Privacy and data handling

Privacy Notice

This notice explains what the current Clipo web application handles, why it is used, where image results are stored, and the controls available to you.

Last updated: July 14, 2026

Information Clipo handles

Depending on how you use Clipo, the service handles:

  • Images, filenames, transparent PNGs, masks, and processing results.
  • A pseudonymous browser device identifier used for service analytics and rate limiting.
  • A verified Google account identifier when you sign in to process multiple images. Clipo does not expose this identifier to browser analytics.
  • Request IDs, route, response status, duration, visit/removal counts, timestamps, and coarse security-policy diagnostics.

How images and results move through the service

Uploaded images pass from your browser through Clipo's web service to its background-processing service. The current processing path uses the image in request and process memory and does not intentionally save uploaded image files on the server.

After processing, the original image and generated files are saved in IndexedDB in your browser so the result page can display and download them. If browser storage is unavailable, Clipo may keep the result in page memory for immediate download; that copy disappears when the page is closed or reloaded.

Why the information is used

  • Provide background removal, previews, and downloads.
  • Enable batch access after Google sign-in.
  • Apply upload limits, rate limits, and abuse protections.
  • Measure service usage and diagnose reliability or security issues.
  • Protect the service and investigate operational incidents.

Cookies and browser storage

  • A signed session cookie can remain for up to 30 days after Google sign-in. Signing out expires it.
  • A short-lived OAuth transaction cookie protects sign-in and expires after about 10 minutes or is cleared when the callback completes.
  • Local storage keeps the pseudonymous device identifier until you clear this site's browser data.
  • IndexedDB keeps browser-local image results. Automatic expiry is not enabled, so use the result-page deletion controls or browser site-data settings when you want to remove saved results.

Retention and deletion

You can delete the active result or clear all Clipo results from the result page. You can also clear Clipo's cookies, local storage, and IndexedDB through your browser settings.

Service analytics records and operational logs are kept only as long as needed for reliability, security, abuse prevention, and required business or legal purposes.

Service providers and transfers

Google processes authentication information when you choose Google sign-in. Hosting, database, logging, and network providers may process operational data on Clipo's behalf.

Provider details, processing regions, and transfer safeguards may vary by deployment and will be reflected in Clipo's published privacy materials.

Security

Clipo uses browser request protections, signed and expiring sessions, protected Google sign-in transactions, upload validation, upstream deadlines, request IDs, security headers, and privacy-reduced security reports. No online service can guarantee absolute security.

Your choices and privacy requests

You may use one-image processing without Google sign-in, sign out at any time, delete browser-saved results, or clear all Clipo site data through your browser.

Privacy requests should include enough information to identify the relevant account, browser session, or saved result. Clipo may ask for verification before acting on a request.