Simple Tools
⌘K
ENES

Privacy Policy

Last updated: 2026-06-17

This policy explains what data the Simple Tools Hub (“the Hub”, “we”) collects when you use it, why, and your rights. It reflects how the Hub actually works: most of our tools run entirely in your browser and never send your files to us. We aim for the GDPR baseline as a matter of good practice; this does not claim the Hub is a registered EU establishment.

Who we are & how to contact us

The Hub is operated by the individual behind “Simple Tools”. For privacy questions or data requests, contact us at [email protected].

What we collect & why

  • Client-side Tools (free): these tools process your files entirely in your browser. Your image and text bytes never leave your device and are never sent to our servers. The Hub does not host the content you process with these tools — there is nothing for us to store, see, or share.
  • Backend Tools (paid): when you use a paid tool, your file is uploaded directly to Backblaze B2 storage using a presigned URL — it bypasses our gateway, which only ever moves small JSON. The file is processed transiently in a container, and both the input and output are deleted automatically by a storage TTL (a lifecycle rule). We do not claim ownership of your content.
  • Analytics: we use Umami, configured to be cookieless with no personal data (no PII). It records anonymous, aggregate traffic and a few anonymous usage events (e.g. which tool was used). It does not identify you.
  • Account data: if you sign in, we use Google sign-in — the only personal data captured is what Google returns (email, name, avatar) plus a referral attribution string. Billing is handled by Polar as our Merchant of Record (Polar holds your payment/card details, not us). Account records are stored in Neon (managed Postgres).
  • Account activity events: for signed-in accounts we record a small number of first-party events (e.g. a tool run, a subscription change) keyed only to your account identifier — never to anonymous visitors.

Lawful basis (GDPR)

We rely on your consent when you choose to sign in with Google, and on contract and legitimate interest for billing and for keeping the service secure and working.

Cookies

The only cookie we set is a strictly-necessary session cookie for signed-in accounts (so you stay logged in) — it is exempt from consent requirements. Our analytics are cookieless, so there is no cookie-consent banner.

Who we share data with (processors)

  • Google — sign-in / authentication.
  • Polar — billing, as Merchant of Record.
  • Neon — managed Postgres database (account records).
  • Backblaze B2 — file storage for paid Backend Tools (deleted by TTL).
  • Our Umami analytics host — anonymous, cookieless traffic.

Retention

We keep account data for as long as your account exists. Files processed by Backend Tools are deleted automatically by the storage TTL. Analytics are anonymous and aggregate.

Your rights

Depending on where you live, you may have the right to access, correct, delete, export, or object to the processing of your personal data. To exercise any of these, email us at [email protected].

International transfers

Some of our processors (Google, Polar, Neon, Backblaze) may be based in the United States. Where personal data is transferred, it is covered by those providers’ own safeguards.

Children

The Hub is not directed at children under 16.

Open-source software

The Hub is built with open-source software; see our third-party notices for licenses and attribution.

Changes

We may update this policy; the “Last updated” date above reflects the latest version. See also our Terms of Service.