Privacy Policy

1. Introduction

Object Remover ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered object removal service.

Our Service allows you to upload images and use artificial intelligence technology to remove unwanted objects from those images. We understand the sensitive nature of the images you entrust to us and have implemented comprehensive measures to protect your privacy.

Please read this privacy policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with these terms, please do not use our Service.

2. Information We Collect

2.1 Account Information

When you create an account with Object Remover, we collect:

• Email Address: Used for account authentication, service notifications, and customer support
• Account Credentials: Password (stored in encrypted form) or OAuth authentication tokens
• Profile Information: Optional display name and profile picture
• Subscription Information: Plan type, credit balance, subscription status, and renewal dates

2.2 Uploaded Images and Processing Data

This is the most important category of data we collect, as it directly relates to our core service.

• Original Images: Images you upload for object removal processing
• Processed Images: Preview images (with watermark for free users) and HD images (for paid users)
• Image Metadata: File name, size, resolution, upload timestamp, and processing parameters
• Processing History: Records of your image editing activities, including timestamps and credit usage

2.3 Payment Information

When you purchase credits or subscribe to a plan:

• Payment Details: Processed securely through our payment provider (Creem). We do NOT store your full credit card information
• Billing Information: Name, billing address, and email for invoice purposes
• Transaction History: Records of purchases, refunds, and subscription changes

2.4 Automatically Collected Information

When you visit our Service, we automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Analytics: Pages visited, features used, time spent, navigation patterns
• Performance Data: Processing times, error logs, and system performance metrics
• Cookies and Tracking: Authentication cookies, preference cookies, and analytics cookies

2.5 Communications

Information from your communications with us:

• Customer support inquiries and correspondence
• Feedback, survey responses, and feature requests
• Newsletter and marketing preferences

3. How We Use Your Information

We use the information we collect for the following specific purposes:

3.1 Service Delivery and Image Processing

• Process Your Images: Use AI technology to detect and remove unwanted objects from your uploaded images
• Generate Results: Create preview images (with watermark) and HD processed images
• Store Processed Files: Temporarily store images for download and future access (based on your plan)
• Quality Assurance: Monitor processing quality and system performance

3.2 Account and Subscription Management

• Create and maintain your user account
• Process payments and manage subscriptions
• Track credit usage and balance
• Send transactional emails (payment confirmations, credit alerts, subscription renewals)
• Provide download access to your processed images

3.3 Customer Support and Communication

• Respond to your inquiries and support requests
• Send important service announcements and updates
• Provide technical assistance and troubleshooting
• Collect feedback to improve our Service

3.4 Service Improvement and Analytics

• Analyze usage patterns to improve AI processing quality
• Identify and fix technical issues and bugs
• Develop new features and enhancements
• Optimize user experience and interface design
• Conduct A/B testing for feature improvements

3.5 Security and Legal Compliance

• Prevent fraudulent activities and unauthorized access
• Enforce our Terms of Service and usage policies
• Comply with legal obligations and regulatory requirements
• Protect against copyright infringement and illegal content
• Respond to law enforcement requests when legally required

3.6 Marketing Communications (Optional)

• Send promotional emails about new features and special offers (you can opt-out at any time)
• Provide personalized recommendations based on your usage
• Announce product updates and improvements

4. How We Share Your Information

We limit the sharing of your information to specific, necessary purposes. We do NOT sell your personal information or images.

4.1 Essential Service Providers

We share limited information with trusted third-party vendors who help us operate our Service:

• Cloud Storage Provider (Cloudflare R2): Stores your uploaded and processed images securely
• Payment Processor (Creem): Handles subscription and credit purchase transactions
• AI Processing Provider (Volcano Engine): Provides the AI technology for object removal (your images are processed and not retained by them)
• Email Service Provider (Resend): Delivers transactional and service-related emails
• Database Hosting (Vercel Postgres): Stores your account information and processing history
• Analytics Service: Helps us understand usage patterns and improve the Service (anonymized data only)

4.2 Legal Requirements

We may disclose your information when required by law or in good faith belief that such action is necessary to:

• Comply with legal obligations, court orders, or government requests
• Respond to lawful requests from law enforcement or public authorities
• Protect our rights, property, or safety, or that of our users
• Enforce our Terms of Service and investigate violations
• Prevent or investigate fraud, security issues, or technical problems
• Protect against legal liability

4.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our Service of any change in ownership or use of your personal information.

4.4 With Your Explicit Consent

We may share your information for any other purpose disclosed to you and with your explicit consent. For example, if you agree to participate in case studies or testimonials.

4.5 Aggregated and Anonymized Data

We may share aggregated or anonymized information that cannot reasonably be used to identify you. For example, we may share statistics about image processing volumes or service usage trends.

5. Data Security

We take the security of your data extremely seriously, especially your uploaded images. We implement comprehensive technical and organizational security measures:

5.1 Technical Security Measures

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS/SSL protocols
• Encryption at Rest: Your images and sensitive data are encrypted when stored in our cloud storage
• Secure Authentication: Passwords are hashed using industry-standard algorithms (bcrypt). We support OAuth 2.0 for secure third-party authentication
• HTTPS Only: Our entire Service operates over HTTPS to prevent man-in-the-middle attacks
• Secure API Endpoints: All API calls require authentication and are protected against common vulnerabilities
• Rate Limiting: Protection against brute force attacks and DDoS attempts

5.2 Operational Security Measures

• Access Controls: Strict employee access controls - only authorized personnel can access systems containing user data
• Audit Logs: Comprehensive logging of all system access and data operations
• Regular Security Audits: Periodic security assessments and vulnerability scans
• Data Backup: Regular automated backups with secure storage
• Incident Response Plan: Documented procedures for responding to security incidents
• Employee Training: Regular training on data protection and security best practices

5.3 Image-Specific Security

• Private Storage: Each user's images are stored in isolated, private storage buckets
• Signed URLs: Download links use time-limited, cryptographically signed URLs
• No Public Access: Your images are never publicly accessible via direct URLs
• Automatic Deletion: Free user images are automatically deleted after 24 hours

5.4 Your Security Responsibilities

You play an important role in keeping your account secure:

• Choose a strong, unique password and keep it confidential
• Enable two-factor authentication if available
• Log out of your account when using shared devices
• Report any suspicious activity or security concerns immediately
• Keep your email account secure (for password resets)

6. Data Retention

We retain different types of information for different periods based on their purpose and legal requirements:

6.1 Image Data Retention

6.2 Account Data Retention

• Active Accounts: Retained for the duration of your account's existence
• Inactive Accounts: After 2 years of inactivity, we may delete your account with prior notice
• Deleted Accounts: Most data is deleted immediately; some data retained for 30 days for recovery purposes

6.3 Financial Records

• Payment History: Retained for 7 years for tax and accounting purposes
• Subscription Records: Retained for the duration of your subscription plus 7 years
• Refund Records: Retained for 7 years

6.4 Other Data

• Usage Analytics: Aggregated and anonymized after 12 months
• Support Communications: Retained for 3 years for quality assurance and legal purposes
• Security Logs: Retained for 12 months for security incident investigation

6.5 Deletion Process

When data is scheduled for deletion:

• Data is securely deleted from active systems using secure deletion methods
• Backup copies are removed during the next backup rotation cycle (within 90 days)
• Some anonymized metadata may be retained for statistical purposes

7. Your Rights and Choices

You have control over your personal information and images. Depending on your location, you may have the following rights:

7.1 Access Your Data

You have the right to:

• Access your account information and settings at any time
• Download all your processed images from your dashboard
• Request a copy of your personal data in a structured, machine-readable format (data portability)
• Request information about how we process your data

7.2 Manage Your Images

You have full control over your images:

• Delete Images: Delete individual images or all images at once from your dashboard
• Download Images: Download your processed images at any time (within retention period)
• Automatic Deletion: Free user images are automatically deleted after 24 hours

7.3 Update or Correct Information

You can:

• Update your profile information (name, email) in account settings
• Change your password or authentication method
• Request correction of inaccurate information by contacting support

7.4 Delete Your Account

You have the right to delete your account:

• Go to Account Settings and select "Delete Account"
• This will permanently delete your account, images, and personal information
• Some data may be retained for legal compliance (e.g., payment records for tax purposes)
• You will receive a confirmation email before deletion is finalized

7.5 Control Communications

• Marketing Emails: Opt-out via the unsubscribe link in emails or in account settings
• Transactional Emails: These are essential for the Service and cannot be opted out of
• Email Preferences: Customize which types of emails you receive in your account settings

7.6 Cookie and Tracking Preferences

• Manage cookie preferences through your browser settings
• Essential cookies (authentication, security) cannot be disabled
• You can disable analytics and marketing cookies
• See our Cookie Policy for detailed information

7.7 Object to Processing or Restrict Processing

You can:

• Object to certain uses of your personal information
• Request that we restrict processing of your data
• Withdraw consent for data processing where consent was the legal basis

7.8 How to Exercise Your Rights

To exercise any of these rights:

• Most actions can be taken directly in your account dashboard
• For other requests, contact us via email or support ticket
• We will respond to your request within 30 days
• We may need to verify your identity before processing certain requests
• There is no fee for exercising your rights (unless requests are manifestly unfounded or excessive)

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your country.

We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

9. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), including:

• The right to know what personal information we collect, use, and disclose
• The right to request deletion of your personal information
• The right to opt-out of the sale of personal information (we do not sell personal information)
• The right to non-discrimination for exercising your privacy rights

10. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR), including:

• The right to be informed about data processing
• The right to rectification of inaccurate data
• The right to erasure ("right to be forgotten")
• The right to data portability
• The right to object to processing
• Rights related to automated decision-making
• The right to lodge a complaint with supervisory authorities

11. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us immediately.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top.

For significant changes, we will provide additional notice through email or a prominent notice on our Service.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us: