imglab

Legal

Privacy Policy

Last updated: May 5, 2026.

ImgLab is built around a deliberate privacy posture: the images you convert, resize, compress, or turn into a favicon stay in your browser. They are never uploaded to a server controlled by the publisher, and they are not stored, logged, indexed, or transmitted to any third-party processing API. This page describes what that means in practice and what limited data is still processed in the course of running the site.

What never leaves your device

Every conversion happens client-side using standard browser APIs. The HEIC decoder, JPEG encoder, WebP encoder, PNG writer, resize math, and favicon packaging all run on the device. We do not operate an image- processing server because we do not need one. You can verify this by opening the browser’s Network panel during a conversion: no POST requests to imglab.tools are made with image payloads.

What is still collected automatically

When you load a page, your browser sends standard request metadata to Cloudflare (CDN) and to Google Analytics 4 (measurement): IP address, user-agent, referring URL, requested URL, response status, and timestamps. GA4 stores a pseudonymous identifier for session grouping. None of that metadata contains the image you converted or its filename — that information is never sent.

Cookies and advertising

ImgLab is supported by display advertising served through Google AdSense. AdSense and its partners may set cookies for delivery, frequency capping, measurement, and invalid-traffic detection. In the EEA, UK, Switzerland, and other consent jurisdictions, the consent banner gates advertising and analytics storage; you can revisit your choice at any time. Personalized advertising can also be controlled at Google Ads Settings.

Third parties that receive a request

When you visit ImgLab, your browser may also send requests to Cloudflare, Google Analytics, Google AdSense, and Google Fonts (typography). These services operate under their own privacy policies. ImgLab does not call any third-party image API on your behalf — uploads, transcoding services, and AI vision endpoints are not in the stack.

Your rights

Residents of the EU, EEA, UK, and California may have rights to access, correct, delete, or port personal information processed about them. Because the publisher does not directly process or retain the images or identifying information beyond the operational logs above, most rights requests will route to Google or Cloudflare as the recipient of the underlying data.

Children's privacy

The site is intended for a general audience and is not directed at children under 13.

Contact

Privacy questions can be sent to hhammoud@inovisum.com with “Privacy” in the subject line.