Skip to main content
remove-bg.io remove-bg.io

Ìlànà Àṣírí

Bí a ṣe ń kó, lo, àti dáàbò bo àlàyé rẹ

Àwọn ìwé òfin wa lọ́wọ́lọ́wọ́ wà ní èdè Gẹ̀ẹ́sì nìkan. Fún àwọn ìbéèrè ní èdè rẹ, jọ̀wọ́ kan legal@remove-bg.io.

Last updated: 20 June 2026

1. Introduction & Scope

Welcome to remove-bg.io. This Privacy Policy explains, in full and honest detail, how remove-bg.io (referred to as "we," "us," or "our") collects, uses, shares, and protects information when you use our background-removal service. We have written this policy to disclose every third-party data processor we rely on and exactly what each one receives — including the fact that, in their default configuration, some of our analytics and diagnostics tools may capture a recording of the image you upload.

This policy applies to all interactions with our platform at remove-bg.io and its localized subdomains, including browsing, uploading images for processing, downloading results, and using any editor or bulk features. It does not cover third-party websites you may reach via links from our site, which are governed by their own policies. By using the Service you acknowledge the practices described here.

2. Plain-Language Summary (TL;DR)

If you read nothing else, read this:

  • Your images are sent to our inference server. By default, background removal happens on our server at api.remove-bg.io. The image is processed entirely in memory (RAM), used to compute your cutout, and then discarded. It is never written to disk, never saved to a database, and never stored in object storage.
  • We use analytics and session-replay tools — and they may record your uploaded image. We run behavioral analytics and session-replay/heatmap tools (Hotjar, ContentSquare, and potentially Microsoft Clarity). We have deliberately chosen full-capture mode (not pixel-masking) for product-quality and debugging reasons. That means these tools may record the rendered image you uploaded and the cutout you produced, as part of a replay of your browsing session. See Section 4.
  • Error reports may include diagnostic data. If the page crashes, an error-telemetry tool (Sentry) may send a report. We configure it to scrub raw image bytes and authentication headers, but the report still describes what your browser was doing.
  • No accounts, no ads, no data sale. We do not require sign-up, we do not show ads, we do not run ad-network tracking, and we do not sell or rent your personal data.
  • You can opt out. You can decline analytics/session-replay via the consent controls and your browser/device settings, and you can clear all locally stored data at any time. See Sections 5 and 12.

3. Information We Collect

3.1 Information You Provide

The primary information you provide is the images you upload for background removal. When an image is sent to our inference API, the request also includes the file's filename and content type (e.g. image/png) alongside the image data. We do not require account creation, and we do not collect names, email addresses, or payment information through the Service. If you contact us at support@remove-bg.io, we will receive whatever information you include in your message.

3.2 Automatically Collected Information

When you use our website, certain information is automatically collected, by us and by the third-party processors listed in Section 7:

  • IP address: recorded in server access logs and used for rate limiting, delivery via our CDN, and Cloudflare Turnstile bot verification. Analytics and session-replay vendors also receive your IP address.
  • Device and browser information: browser type, operating system, screen size, and language preferences.
  • Usage events: anonymized product events including file size, file type, processing duration, error codes, and editor interactions. We do not send filenames to analytics.
  • Behavioral and session data: pages visited, clicks, scrolls, mouse movement, and — via session-replay tools in full-capture mode — a reconstruction of what was rendered on screen during your session (see Section 4).
  • Geolocation: approximate, IP-derived location (typically city-level) inferred by analytics services.

3.3 Cookies and Client-Side Storage

We and our processors use cookies, localStorage, sessionStorage, IndexedDB, and the Cache API. A detailed inventory — including the specific GA4, Hotjar, and ContentSquare cookies and every localStorage key — is in Section 8.

4. How Your Uploaded Images Are Handled

This is the most important section of this policy. Your uploaded images can be touched by two distinct systems: our inference pipeline, and our analytics/diagnostics tools. They are independent, and they are handled very differently.

4.1 The inference path (default)

By default, your image is sent to our background-removal API at api.remove-bg.io. The image bytes are base64-encoded and transmitted inside a JSON request body (along with the filename and content type) over an encrypted TLS connection. On the server, the image is decoded into memory (RAM), passed through the AI model to compute the cutout, and the result is returned to your browser.

The uploaded image is processed in memory and then discarded. It is never written to disk, never saved to a database, and never persisted to any object store. We retain no copy of your image or your cutout on our inference servers after the request completes. Standard, transient web-server and CDN access logs (which record metadata such as IP address, timestamp, and request size — not image contents) are the only server-side record of the request.

4.2 The on-device fallback path

If our server-based API is unavailable, the Service can fall back to processing your image entirely within your browser using an AI model (downloaded once from our content delivery network and cached locally). In this on-device mode, your image is not transmitted to our inference server — the cutout is computed locally on your device.

4.3 Full-image capture by analytics and error tools — explicit disclosure

Separately from the inference pipeline, our website runs behavioral-analytics, session-replay, and error-telemetry tools that operate inside your browser. We have deliberately configured our session-replay tools in full-capture mode rather than with image/pixel masking. We made this choice intentionally so we can diagnose quality issues, reproduce bugs, and understand how people actually use the editor.

The practical consequence you should understand: because the image you upload and the cutout you generate are rendered on the page, our session-replay tools (Hotjar, ContentSquare, and potentially Microsoft Clarity) may capture those rendered images as part of the recording of your session. Likewise, if a crash occurs, our error-telemetry tool (Sentry) may capture diagnostic context about the page state. This means a visual recording of your uploaded photo and your result may be sent to and retained by these vendors for the periods listed in Section 7.

Each vendor retains replays and event data per its own default retention (see the table in Section 7). You can avoid this capture by declining analytics/session-replay consent where offered, by using browser settings or extensions that block these scripts, or by using the on-device fallback on a session where analytics scripts have been blocked. To request deletion of recordings already collected, contact us at support@remove-bg.io and we will work with the relevant vendor to honor your request.

5. Session Replay & Behavioral Analytics

To understand how people use the Service and to improve usability, we use behavioral-analytics and session-replay tools that record interaction data and, in full-capture mode, visual replays of browsing sessions. These tools are:

  • Hotjar (site ID 726604) — session recordings and heatmaps.
  • ContentSquare — session replay, heatmaps, and experience analytics.
  • Microsoft Clarity — session replay and heatmaps (may be enabled for additional behavioral insight).

As described in Section 4.3, because we run these tools in full-capture mode, a recording may include the rendered uploaded image and cutout. We load these tools only after you begin interacting with the page, and only where analytics consent applies. You can opt out via the consent controls, browser settings, script-blocking extensions, or each vendor's own opt-out mechanism (see Section 7).

6. Error & Performance Telemetry

To keep the Service reliable, we collect error and performance telemetry:

  • Sentry — error and crash telemetry. When a JavaScript error occurs, Sentry may send a report including the error message, stack trace, page URL, and browser/device context. We configure Sentry to scrub raw image bytes and authentication headers from these reports, so the image payload and security tokens are not transmitted in the error event.
  • Web Vitals (Real-User Monitoring) — anonymized Core Web Vitals (such as LCP, CLS, INP, FCP, TTFB) are measured in your browser and reported as events through Google Analytics 4 to monitor page performance. This is performance data, not personal content.

7. Third-Party Data Processors

The table below lists every third-party processor we rely on, the data it receives, its purpose, its default retention, and how to opt out. Retention periods reflect each vendor's documented defaults and may change; consult each vendor's policy for the authoritative figure.

Processor Data received Purpose Default retention Opt-out
Google Tag Manager (GTM-MDF9XQT9) Page/event metadata, IP, device info Tag management (loads analytics tags) No storage of its own; governs other tags Decline analytics consent; block GTM
Google Analytics 4 (G-BQ6CMELDX2) IP, device/browser, usage events, geo (city-level) Product & traffic analytics ~14 months (event data) Decline analytics consent; GA opt-out
Ahrefs Analytics Aggregated, privacy-light traffic signals Privacy-friendly traffic measurement Aggregated; no individual profiles Block the analytics script
ContentSquare Interaction data, IP, session replay (may include rendered image) Session replay & heatmaps ~30 days Decline consent; vendor opt-out
Hotjar (ID 726604) Interaction data, IP, session recording (may include rendered image) Session recordings & heatmaps ~365 days Decline consent; Hotjar opt-out page
Microsoft Clarity Interaction data, IP, session replay (may include rendered image) Session replay & heatmaps ~30 days Decline consent; block the script
Web Vitals RUM (via GA4) Anonymized performance metrics Real-user performance monitoring ~14 months (via GA4) Decline analytics consent
Cloudflare IP, request metadata, access logs CDN, hosting, WAF, security Short-lived logs (vendor default) Required infrastructure (not optional)
Cloudflare Turnstile IP, browser signals, challenge tokens Bot/abuse verification (CAPTCHA) Transient (per challenge) Required to use the API
jsDelivr / Cloudflare R2 IP, browser info (asset/model delivery) CDN delivery of libraries & AI models Standard CDN logs Required for on-device processing
Inference API (api.remove-bg.io) Image bytes, filename, content type, IP Background removal (in-memory) Image discarded after inference (not stored) Use on-device fallback
Rotation Worker Request signals (no image content) Anti-abuse / request integrity Transient Required to use the API
Sentry Error message, stack, URL, device context (image bytes + auth headers scrubbed) Error & crash telemetry ~90 days Block the script; contact us
IndexNow / Bing Published URLs only (no user data) Search-engine URL submission N/A (no personal data) N/A

Each processor handles data under its own privacy policy, which we encourage you to review. Where required, these vendors act as our data processors / service providers under written terms.

8. Cookies & Local Storage

We and our analytics processors use cookies and client-side storage. The following are the principal items:

8.1 Cookies set by third parties

  • Google Analytics 4: _ga, _ga_* — distinguish visitors and track sessions.
  • Hotjar: _hj* cookies (e.g. _hjSession*, _hjAbsoluteSessionInProgress) — session recording and heatmap state.
  • ContentSquare: _cs* / UXA cookies — session replay and experience analytics state.
  • Cloudflare / Turnstile: may set cookies for security, load balancing, and bot verification.

8.2 Local storage keys (stay in your browser)

We store the following keys in localStorage; this data is not transmitted to our servers:

  • rmbgConsent — your consent-banner choice.
  • rmbgDarkMode — your light/dark theme preference.
  • rmbgRecent — thumbnails of your recent images (kept locally for convenience).
  • rmbgRecipes — your saved background/effect/size combinations.
  • rmbgBrandAssets — your brand kit (colors, logos, fonts).
  • rmbgUsage — local control-usage counts that drive UI personalization (not uploaded).

We also use sessionStorage for transient in-session state, the Cache API (under onnx-model-*) to cache the on-device AI model, and IndexedDB to cache your processed images (original and result) locally in your browser. This image cache stays on your device and is cleared by clearing site data.

We do not run advertising cookies or ad-network tracking pixels. We do, however, run the analytics and session-replay cookies/scripts described above.

9. How We Use Your Information

The information described above is used to:

  • Provide the background-removal service and return your result.
  • Understand usage patterns and replay sessions to improve quality, usability, and performance.
  • Diagnose, reproduce, and fix bugs and crashes.
  • Enforce rate limits and prevent abuse (including via Turnstile and the rotation worker).
  • Ensure platform security and stability.
  • Comply with legal obligations.

10. Legal Bases for Processing (GDPR)

For users in the European Economic Area, the United Kingdom, and similar jurisdictions, we rely on the following legal bases:

  • Legitimate interest — providing, securing, and maintaining the Service, including in-memory image processing, abuse prevention, and essential infrastructure logging.
  • Consent — analytics, session replay, and behavioral tracking (Google Analytics 4, Hotjar, ContentSquare, Microsoft Clarity, Ahrefs). Where consent is required, these tools load only after consent is given, and you may withdraw consent at any time.
  • Legal obligation — where we must process data to comply with applicable law.

11. Data Sharing & International Transfers

We do not sell, rent, or trade your personal data. We share data only with the third-party processors listed in Section 7, each acting under its own privacy policy and, where applicable, as our processor/service provider. In addition, we may disclose information to comply with lawful requests from government or regulatory authorities, or in connection with a merger, acquisition, or asset sale (subject to confidentiality).

International transfers. Our processors operate globally, and your information (including, in full-capture mode, session replays that may contain your rendered image) may be processed in the United States, the European Union, and other countries. Where data is transferred internationally, the relevant vendors rely on recognized transfer mechanisms such as the EU Standard Contractual Clauses and applicable adequacy frameworks.

12. Your Rights

Depending on where you live, you may have rights under the GDPR, the UK GDPR, the CCPA/CPRA, and similar laws, including:

  • The right to access, correct, and delete personal data we or our processors hold.
  • The right to data portability and to restrict or object to processing.
  • The right to opt out of the "sale" or "sharing" of personal information (note: we do not sell or share personal data for cross-context behavioral advertising).
  • The right to withdraw analytics/session-replay consent at any time.
  • The right to request deletion of session replays and recordings — email support@remove-bg.io and we will work with the relevant vendor (Hotjar, ContentSquare, Clarity, or Sentry) to delete recordings associated with you.
  • The right to clear all locally stored data (cookies, localStorage, sessionStorage, IndexedDB image cache, and the cached AI model) through your browser settings at any time.

To exercise any of these rights, contact us at support@remove-bg.io. We will not discriminate against you for exercising your rights.

13. Security

We use technical and organizational safeguards to protect data, including:

  • Encryption in transit via HTTPS/TLS for all connections between your browser, Cloudflare, and our backend.
  • In-memory image processing — uploaded images exist only in RAM during inference and are discarded afterward, never written to persistent storage.
  • Cloudflare security services, rate limiting, Turnstile, and request-signing/anti-abuse controls.
  • Access controls that limit data access to authorized personnel only.

No method of transmission or storage is 100% secure, but we work to protect your information using industry-standard measures.

14. Children, Changes & Contact

Children. The Service is not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect personal data from them. If you believe a child has provided us data, contact us and we will delete it.

Changes. We may update this policy periodically. Material changes will be communicated through prominent notices on our website, and the "Last updated" date above will be revised.

Contact. If you have questions about this Privacy Policy, our data practices, or wish to exercise your rights, reach out to us: