Security
Many of the photos we handle are of children. We treat that responsibility seriously and build security in from the start.
Here's how we protect the images people choose to share with us.
Encrypted storage
Consented images are stored encrypted at rest.
Never public
Images are never shared publicly or sold — ever.
Encryption
Images are transmitted over encrypted connections (HTTPS) and stored encrypted at rest. Access is served through unguessable, non-listed links.
EXIF removal
Before an image is stored, we strip hidden metadata (EXIF) — including GPS location and device information — so it can't reveal where or how a photo was taken.
Limited staff access
Only a small number of trained reviewers can access stored images, and only for the purpose of reviewing and labelling training data.
Audit logging
Sensitive actions — consent granted, consent withdrawn, image stored, image removed — are recorded in an append-only audit trail so we can demonstrate what happened and when.
Data residency
Images and metadata are stored using reputable cloud infrastructure. Consent records are managed by a dedicated consent platform.
Deletion process
- Withdraw consent in the Privacy Centre at any time.
- The image is immediately flagged and excluded from future training and exports.
- It is then scheduled for permanent deletion.
- The deletion is recorded in the audit trail.
Responsible disclosure
If you believe you've found a security issue, please contact us so we can investigate promptly.
Manage your choices
View or withdraw consent and manage cookie preferences any time.
