Privacy Policy
Last updated: March 2026
Data Controller
1PrimeSystems - Tom Silas Helmke
Tom Silas Helmke
c/o Online-Impressum #4746
Europaring 90, 53757 Sankt Augustin
Email: tshfm78@gmail.com
Supervisory Authority
Data Protection Authority of North Rhine-Westphalia (LDI NRW)
Postfach 20 04 44, 40102 Düsseldorf
https://www.ldi.nrw.de
Principle: Data Minimization and Local Processing
MetaDataGone was built according to "Privacy by Design." File contents and metadata are processed locally in the browser. Technically required connections to third-party providers (e.g., OpenStreetMap, LemonSqueezy, Vercel) may involve personal data such as IP addresses.
a) No File Uploads
All files you select are processed exclusively locally in your browser (client-side). At no point are files, file contents, or metadata transmitted to our servers or third-party servers.
b) No Cookies
We do not set first-party cookies for analytics, tracking, or marketing. When external services are used (e.g., OpenStreetMap, LemonSqueezy, Ko-fi/PayPal), those providers may set their own cookies.
c) No Tracking or Analytics
We do not use analytics tools (no Google Analytics, no Matomo, no Plausible, no other tracking) and do not create user profiles. Technically necessary server logs at hosting or third-party providers are unaffected by this.
d) No User Accounts
MetaDataGone does not require registration or login. No email addresses, usernames, or passwords are stored.
e) No Disclosure to Third Parties
File contents and metadata are not disclosed. Technically required transfers to the service providers listed below (OpenStreetMap, LemonSqueezy, Vercel, Ko-fi/PayPal) occur only to the extent necessary.
License Key Verification
When you enter a Premium license key, it is transmitted to our server for verification. Payment processing is handled by LemonSqueezy (Lemon Squeezy LLC). LemonSqueezy acts as the merchant of record and handles payment processing and tax remittance. We only receive whether a license key is valid, but no payment data, no contact data, and no names. LemonSqueezy privacy policy: https://www.lemonsqueezy.com/privacy
During verification, we process only technical license data (license status, license tier Personal or Professional, expiry date expires_at, and activation status). Payment data, invoice data, and full customer data are not transferred to us. Reverification runs at regular intervals, at least every 7 days.
Local Storage
Technical state values are stored locally in the browser, in particular `mdg_license` (license status/tier), `mdg_theme` (theme preference), and session values such as `mdg_backoff` and `mdg_free_strip_count`.
This storage is technically necessary, occurs exclusively on your device, and does not require consent under Art. 6(1)(f) GDPR.
External Services
a) OpenStreetMap
If your analyzed file contains GPS coordinates, map tiles are loaded from OpenStreetMap. Your IP address may be transmitted to the servers of the OpenStreetMap Foundation (OSMF), St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. The GPS coordinates themselves are NOT transmitted to OpenStreetMap. They are only used locally in your browser to position the map view.
As a third-party provider, OpenStreetMap may set its own cookies. Scope and purpose are governed by OSMF policies.
OSMF Privacy Policy: https://wiki.osmfoundation.org/wiki/Privacy_Policy
The GPS map is only loaded when GPS data is found in your file. If you do not want this, you can ignore the map area. Metadata removal works without the map.
When using the GPS edit feature, location search is performed via Nominatim (OpenStreetMap). Your entered search query and IP address are transmitted to OpenStreetMap servers. This only happens when you actively search for a place.
OpenStreetMap privacy policy: https://wiki.osmfoundation.org/wiki/Privacy_Policy
b) LemonSqueezy (Premium purchase only)
If you purchase a license key via LemonSqueezy, LemonSqueezy processes your payment data as the merchant of record. For license verification, our API (`/api/verify-license`) sends the entered key to LemonSqueezy. We only receive the verification status, license tier, and expiry date.
LemonSqueezy privacy policy: https://www.lemonsqueezy.com/privacy
c) Vercel (Hosting)
This website is hosted by Vercel Inc. Vercel may create server logs in the course of technically providing the website, which may contain IP addresses. We do not have access to these logs and have configured processing to the technically necessary minimum. The server location is Frankfurt, Germany (EU).
Vercel Privacy Policy: https://vercel.com/legal/privacy-policy
d) Ko-fi / PayPal (voluntary donations)
If you use the donation link, you are redirected to Ko-fi. Ko-fi may use PayPal or other payment services to process payments. The privacy policies of those providers apply.
e) Fonts
All fonts used (Inter, JetBrains Mono) are bundled locally. NO external font services such as Google Fonts are called.
Your Rights
Under Art. 15-21 GDPR, you have rights including access, rectification, erasure, restriction of processing, and objection. For questions or to exercise your rights, contact us at tshfm78@gmail.com
You have the right to lodge a complaint with the competent supervisory authority (Data Protection Authority of North Rhine-Westphalia) if you believe that the processing of your personal data violates the GDPR.
8. Technical Notes and Limitations
- Steganographic watermarks or hidden pixel-level payloads are not reliably detected or removed by standard browser-based methods.
- Filenames and path information are not embedded file metadata and are not changed by the cleanup process.
- Animated GIF files are exported as a static image during cleanup; animation frames are lost.
- HEIC files (iPhone) are converted to a browser-compatible JPEG format before metadata is removed and the result is verified.
Changes to this Privacy Policy
We reserve the right to update this privacy policy as needed. The current version is always available on this page.