Security. Files Stay on Your Device.
Files stay on your device. Image data is processed locally in your browser, not on our servers. No uploads, no accounts, no analytics, no third-party scripts. Verify in 30 seconds with DevTools.
On-device by design
Your image is read from disk straight into a browser File object, decoded by the browser image decoder, and rendered into HTMLCanvasElement instances. From there every crop, resize, filter, and re-encode happens locally in your tab. Nothing in this image-processing pipeline talks to a server. The ZIP is built client-side using JSZip and triggered as a download with a Blob URL. The page itself is served by Cloudflare, who sees only standard request metadata for the page URL, never your image data.
Verify it yourself
Open browser DevTools, switch to the Network tab, throw an image into Dropmatico, and download the ZIP. You will see asset and font requests for the page itself, and zero outbound requests carrying your image bytes. The same thing works in private browsing mode and on a fresh profile. Disconnect from the internet after the page loads, and the editor still resizes and exports.
No accounts, no tracking cookies
There is no login, no session token, no profile. Dropmatico does not load Google Analytics, Google Tag Manager, or any third-party analytics. Browser localStorage holds your saved presets and a record of dismissed UI prompts, scoped to the dropmatico.com origin only. Clear localStorage and you reset to a fresh install. There is no server-side record of your usage tied to your identity.
What this means for sensitive content
Product photography under embargo, brand assets pre-launch, internal documents, screenshots with PII, identity documents being prepared for a verification flow. None of it leaves your machine while you edit, so there is no cloud cache to leak from. The downloaded ZIP is yours alone, generated client-side.
Threat model in plain English
The smallest possible attack surface is one where there is no server holding user data. Dropmatico aims for that. The remaining surface is the browser itself: a malicious extension could read canvas pixels, a compromised browser build could exfiltrate clipboard contents. We can not protect against either, but neither is something a server-based competitor handles either. Within the in-browser scope we control, we ship no analytics, no third-party scripts that touch image data, and no callbacks that POST file contents anywhere.