Privacy Policy

1. Overview

This Privacy Policy explains how Cromavo handles your data. We take your privacy seriously and process as little personal data as possible.

Key point: Cromavo processes all photos entirely in your web browser. No images are uploaded to our servers. Your photos never leave your device.

2. Controller

Thomas Harnisch
Königskinderweg 74f
22457 Hamburg, Germany
Email: [email protected]

3. Data We Collect

3.1 Server Log Files

Our hosting provider automatically collects:

• Browser type and version
• Operating system
• Referring URL
• Hostname of the accessing device
• Time of the server request
• IP address

Legal basis: Art. 6(1)(f) GDPR. Retention: approx. 7 days.

3.2 Photos and Images

All photos you use in Cromavo are processed exclusively in your browser using client-side JavaScript (HTML5 Canvas). No images are transmitted to or stored on our servers.

3.3 No Cookies, No Tracking

Cromavo does not use cookies, analytics tools, or tracking scripts.

4. Third-Party Services

Cloudflare

We use Cloudflare (Cloudflare Inc., San Francisco, USA) as CDN and security service. Cloudflare is certified under the Data Privacy Framework. More info: Cloudflare Privacy Policy.

Google Fonts

This website uses Google Fonts for typography. When you visit the site, your browser loads fonts from Google servers, transmitting your IP address. Legal basis: Art. 6(1)(f) GDPR. Google's privacy policy: https://policies.google.com/privacy.

5. Your Rights (GDPR)

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)

Contact: [email protected]. You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

Last updated: February 2026