ScrubAI.
Workspace Portal
Legal Framework
🛡️ ALL SCRUB·AI OPERATIONS RUN 100% LOCALLY IN YOUR CLIENT BROWSER SANDBOX MEMORY.
Last Updated: May 23, 2026

Privacy Policy

Privacy by Design · Local-First Architecture

01.Our Commitment to Your Absolute Privacy

At ScrubAI, we believe that privacy is not a setting—it is a fundamental architecture. Most image utilities force you to upload your files to remote cloud servers, exposing your proprietary client work, personal photographs, and metadata to data harvesting and security breaches.

ScrubAI is built on a "local-first" execution paradigm. Your images never leave your computer. All file processing, metadata sanitization, and name scrambling happen locally in your web browser’s memory.

02.Information We Do NOT Collect (The Data Core)

Because we operate completely client-side, we have designed our system to guarantee that we cannot access, view, or retain your media:

  • ·
    No Media Uploads: Your images are processed entirely on your device’s browser via the HTML5 Canvas API and localized scripts.
  • ·
    No Image Storage: We do not own, operate, or rent any backend servers that store user-uploaded images.
  • ·
    No Metadata Harvesting: We do not read, compile, or analyze your files' original EXIF, IPTC, XMP, or C2PA provenance markers.
💡 Once you close your browser tab or clear your browser's session, any temporary image data in memory is permanently destroyed.

03.Information We Do Collect (And Why)

To manage your account, process payments, and ensure our site functions properly, we collect minimal and highly transparent categories of data:

A. Account & Billing Information
  • Authentication: We use Clerk to secure your account. When you create an account, Clerk registers your email address, name, and profile details.
  • Billing Details: If you purchase a Pro subscription ($5/month or $33/year), your payment is processed directly by Stripe via Clerk Billing. Your credit credentials are processed entirely on Stripe's PCI-compliant servers.
B. Technical Telemetry & Analytics
  • Performance Aggregate Metrics: We use PostHog to analyze overall traffic and application errors. We track anonymous aggregate actions to optimize performance.
  • Zero PII in Analytics: We route telemetry through our domain proxy (/ingest). This protects your data, runs free of ad-blockers, and guarantees no personal identifying information (PII) is transmitted.

04.How Your Images are Processed (Technical Pipeline)

01File Ingestion

Your file is read locally in your browser memory using the secure HTML5 JavaScript File API.

02Local Canvas Drawing

The image is painted onto an offscreen <canvas> element in your browser's private sandbox memory space.

03Pristine Export

The browser regenerates the image from raw pixel coordinates, discarding all hidden tracking segments and signatures.

05.Your Rights and Data Control

Because of our client-side architecture, you maintain total control over your digital footprint:

  • ·Immediate Sanitization: Simply close the browser window to instantly wipe all temporary file footprints from memory.
  • ·Account Deletion: You can delete your account, session profiles, and billing logs at any time via your user dashboard.