What We Log
We keep minimal operational metadata for billing, monitoring, and abuse prevention:
| Data | Purpose |
|---|---|
| Input file size | Compression ratio statistics |
| Output file size | Compression ratio statistics |
| File format | Format-specific analytics |
| Processing time | Performance monitoring |
| Job status | Success/failure tracking |
| Timestamp | Daily credit tracking, billing |
| User tier | Credit billing, fair scheduling |
What We Never Store
Privacy by Design
- File names — We never log what you called your files
- File content — Your actual files are never logged or archived
- EXIF data — We strip metadata during compression, not store it
- Thumbnails or previews — We generate these on-the-fly, never persist them
- Hash or fingerprints — We don't create identifiers for your content
Why This Approach?
We can't leak what we don't have. By not storing file names, content, or identifying metadata, we eliminate the risk of exposing your data in a breach.
The metadata we do keep is purely operational—it tells us "someone compressed a 5MB JPG in 0.3 seconds" but not "who" or "what the photo was."
Anonymous Usage
For guest users (no account), we track usage via a hashed, peppered session token. This prevents abuse while ensuring we can't identify individual users. The token expires when you close your browser.
For logged-in users, job metadata is associated with your account for billing purposes, but the content of your files is never stored.