Back to Legal & Privacy

Privacy Policy

Last Updated: June 28, 2025

PicMari ("we", "us", or "our") is committed to protecting your privacy. We offer free browser-based image tools (compression, upscaling, format conversion, etc.) and do not collect personal data from users except for optional account registration. In general, we do not collect IP addresses, analytics, emails, or any personal identifierswhen you use our site. Below is an overview of our privacy practices.

What Information We Collect

  • Uploaded Images: Any image you work with is processed entirely in your browser or in-memory on our server for the brief moment needed to perform the operation. We do not upload or store your image files on our servers at any time. As noted in similar privacy-focused tools, "All image processing… occur directly within your web browser… We do not upload, store, or transmit your image files to our servers". We also do not access or collect any personal information (metadata or content) from your images. Once processing is complete, your images and any temporary data are immediately discarded.
  • Personal Information: We do not collect personal data from visitors. For example, we do not record your IP address or use any tracking cookies, web beacons, Google Analytics, or third-party analytics/CDNs. In the words of a privacy-focused service, by design "we do not collect IP addresses or other personally identifiable information from visitors or users".
  • Optional Account Information: If you choose to create a PicMari account, we will collect only the information you provide (typically your email address, a username, and a password). This information is used solely to set up and authenticate your account. We minimize all personal data collection – for example, one service notes it "operates without user accounts, so we do not collect names, email addresses, or passwords". We will not require unnecessary details; your email and chosen password (securely handled) are the only data needed for account access.
  • Non-Personal Data: Like many websites, PicMari may collect very limited non-personal information (e.g. browser type or device type) solely to ensure our service functions correctly. This data is anonymous and cannot be used to identify you. We do not use this data for advertising or tracking.

How We Use Information

  • Service Operation: Any information you provide (such as account data) is used only to operate the service you requested. For example, if you upload an image to compress or convert it, we process that image briefly and then discard it. We use your optional account email/password only to manage your account (login, password recovery, etc.).
  • No Sharing or Selling: We never sell, rent, or lease your personal information. We do not share your data with advertisers or other third parties. As stated in similar privacy policies, we do not share or sell any data to advertisers, and any collected data remains private. We will not use your information for marketing, and we will not send you unsolicited communications (unless you've opted in to receive updates).
  • Improving the Service: We may use technical logs (for example, server error logs) to troubleshoot issues and improve site functionality. Any such logs are anonymous and do not contain personal identifiers. We do not aggregate or analyze user data for marketing or profiling purposes.
  • Legal Requirements: We may use or disclose information as required by law (for example, to comply with a subpoena or similar legal process) or to protect against misuse of our service or in security incidents.

Data Retention

  • Images: Because we do not store images on our servers, there is no retention period for them. Your images and any derived files exist only on your device or in transient memory and are deleted immediately after use. We cannot and do not retrieve or view your images once processing is complete.
  • Account Data: For users with accounts, we retain personal data (email, hashed password, etc.) only as long as necessary to provide the account service. As industry best practices recommend, we keep your information only as long as your account is active and then remove or anonymize it. If you delete your account or stop using it, we will delete your account data from our active systems. In short: we keep your personal information only for as long as needed to fulfill its purpose.
  • Other Data: Any non-personal technical data (if collected) is retained only as needed to maintain the service. We do not keep any unnecessary logs or data beyond troubleshooting needs.

Security

We take reasonable measures to protect any personal data you provide:

  • Encryption in Transit: All connections to PicMari use HTTPS/TLS encryption. This means your data is encrypted while traveling between your browser and our servers. As recommended in security best practices, "always use HTTPS to encrypt data transferred between the user's browser and your server". This protects your information (even though it's minimal) from interception.
  • Secure Password Storage: If you create an account, your password is hashed and salted before storage. We follow OWASP guidelines for password storage – modern password hashing algorithms (e.g. bcrypt, Argon2) automatically incorporate a salt so that even identical passwords result in different stored hashes. In practice, this means we do not store your actual password, only a cryptographically secure hash.
  • Encryption at Rest: Any personal data we store (such as your account credentials) is kept in encrypted databases. We use strong encryption (for example, AES-256) to protect data at rest. Only authorized system processes can access it.
  • Firewall and Server Protection: Our servers are protected by industry-standard security measures. We deploy firewalls, intrusion detection/prevention systems, and network monitoring to guard against attacks. As security experts note, TLS/SSL encryption combined with firewalls provides a "robust defense" that ensures intercepted data is unintelligible. All administrative access requires secure credentials (and multi-factor authentication where possible).
  • Software Updates and Monitoring: We keep our systems and software up to date with the latest security patches. Regular maintenance ensures known vulnerabilities are addressed promptly. Our hosting environment also performs routine malware scanning and monitoring to detect any threats early.
  • Principle of Least Access: Access to any personal information is restricted to the minimal number of staff who need it to do their jobs. We follow the principle of least privilege: only authorized personnel can access production systems, and only for legitimate operational purposes.
  • Incident Response: While we strive for security, no system can be guaranteed 100% secure. In the unlikely event of a data breach affecting your information, we have a response plan in place. We will promptly investigate and take appropriate action, including notifying affected users if required by law or good practice.

Your Rights

PicMari is not specifically targeting users in any one jurisdiction, but we respect global privacy principles. Depending on where you live, you may have rights such as accessing, correcting, or deleting your personal data. For example, under GDPR or CCPA-like rules, you can ask us to provide or erase the data we hold about you. You can also unsubscribe from any communications at any time.

If you have an account, you can manage your information directly in your account settings (for example, update your email or delete your account). If you need assistance or have questions about your data, please contact us (see below).

Contact

If you have any questions about this Privacy Policy or our practices, or if you wish to exercise any of your rights (access, deletion, etc.), please email us at privacy@picmari.com. We will respond to all legitimate inquiries in a timely manner.

Back to Top