UploadImages.org is designed so we cannot see your images. Photos are encrypted on your device before they are uploaded. The decryption key never reaches our servers - it travels only in the share link you control. We do not require accounts, do not show advertisements, and do not use third-party analytics or tracking.
This Privacy Policy describes how UploadImages.org ("we", "us", "the service", "the app") handles information when you use our website at https://uploadimages.org or our mobile application available on Google Play. This policy applies to both the website and the mobile app.
When you upload an image, the app first encrypts it locally on your device using AES-256-GCM, an industry-standard authenticated encryption algorithm. The encryption key is derived from a random 256-bit seed using HKDF-SHA256. Only the encrypted ciphertext is transmitted to our servers. We do not have the keys necessary to decrypt your images, and we cannot recover their content. The ciphertext we store appears to us as random bytes with no intelligible structure.
The decryption key, initialization vector, and integrity tag are
encoded into the URL fragment (the part after the #) of
the share link the app generates for you. URL fragments are, by
standard web browser behaviour, never transmitted to the server during
normal navigation. We therefore do not receive or store these values.
Our web server keeps short-lived access logs containing:
These are retained for up to 30 days for security and abuse-prevention purposes, then automatically rotated and deleted. We do not link log entries to identities, and we do not sell, share, or use them for advertising. Logs may be inspected manually only in response to a specific abuse report or security incident.
The app strips EXIF metadata (including GPS coordinates, camera model, and timestamps) from selected photos before encryption. The unencrypted metadata never leaves your device.
We do not collect or process:
The app does not request camera, location, microphone, contacts, calendar, SMS, call-log, or accounts permissions.
The app stores the following locally on your device, never transmitted to us:
expo-secure-store)Uninstalling the app deletes all locally stored data. This data is not recoverable after uninstall.
Encrypted images are stored on our servers indefinitely unless:
We do not sell, rent, trade, or share your data with any third party for marketing or analytics purposes. We may disclose encrypted ciphertext or server log entries only if:
Because we do not hold the decryption keys, we cannot disclose decrypted image content even when ordered to. We would be able to disclose only the ciphertext, IP-address log entries (if still within retention), and the image identifier.
Depending on your state of residence, applicable laws (such as the California Consumer Privacy Act and similar state privacy statutes) may grant you the right to:
Because we do not require accounts and do not collect identifiers beyond ephemeral IP-address logs, the practical scope of these requests is limited. We will honour verified requests within the timeframes required by applicable law.
If you are located in the EEA or UK, you have the following rights under the General Data Protection Regulation (GDPR) and equivalent UK law:
Requests can be sent to the contact address in section 12. Please include enough information for us to identify the data in question (for example, the image ID from a share link, or an approximate date and IP address for a log lookup).
The service is operated from the United States. If you access the service from outside the United States, your data may be transferred to and processed in the United States. We rely on standard contractual protections and the safeguards described in this policy to ensure your data receives appropriate protection regardless of where it is processed.
The service is not intended for users under 18 years of age, and is not directed at children. We do not knowingly process data from anyone under 13 years of age. If we become aware that we have collected data from a child under 13 without verified parental consent, we will delete it promptly. If you believe a minor is using the service in a way that creates a privacy concern, please contact us.
Although we cannot decrypt user images, we take reports of illegal content seriously. To report suspected abuse — including child sexual abuse material, non-consensual intimate imagery, or content that violates our terms of service — use our contact form or email [email protected] with the share link. We will:
All connections between your device and our servers use TLS 1.3. Encrypted image data is additionally protected at rest by a separate cryptographic envelope (NIST-standardized post-quantum algorithms ML-KEM-1024, ML-DSA-87, and SLH-DSA-SHAKE-256s). We follow current best practices in server configuration, dependency management, and key handling. No security system is ever perfect; we will notify affected users without undue delay if we become aware of an incident that materially affects their data.
We may update this Privacy Policy from time to time. Material changes will be announced on the website with at least 14 days' notice before they take effect. The "Last updated" date at the top of this document reflects the most recent revision.
For privacy inquiries, deletion requests, or general questions about how the service handles data, contact us via the contact form or directly at: