Privacy

TL;DR

We process images locally in your browser when possible. Cloud features upload temporarily, and files are deleted within 1 hour. We use cookies for auth and analytics. We don't sell your data. Operated by Zeplik, Inc.

What we collect

Account data: email address, Stripe customer ID, subscription status, API keys (hashed, never stored in plain text).

Usage data: removal counts, API call counts, PostHog analytics. We do not use session recording.

Image data: Free tier images never leave your browser. Cloud features upload images temporarily and delete them within 1 hour via signed URL expiry. Saved projects are kept until you delete them.

What we don't collect

• Browsing history outside bgeraser.ink
• Identity data beyond your email
• Payment card details (Stripe holds those)
• Cross-site tracking
• Behavioral profiles for ad targeting

How we store data

We use the following services to store and process data:

• Supabase (PostgreSQL): account and project data
• Cloudflare R2: private bucket, signed URLs for temporary image storage
• PostHog (US): product analytics
• Resend: transactional email
• Stripe: payment processing

All services use TLS 1.2+ and encrypt data at rest.

Your rights

You can:

• Access your data
• Export your data
• Delete your account and all associated data
• Disable analytics
• Opt out of marketing emails

GDPR, UK GDPR, and CCPA rights can be exercised by emailing [email protected].

Cookies

• Auth cookies: required for login sessions
• Analytics: PostHog, can be disabled in settings
• Stripe: used during checkout only

We do not use advertising cookies.

Children

bgeraser is not intended for users under 16 years of age.

Changes

We will email you about material changes to this policy. Updates are reflected in the "Last updated" date below.

Contact

Zeplik, Inc.
1111B S Governors Ave, Dover, DE 19904
+1 (838) 221-7030
[email protected]