Privacy Policy
Privacy by design. Local-first architecture.
01 · Our commitment to your privacy
Privacy is not a setting at ScrubAI. It is the architecture. Most image utilities force you to upload your files to remote cloud servers, exposing your work, your photos, and the metadata they carry to data harvesting and breach risk.
ScrubAI runs on a local-first execution model. Your images never leave your computer.All file processing, metadata sanitization, and renaming happens locally in your browser's memory.
02 · What we don't collect
Because ScrubAI runs entirely client-side, the system is built so we cannot access, view, or retain your media:
- No media uploads. Your images are processed in your browser via the HTML5 Canvas API and bundled scripts.
- No image storage. We do not own, operate, or rent any backend that stores user-uploaded images.
- No metadata harvesting.We do not read, compile, or analyze your files' original EXIF, IPTC, XMP, or C2PA provenance markers.
When you close the browser tab or clear your session, any temporary image data in memory is gone.
03 · What we do collect (and why)
To manage accounts, process payments, and keep the site running, we collect a small, transparent set of data:
Account & billing
- Authentication: We use Clerk for accounts. Clerk stores your email, name, and profile details.
- Billing: Lifetime Pro is a one-time $24.99purchase processed by PayPal. Card details are entered on PayPal's PCI-compliant servers and never touch ScrubAI.
Telemetry & analytics
- Aggregate metrics: PostHog tracks anonymous product usage and errors so we can improve the tool.
- No PII in analytics: Telemetry is routed through our domain proxy (
/ingest). It carries no personal identifying information.
04 · How your images are processed
- 01File ingestion
Your file is read in browser memory via the HTML5 File API.
- 02Canvas redraw
The image is painted onto an offscreen
<canvas>element in the browser sandbox. - 03Pristine export
The browser regenerates the image from raw pixel data, discarding all hidden tracking segments and signatures.
05 · Your rights and data control
Because of the client-side architecture, you keep control over your digital footprint:
- Immediate sanitization. Closing the browser window wipes temporary file data from memory.
- Account deletion. You can delete your account, session profile, and billing logs at any time from your dashboard.