Privacy Policy

Last Updated: February 8, 2026

ImgOcean ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use imgocean.com (the "Service").

1. Information We Collect

1.1 Information You Provide

For Registered Users:

• Email address (required for account creation)
• Username (chosen by you)
• Password (encrypted and never stored in plain text)
• Optional profile information (name, bio, avatar image)

For Guest Users:

• No personal information is collected
• Only technical data (IP address, upload timestamp) is temporarily stored

Content You Upload:

• Images and associated metadata
• Image titles, descriptions, and tags (if provided)
• Album and gallery information (for registered users)
• Upload dates and file properties (size, format, dimensions)

Communications:

• Support requests and correspondence
• Feedback and survey responses
• DMCA notices and copyright complaints

1.2 Information Collected Automatically

Usage Data:

• IP address (anonymized after 90 days)
• Browser type and version
• Device information (type, operating system)
• Pages visited and time spent on the Service
• Referring/exit pages
• Date and time stamps

Cookies and Tracking:

• Session cookies (essential for functionality)
• Persistent cookies (for preferences like language, theme)
• Analytics cookies (to understand usage patterns)

Image Metadata:

• Upload timestamps
• File sizes and formats
• View counts and access statistics
• EXIF data (automatically stripped by default for privacy)

2. Data Retention by Account Type

Data Type	Guest Users	Registered Users
Uploaded Images	User preference - Up to forever	User preference - Up to forever
Personal Information	Not collected	While account active
IP Address	30 days (anonymized)	90 days (anonymized)
Access Logs	90 days	90 days
After Deletion	N/A (auto-deleted)	30 days

3. How We Use Your Information

We use collected information to:

3.1 Provide and Maintain Service

• Create and manage your account (registered users)
• Store and deliver your images
• Process uploads and downloads
• Provide customer support
• Send service-related notifications
• Implement automatic deletion of guest uploads after 3 months

3.2 Improve Service

• Analyze usage patterns and trends
• Develop new features based on user needs
• Optimize performance and loading speeds
• Fix bugs and technical issues
• A/B test new features and improvements

3.3 Security and Compliance

• Detect and prevent fraud, spam, or abuse
• Monitor for copyright infringement
• Enforce our Terms of Service
• Comply with legal obligations (DMCA, GDPR, etc.)
• Protect our rights, property, and users' safety
• Investigate and respond to copyright complaints

3.4 Communicate With You

• Respond to inquiries and support requests
• Send important updates about the Service
• Notify you of Terms or Privacy Policy changes
• Send account-related notifications (e.g., storage limits)
• Send promotional materials (with your consent, opt-out available)

3.5 Legal Basis for Processing (GDPR)

We process your data based on:

• Consent: When you agree to processing (e.g., marketing emails, account creation)
• Contract: To fulfill our obligations under our Terms of Service
• Legitimate Interests: To improve, secure, and operate our Service
• Legal Obligation: To comply with applicable laws (DMCA, copyright enforcement)

4. How We Share Your Information

4.1 Service Providers

We share information with trusted third-party service providers who help us operate the Service:

Backblaze B2 Cloud Storage:

• Purpose: Cloud storage for your images
• Data shared: Image files and metadata
• Location: EU (eu-central-003) for GDPR compliance
• Privacy: Backblaze Privacy Policy

CloudFlare CDN:

• Purpose: Content delivery network and DDoS protection
• Data shared: IP addresses, request data, cached content
• Privacy: CloudFlare Privacy Policy

Analytics Services (if applicable):

• Purpose: Understand usage patterns to improve the Service
• Data shared: Anonymized usage data (no personal information)
• We may use: Privacy-focused analytics (e.g., Plausible, Fathom)

4.2 Legal Requirements

We may disclose information if required to:

• Comply with legal processes (subpoenas, court orders, search warrants)
• Respond to DMCA takedown notices and copyright complaints
• Enforce our Terms of Service
• Protect rights, property, or safety of ImgOcean, users, or the public
• Prevent illegal activities or policy violations
• Cooperate with law enforcement investigations

4.3 Copyright Enforcement

When we receive a valid DMCA notice or copyright complaint, we may:

• Share user information (username, email, IP address) with the copyright holder
• Provide information to legal authorities investigating copyright infringement
• Disclose upload history for accounts with repeat violations

4.4 Business Transfers

If ImgOcean is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

4.5 Public Information

Content you choose to make public can be viewed by anyone:

• Public galleries and albums
• Images shared via public links
• Embedded images on external websites

Be mindful of what you share publicly. Public content may be indexed by search engines and cached by third parties.

5. Data Security

5.1 Security Measures

We implement industry-standard security measures to protect your information:

• Encryption in transit: All data transmitted via HTTPS/TLS
• Encryption at rest: Images and data encrypted on Backblaze servers
• Password security: Passwords hashed using bcrypt or Argon2
• Access controls: Strict employee access restrictions
• Regular audits: Security assessments and vulnerability scans
• DDoS protection: CloudFlare protection against attacks
• Monitoring: 24/7 monitoring for suspicious activity

5.2 Limitations

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information. You acknowledge that:

• Internet transmissions are never completely secure
• Unauthorized access or data breaches may occur despite our efforts
• You use the Service at your own risk

5.3 Your Responsibility

You are responsible for:

• Keeping your password confidential and secure
• Using a strong, unique password
• Logging out of shared or public devices
• Reporting security concerns promptly to security@imgocean.com
• Maintaining backups of important images

5.4 Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will:

• Notify affected users within 72 hours of discovery
• Notify relevant authorities as required by law (e.g., GDPR)
• Provide details about the breach and steps we're taking
• Offer guidance on protecting your account

6. Your Rights and Choices

6.1 Access and Download Your Data

You have the right to:

• Access all your personal information
• Download your data in a portable format (data export)
• Request a copy of data we hold about you

How to access: Visit your account settings or email privacy@imgocean.com

6.2 Correction and Updates

You can:

• Update your account information at any time in account settings
• Correct inaccurate information
• Request correction of data we hold

6.3 Deletion and Account Termination

You have the right to:

• Delete your account at any time
• Request deletion of specific images or albums
• Request deletion of all your personal information

Timeline:

• Immediate removal from active servers
• Complete deletion within 30 days
• Backup copies may persist up to 90 days

Note: Guest uploads are automatically deleted after 3 months without user action.

6.4 Opt-Out Rights

You can opt out of:

• Marketing emails: Click "unsubscribe" in any promotional email
• Analytics cookies: Use browser settings or privacy tools
• Data processing: Delete your account (terminates service access)

6.5 Data Portability

You can export your data in machine-readable formats:

• Download all images as a ZIP file
• Export metadata (titles, descriptions, tags) as JSON/CSV
• Transfer data to another service

6.6 GDPR Rights (EU Users)

If you're in the European Union, you have additional rights:

• Right to restriction: Limit how we process your data
• Right to object: Object to processing based on legitimate interests
• Right to complain: Lodge a complaint with your local data protection authority
• Right to withdraw consent: Withdraw consent at any time without affecting lawfulness of prior processing

6.7 CCPA Rights (California Users)

If you're in California, you have rights to:

• Know what personal information we collect, use, and disclose
• Request deletion of personal information
• Opt-out of sale of personal information (we don't sell data)
• Non-discrimination for exercising your privacy rights

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

Essential Cookies (Required):

• Session management and authentication
• Security features (CSRF protection)
• Basic functionality
• Cannot be disabled without breaking the Service

Preference Cookies (Optional):

• Remember your settings and preferences
• Language selection
• Theme choices (light/dark mode)
• Display preferences

Analytics Cookies (Optional):

• Track usage patterns (anonymized)
• Understand how you use the Service
• Improve performance and features
• No personal information collected

7.2 Managing Cookies

You can control cookies through:

• Browser settings: Block all cookies or specific types
• Privacy tools: Extensions like Privacy Badger, uBlock Origin
• Our cookie preferences: Manage non-essential cookies in settings

Warning: Disabling essential cookies will prevent you from using the Service.

7.3 Do Not Track (DNT)

Some browsers have "Do Not Track" features. Currently, we do not respond to DNT signals, but we respect all privacy controls you set in your account and browser.

8. Third-Party Links and Services

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for:

• Privacy practices of third-party websites
• Content on external websites
• Terms of service of third parties

We encourage you to review privacy policies of any third-party services you use.

9. Children's Privacy

9.1 Age Requirement

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

9.2 Parental Notice

If you believe we have collected information from a child under 13, please contact us immediately at privacy@imgocean.com. We will:

• Investigate the claim promptly
• Delete the information within 48 hours if verified
• Terminate the account if applicable

9.3 Parental Controls

Parents and guardians should monitor their children's online activities and use parental control tools to prevent access to services not intended for children.

10. International Data Transfers

10.1 Location of Data

Your data is primarily stored in:

• Primary storage: EU servers (Backblaze eu-central-003)
• CDN cache: CloudFlare global network (temporary)
• Backups: EU region

10.2 Cross-Border Transfers

If you're outside the EU, your data may be transferred internationally. We ensure adequate protections through:

• Standard Contractual Clauses (SCCs) approved by EU Commission
• Privacy Shield frameworks (where applicable)
• Appropriate safeguards as required by GDPR

10.3 Data Protection

Regardless of where data is processed, we maintain the same level of protection and comply with applicable data protection laws.

11. Changes to This Privacy Policy

11.1 Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

11.2 Notification

We will notify you of material changes by:

• Posting a prominent notice on the Service
• Sending an email to your registered address (if applicable)
• Updating the "Last Updated" date at the top of this page

11.3 Review Period

For significant changes, we will provide at least 30 days notice before the changes take effect. We encourage you to review this Privacy Policy periodically.

11.4 Continued Use

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

12. Contact Us

12.1 Privacy Questions

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Privacy Team: privacy@imgocean.com
General Support: support@imgocean.com
Security Issues: security@imgocean.com
DMCA/Copyright: dmca@imgocean.com
Website: https://imgocean.com

12.2 Response Time

We aim to respond to all privacy inquiries within:

• Urgent security matters: 24 hours
• GDPR/CCPA requests: 30 days (as required by law)
• General inquiries: 5 business days

12.3 Data Protection Officer (DPO)

For GDPR-related matters, you can contact our Data Protection Officer at: dpo@imgocean.com

12.4 Supervisory Authority (EU Users)

If you're in the EU and believe we've violated your privacy rights, you have the right to lodge a complaint with your local data protection supervisory authority:

• Find your local authority: European Data Protection Board
• You can also contact us first to try to resolve the issue

13. Your Consent and Agreement

By using ImgOcean, you consent to:

• This Privacy Policy and our collection, use, and disclosure of your information as described
• Our Terms of Service, which incorporate this Privacy Policy by reference
• The automatic deletion of guest uploads after 3 months
• Our copyright enforcement policies and investigation of infringement claims

← Back to ImgOcean