Skip to content
Magic Eraser LogoMagic Eraser
← Retour au blog
Company10 min de lecture

How Magic Eraser Handles Your Photos: Privacy, Retention, Deletion

What happens to a photo when you upload it to Magic Eraser. Where it's stored, how long it's kept, who can see it, what we don't do with it, and how you can delete everything yourself.

M
Magic Eraser Team

Trust & Safety

How Magic Eraser Handles Your Photos: Privacy, Retention, Deletion

Every time someone uploads a photo to an AI photo editing tool, they hand over an unusually personal piece of data. Faces, locations, products, documents, sometimes children. The standard industry response to questions about what happens next is a paragraph of marketing language followed by a privacy policy in fine print. We think that's the wrong way to earn trust. The right way is to tell you, in plain English, exactly what Magic Eraser does with your photo from the moment you upload it until the moment it's deleted. This page is that explanation.

Three principles drive every data decision we make. First, your photo is yours, not ours. We process it to deliver the edit you asked for and we don't repurpose it. Second, we retain the bare minimum needed for the edit to work. We delete the rest on a schedule you can verify. Third, you can delete everything yourself at any time, without contacting support, and the deletion is real (not soft-flagged). The rest of this article walks through how those three principles translate into specific technical and operational behavior.

If you have a specific question that this article doesn't answer, our privacy policy at /privacy is the authoritative source. This article explains it in conversational language, but the policy is the legal document. For data subject requests under GDPR or CCPA, see the 'Your rights and how to use them' section at the end.

  • Uploaded photos are processed to produce the edit you requested and retained for up to 30 days for in-app history; you can delete sooner from your account.
  • We do not use your photos to train models. Full stop. Training data comes from licensed datasets and synthetic sources, never user uploads.
  • Photos are encrypted in transit (TLS 1.3) and at rest (AES-256). Storage is region-aware where regulation requires it (EU data stays in EU regions).
  • You can delete every photo, edit, and account artifact yourself from Settings → Privacy → Delete my data; deletion is irreversible and cascades across all systems within 72 hours.
  • GDPR / CCPA / equivalent regional rights are honored without distinction; you do not need to be in a covered jurisdiction to use the same data tools.

What happens when you upload a photo

When you tap upload or drag a photo into Magic Eraser, the image is sent from your device to one of our processing servers over an encrypted TLS 1.3 connection. The server stores the original image in object storage (encrypted at rest with AES-256), runs the model you requested. Background removal, object erase, AI fill, boost, whatever was asked — and writes the result alongside the original. Both are encrypted. The original is needed so you can re-edit without re-uploading. The result is needed so you can download or share what you just made.

We log the operation: which user account, which photo identifier, which model, when, and how long it took. We do not log the contents of the photo. The operational log is used for two things. Billing (so we can bill credits accurately) and incident response (so we can investigate if something goes wrong). The log is retained for 90 days and then automatically purged.

If you're using Magic Eraser as a logged-out guest (browser session, no account), the photo is still processed. It's tied to a short-lived session token instead of a persistent account. Guest photos are deleted within 24 hours regardless of any other setting. We cannot retain them past that window because we have no account to tie them to.

  • TLS 1.3 in transit, AES-256 at rest — every photo, every time.
  • Original + result both stored so re-editing doesn't require re-uploading.
  • Operational log captures the operation, not the photo contents; retained 90 days then purged.
  • Guest (logged-out) uploads are deleted within 24 hours, no exceptions.

How long photos are retained

For logged-in accounts, photos are retained in your private edit history for up to 30 days by default. The 30-day window is for in-app convenience. You can come back, find the edit you made last week, and tweak or re-download it without starting from scratch. After 30 days the photo and the edit are both automatically deleted from our active storage. Within an extra 30 days they are deleted from encrypted backups as well. The total worst-case retention window is 60 days from upload.

You can shorten this window. In Settings → Privacy you can set the retention to 'delete right away after download' (0 days), 7 days, or the default 30 days. The setting applies to all future uploads, and a one-click 'delete history now' button purges every photo currently in storage. Setting retention to 0 means you cannot re-edit; we accept that trade-off if you do.

For business accounts on team plans, the retention policy is configurable by the account admin and is binding on all team members. If your admin sets a 7-day retention, every team member's uploads are deleted on that schedule whether they personally configured it or not. This is how legal and compliance teams should configure their Magic Eraser deployment.

  • Default 30 days in active storage; 30 more in encrypted backups; 60 days worst case.
  • Configurable per-account: 0 days, 7 days, or 30 days. Setting persists across all future uploads.
  • One-click 'delete history now' purges all stored photos immediately.
  • Team plan admins set retention for the whole team; binding on all team members.

What we don't do with your photos

We do not train models on user uploads. This is the single most-asked question about AI photo editing tools. We want the answer to be unambiguous: zero photos uploaded by users have ever been used to train, fine-tune, or evaluate any model Magic Eraser uses. Training data comes from three sources only: commercially licensed image datasets where the licensing explicitly permits ML training, synthetic data we generate internally. A small set of public-domain images where the public domain status is verifiable.

We do not share photos with third parties. Photos are processed exclusively by infrastructure we operate (running models we license or build). They are not sent to OpenAI, Google, Anthropic, or any other third-party AI vendor. The only third party that touches photo bytes is our cloud storage provider (AWS in most regions, with GCP for EU regions). They touch only encrypted data that they cannot decrypt without our keys.

We do not sell photos, photo metadata, or aggregate analytics derived from photos. Our revenue comes from subscriptions and one-time credit purchases. There is no advertising business attached to Magic Eraser. There are no broker contracts with data resellers. We do not run a separate API offering photos to anyone for any purpose.

We do not scan photos for content recognition outside the immediate edit operation. We do not run face recognition on uploads, we do not run automated content moderation models that build user-level profiles. We do not log keyword tags derived from your photos. The model that runs is the one you invoked; nothing else.

  • Photos are never used to train models. Training data comes from licensed datasets and synthetic sources only.
  • Photos are never shared with third-party AI vendors — they stay inside infrastructure we operate.
  • Photos are never sold; there is no advertising or data-broker side business.
  • No background content scanning, face recognition, or user-level tagging outside the immediate edit.

Where photos are stored and which region they sit in

Photo storage is region-aware. EU-resident users have their photos stored in EU-region object storage. US-resident users in US regions. And we maintain APAC regional storage for users in that part of the world. Region is determined by the IP geolocation of your account at the time of upload, not by the location of your device when you upload (which can differ when traveling). If you create an account from the EU, your photos stay in EU storage even if you upload them while traveling in the US.

Cross-region transfer happens only when explicitly requested. For example, if you export your full data as part of a data subject request and choose to download to a different region. In normal operation, photos do not leave the region they were stored in. This matters for GDPR, the Swiss FADP. Brazilian LGPD compliance, all of which restrict transfer of personal data outside the originating region without specific contractual safeguards in place.

Backups follow the same regional rules. EU photos back up to EU regions. US photos back up to US regions. APAC photos back up to APAC regions. There is no global backup that aggregates user data across regions.

  • Photos stored in the region of the user's account: EU, US, or APAC.
  • Region determined by account-creation IP, not upload-time IP.
  • No cross-region transfer in normal operation; required for GDPR, Swiss FADP, Brazilian LGPD compliance.
  • Backups stay in the originating region; no cross-region aggregate backup exists.

How to delete everything yourself

Every Magic Eraser account has a self-service deletion path that does not require contacting support. From the web app: Settings → Privacy → 'Delete my data'. From the mobile apps: Settings → Account → 'Delete my data'. The action requires re-entering your account password as a confirmation step (to prevent accidental deletion by someone who briefly has access to your unlocked device) and then issues the deletion.

Deletion cascades across all systems within 72 hours. Active object storage (the place where your photos sit) is purged right away. Encrypted backups are flagged as 'to be deleted' right away and are physically deleted on the next backup-rotation cycle. Is at most 72 hours. Operational logs that reference the photo (which contained the photo identifier but not the photo contents) are scrubbed within the same window. After 72 hours, no system at Magic Eraser holds a record of your photos that can be recovered.

Deletion is irreversible. Once you trigger it, we cannot bring your photos back even if you change your mind tomorrow. This is intentional — recoverable deletion is not deletion. If you might want your photos later, do not use the 'delete my data' button; just stop uploading. Account inactivity does not trigger automatic deletion (other than the per-photo retention rules above). An inactive account simply sits there with whatever retention setting it had.

  • Self-service deletion: Settings → Privacy → 'Delete my data' (web), Settings → Account → 'Delete my data' (mobile).
  • Password re-entry required to prevent accidental deletion.
  • Active storage purges immediately; backups within 72 hours; operational logs in the same window.
  • Irreversible — recoverable deletion is not deletion.

Your rights and how to use them

Under GDPR (EU), CCPA (California), the Swiss FADP, the Brazilian LGPD. Several other regional privacy laws, you have a defined set of rights: access (a copy of all data we hold about you), portability (that copy in machine-readable format), correction (fixing inaccurate data), deletion (the right we've already covered), and the right to object to or restrict certain processing. We honor all of these for every account regardless of where you live. You do not need to be in a covered jurisdiction to use them.

To exercise any of these rights, the fastest path is in-app: Settings → Privacy → 'Export my data' produces a downloadable archive of every photo, edit, and account artifact within 7 days. For more complex requests (correction of specific records, restriction of specific processing, etc.) email privacy@magiceraser.live with your account email and a description of the request. We acknowledge within 72 hours and complete within 30 days, matching the GDPR statutory window.

If you believe we've mishandled your data and the in-app or email path hasn't resolved it, you have the right to file a complaint with your regional data protection authority. EU residents can contact their national DPA. California residents can complain to the California Attorney General. Users in other jurisdictions can contact the equivalent authority. We will not retaliate against any user who files a complaint and will cooperate fully with any regulator inquiry that follows.

  • Access, portability, correction, deletion, and restriction rights — honored for every account, every region.
  • Fastest path: in-app Settings → Privacy → 'Export my data' for an exportable archive within 7 days.
  • Complex requests: privacy@magiceraser.live, acknowledged in 72 hours, completed in 30 days.
  • Regional DPA complaint rights preserved; no retaliation, full cooperation with any inquiry.

Sources

  1. General Data Protection Regulation (EU GDPR) European Union
  2. California Consumer Privacy Act (CCPA) California Office of the Attorney General

Découvrir les outils liés

Suppression d'objetsSuppression d'arrière-planAI FillAI Enhance

Découvrir les cas d'utilisation associés

Supprimez les objets indésirables de vos photos immobilières en quelques secondesDes Photos Produits Impeccables Qui Font VendreRetouchez Vos Photos Instagram, TikTok & Réseaux Sociaux avec l'IACréez des Photos d'Identité Parfaites avec l'IASupprimez le texte, les légendes, les horodatages et les incrustations de vos photosDes Visuels Marketing Comme Si Vous Aviez un DesignerCréez de l'Art IA Époustouflant pour les Réseaux SociauxRetouche photo de mariageRetouche photo de trombinoscopeRetouche photo automobilePhotographie culinairePortraits professionnelsRetouche photo d'animauxHome staging virtuelPhotos de menu restaurantMiniatures YouTubeRetouche photo de voyageÉpingles PinterestCréateurs de cours en lignePodcasteursAuteursRédacteurs de newsletterPhotos de cabinet dentairePhotos de sinistres d'assuranceNumérisation d'archives muséalesContenu d'influenceur modePortfolio de design d'intérieurProduction de trombinoscope scolaireVisuels de collecte de fondsPhotos de transformation fitnessPortfolio de tatoueurDocumentation restauration automobilePhotos de suivi de chantierPhotographie de bijouxCatalogue de pépinièreRestauration de photos généalogiquesFlux de travail photographe événementielPhotos de gestion immobilièreReproductions d'art impriméesPhotographie sportivePhotos de clinique vétérinaireCatalogue d'antiquairePhotos de crèche et d'écolePortfolio de salon de coiffurePortfolio de paysagistePhotos pour sites de rencontrePhotos funéraires et commémorativesPhotos de revente et friperiePhotos d'artisanat fait mainPhotos promo musiciens

Comparaisons associées

Magic Eraser vs TouchRetouch : quel outil de suppression d'objets choisir ?Magic Eraser vs Cleanup.picturesMagic Eraser vs remove.bg

Articles associés

Tendances IA
L'avenir de l'IA dans l'entreprise

Découvrez comment l'IA transforme les opérations, de l'automatisation à l'analyse des données et à une expérience client plus personnalisée.

Tutoriels
Comment utiliser Magic Eraser

Apprenez à utiliser Magic Eraser pour supprimer plus vite et plus proprement les éléments indésirables d'une photo.

Outils de design
Figma Translate Plugin : localiser plus vite dans Figma

Découvrez comment utiliser un plugin de traduction Figma pour localiser des fichiers de design plus rapidement tout en gardant le layout sous contrôle.