Privacy Policy
Effective date: April 28, 2026.
This policy covers both the Croplet iOS app and the Croplet web tool. It explains what is processed locally, when data may pass through third-party services or Croplet infrastructure, and what that means for your privacy.
In the iOS app, imported labels, previews, barcode detection, OCR, and exports are processed locally on your device.
When you upload a local file in the web tool, PDF handling and edits run in your browser on your device.
If you import a PDF by URL in the web tool, Croplet fetches that remote file through a server-side proxy and streams it back to the browser. The file is not intentionally stored as part of the normal flow. This is useful when hosts like Vinted serve labels from S3-backed URLs that the browser cannot fetch directly because of cross-origin rules.
Information Croplet processes
- The PDF files and contents you import into the Croplet iOS app or upload directly into the Croplet web tool.
- Recognized text and barcode data needed to detect, crop, preview, and export labels.
- Settings you choose, such as export format, DPI, and label preferences, which are stored locally on your device or in your browser.
- The remote URL you submit for web-tool URL import, and the fetched file contents needed to retrieve that document for your browser.
- Operational URL-import logs, including the endpoint name, event name, remote hostname, protocol, detected file extension, response content type, response byte size, and the reason for blocked or failed requests. For rate-limited requests, the log also includes the client IP address seen by the server.
- Purchase and entitlement status returned by Apple if you buy or restore Croplet Pro in the iOS app.
- Information you choose to include if you contact support, report a bug, or request a feature by email.
How information is used
- To crop, optimize, preview, and export shipping labels in the iOS app and web tool.
- To remember your preferences between sessions on your device or in your browser.
- To fetch a PDF from a remote source when you choose the web tool's URL import feature.
- To unlock and restore paid features through Apple's billing systems in the iOS app.
- To respond to support requests, bug reports, or feature requests that you send by email.
What Croplet does not do
- The Croplet iOS app does not send your imported shipping labels to a Croplet-operated server for processing.
- The Croplet web tool does not upload local-file imports to a Croplet-operated server for processing as part of normal in-browser editing.
- The Croplet web tool URL-import feature is the exception: the remote file is proxied through a Croplet-operated server so the browser can receive it.
- Croplet does not require an account.
- Croplet does not show third-party advertising.
Third parties
- Apple processes in-app purchases, subscription management, transaction verification, and related App Store services for theCroplet iOS app under Apple's own policies: Apple Privacy Policy.
- Netlify hosts the Croplet web tool and may process standard hosting, networking, and operational logs when you use the site. Netlify function logs are retained for 24 hours: Netlify Privacy Statement.
- If you use URL import in the web tool, the remote file host you specify will also receive a request for that file through Croplet's server-side proxy.
- If you use the email actions inside Croplet, your mail provider will also process the email you send.
Data retention
Imported documents and exported files remain under your control on your device and in locations you choose to save or share them. For web-tool URL imports, the requested file passes through a Cropletserver only to fulfill that request and is not intentionally stored as part of the feature's normal operation. The full submitted URL, URL query string, and PDF contents are not intentionally written to application logs. URL-import function logs are retained by Netlify for 24 hours. If you want full privacy, use a local-file import instead: download the PDF from Vinted first, then import it from Files or drag and drop. Other label platforms can have the same browser-access limitation, so local import is the safest option when you want everything to stay on your device. Support emails are retained for as long as reasonably necessary to respond, troubleshoot issues, and keep a record of product feedback.
Your choices
- You can remove app data by deleting the app and its local documents from your device.
- You can use local-file import instead of URL import in the web tool if you want your document handling to remain entirely in your browser. Download the PDF from Vinted first, then import it from Files or drag and drop.
- You can manage or cancel subscriptions through your Apple account settings.
- You can decide what information to include before sending an email from the app.
Contact
For privacy questions about Croplet, contact:
- Name: Umberto Ragone
- Email: umberto@ragone.dev