. This means:

• • Your images never leave your device
• • No image data is transmitted to our servers
• • Complete privacy and control over your content
• • Faster processing without network delays

Account Data

When you create an account, we only store:

• • Your email address (from Google OAuth)
• • Account preferences and settings
• • Usage statistics (anonymized)
• • Subscription status (if applicable)

Payment Processing

All payments are processed securely through Paddle, a PCI-compliant payment processor. We never store your payment information on our servers.

Technical Security

• HTTPS Encryption:All data transmission is encrypted using TLS 1.3
• Secure Headers:Security headers protect against common web vulnerabilities
• Content Security Policy:Prevents XSS attacks and unauthorized script execution
• Regular Updates:All dependencies and infrastructure are regularly updated

Access Control

• OAuth 2.0:Secure authentication through Google
• Session Management:Secure session handling with automatic expiration
• Rate Limiting:Protection against abuse and brute force attacks
• IP Monitoring:Monitoring for suspicious activity and unauthorized access

Infrastructure Security

• Netlify Hosting:Enterprise-grade hosting with built-in security
• Supabase Database:Encrypted database with access controls
• CDN Protection:Global content delivery with DDoS protection
• Backup Systems:Regular encrypted backups with disaster recovery