Privacy-First Platform

Privacy Policy

At Imgira, your data belongs to you — and only you. Our zero-upload architecture ensures your files never leave your device. Read below to understand exactly how we protect your privacy.

Zero File UploadsGDPR CompliantCCPA ReadyNo Content Tracking

No Server Uploads — Ever

Unlike traditional online tool websites, Imgira does not upload your files to any remote server. All processing — whether it is compressing a JPEG, editing a PDF, formatting JSON, generating a password, or converting a CSV file — is performed entirely within your browser tab using WebAssembly (Wasm), the Canvas API, and browser-native JavaScript.

Your files exist only in your device's RAM and local storage during processing. When you close the tab or navigate away, the data is cleared. There is no file transfer step, no cloud storage, and no server-side logs of your content. This architecture is fundamentally different from services like Smallpdf, Convertio, or Adobe Express, which require remote server processing.

Because we use the browser as the compute engine, processing is instantaneous regardless of your internet speed — files do not need to travel to a data center and back. This means your sensitive business documents, personal photos, and private data never leave your device.

Zero Content Data Collection

We have zero knowledge of what files you process on our platform. We cannot see, read, log, analyze, or access the content of any image, document, spreadsheet, or text you work with on Imgira. No file metadata, file names, file sizes, or processing results are ever sent to our servers.

We do not use your processed files to train machine learning models. We do not share your data with third parties for profiling purposes. We do not fingerprint users based on uploaded content. The only data we receive are standard web server access logs (IP address, timestamp, page URL, browser type) used for infrastructure performance monitoring — these logs do not contain any of your file content.

We are committed to a Zero-Knowledge architecture: as a platform operator, we are intentionally designed to be unable to access your content, even if compelled by legal requests.

Third-Party Cookies (Analytics & Advertising)

We use Google Analytics to understand aggregate traffic patterns, page popularity, and usage trends. Google Analytics collects anonymized usage statistics using cookies. We have enabled IP anonymization in our Analytics configuration. No personally identifiable information is collected through Analytics.

We use Google AdSense to serve advertisements on our platform. Google AdSense uses cookies to serve ads based on your visits to this and other websites on the internet. These cookies enable Google and its partners to serve ads based on your usage data.

GDPR & CCPA Compliance

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, Imgira operates under the General Data Protection Regulation (GDPR). Because we do not collect, store, or process any personal data contained in your files, we have no user content to disclose, rectify, or delete. Your core GDPR rights — to access, portability, rectification, and erasure — are inherently protected by our zero-upload architecture.

For California residents, the California Consumer Privacy Act (CCPA) grants you rights over your personal data. Because Imgira does not collect personal information from your file content, there is no personal data profile associated with your usage of our tools to request or delete. You can opt out of the sale of personal data (if any behavioral advertising data applies) through our Cookie Consent banner.

Our legal basis for processing standard web server logs under GDPR is Legitimate Interests (Article 6(1)(f)), necessary for operating a stable and secure web service. You may contact us at support@imgira.site to exercise any data subject rights or submit a Data Subject Access Request (DSAR).

Client-Side Security Architecture

Because all computation happens within your browser's sandboxed environment, your files are protected from server-side vulnerabilities, unauthorized access by third-party staff, and large-scale data breaches that have historically affected cloud-based file processing services.

We implement Content Security Policy (CSP) headers to protect against cross-site scripting (XSS) attacks. All connections to Imgira use HTTPS with TLS 1.2 or higher, enforced via HSTS (HTTP Strict Transport Security). Our site is served from a global Content Delivery Network (CDN) to minimize attack surface.

Browser local storage is only used to save user preferences (such as interface settings and tool configurations) — never to store file content. We use Subresource Integrity (SRI) checks for third-party scripts to verify they have not been tampered with.

Children's Privacy

Imgira's tools are general-purpose utilities suitable for all ages. We do not knowingly collect any personal information from children under the age of 13 (or under 16 in the EEA). Our tools are used in schools and educational environments worldwide because they do not require account creation or data submission.

If you are a parent or guardian and believe your child has provided personal information to us, please contact us at support@imgira.site. We will promptly review and delete any such information in accordance with applicable law.

Cookies We Use

Essential Cookies: Used to remember your consent preferences (cookie banner) and basic site functionality. These are strictly necessary and cannot be disabled.

Analytics Cookies (Google Analytics): Collect anonymized usage data such as page views, session duration, and referring URLs. These help us understand how users interact with our tools so we can improve the platform.

Preference Cookies: Store your tool settings and interface preferences (e.g., last-used compression quality setting). These are stored locally in your browser and are not transmitted to our servers.

Policy Updates & Contact

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. When we make significant changes, we will display a notice on our website. The 'Last Updated' date at the bottom of this page reflects the most recent revision. We encourage you to review this policy regularly.

If you have questions, concerns, or requests related to this Privacy Policy or your data, please contact our privacy team at support@imgira.site. We aim to respond to all privacy inquiries within 5 business days. For GDPR Data Subject Access Requests (DSARs), we aim to respond within 30 days as required by law.

Frequently Asked Privacy Questions

How do you process files without a server?

We use modern browser technologies including the Canvas API, WebAssembly (Wasm), and the File API. These APIs allow us to run high-performance processing code directly inside your browser's sandboxed JavaScript environment. Your files are loaded into browser memory (RAM) and processed there — the data never leaves your device.

Do you store my files anywhere?

No. We never write your files to a database, cloud storage bucket, or any server-side storage. Files exist only in your browser's temporary memory during the active session. When you close the tab or browser window, the files are gone from our reach permanently.

Do you use cookies?

Yes. We use essential cookies for your consent preferences, analytics cookies (via Google Analytics) to understand aggregate usage, advertising cookies (via Google AdSense) to show relevant ads, and preference cookies to remember your tool settings. You can manage cookie preferences via the consent banner shown on your first visit.

Can I request deletion of my data?

Because we do not store your file content or create user profiles tied to file usage, there is no file data to delete. For any standard web log data (IP address, timestamps) — which is retained for a maximum of 90 days for security monitoring — you can submit a deletion request to support@imgira.site.

Is Imgira safe to use for sensitive documents?

Yes. Because processing happens entirely client-side, sensitive documents such as tax returns, legal contracts, medical records, and financial spreadsheets never leave your device. Even Imgira's own team cannot access the content you process. This makes Imgira suitable for use in regulated industries including healthcare (HIPAA context), legal services, and finance.

What is your data retention policy?

We retain standard web server access logs (containing IP addresses, timestamps, and page URLs — no file content) for up to 90 days for security and performance monitoring purposes. No file content is retained. Google Analytics data is retained for 14 months per our Analytics configuration.

Contact Our Privacy Team

If you have any questions about this Privacy Policy, wish to exercise your data subject rights (GDPR / CCPA), or want to submit a Data Subject Access Request (DSAR), please reach out to us. We take your privacy seriously and respond to all legitimate inquiries promptly.

Response Time

Within 5 business days

Submit via Contact Form →

Revision History

Initial policy published — core privacy architecture documentedJanuary 2026
Added GDPR / CCPA compliance sections, cookie categorization, data retention policyMarch 2026
Expanded third-party services disclosure, FAQ section added, DSAR process clarifiedJune 2026

Last updated: June 2026. Our core commitment — all file processing stays in your browser, no server uploads, ever — will never change.