DrowPack does not use an upload server for ordinary image opening, resizing, ZIP creation, or standard SVG conversion. When you explicitly run an AI feature, a reduced copy of the current canvas and your prompt enter an external AI processing flow. Web hosting and advertising services may process ordinary web data such as IP addresses, cookies, and web beacons.
1. Scope and operator
This Policy applies to the DrowPack web tool and related pages available at drowpack.com. For questions about privacy, file processing, rights infringement, or this Policy, contact bagminjun341@gmail.com.
DrowPack currently does not require a member account, password, payment details, postal address, or telephone number. After you follow an external link, the external service's privacy policy governs its processing.
2. Files processed in the browser
PNG, JPG, WebP, SVG, PDF, and PDF-compatible Illustrator AI files selected for standard features are read and rendered into a canvas by the browser on your current device. The following tasks run in the browser by default:
- Image preview and aspect-ratio-preserving resize
- PNG and JPG saving, watermarking, and creation of the four-image package ZIP
- Creation of standard original-quality SVG and pure vector SVG
- Copying SVG code and creating SVGZ or result ZIP files
DrowPack does not store source uploads or generated results in a separate application database for these standard features. Output files are saved on the current device when you download them. Closing or refreshing the browser tab can clear the working state in memory, so you are responsible for retaining your source and required outputs.
3. When you run an AI feature
When you explicitly run AI image editing or AI-assisted SVG, the following data is sent to the DrowPack Worker and the configured AI provider:
- A PNG copy of the current preview canvas, reduced to a maximum long edge of 511px
- The editing instruction you entered, currently limited to 1,200 characters
- Ordinary network data and information required for error handling and rate limiting
As of July 19, 2026, the deployment uses Cloudflare Workers AI and the @cf/black-forest-labs/flux-2-klein-4b model. Deployment settings can change; the current value is available from the AI status endpoint.
The current DrowPack AI route does not include a step that stores content in R2, KV, Durable Objects, or a separate database, and API responses are configured not to be cached. Cloudflare nevertheless processes inputs and outputs to provide Workers AI. Cloudflare states in its own documentation that it does not use Workers AI Customer Content for model training or service improvement without explicit consent. Review the latest Workers AI data-use documentation and Cloudflare Privacy Policy.
Do not send identity documents, financial or medical data, confidential documents, faces used without consent, passwords, contact details, or images and prompts containing similar sensitive information to the AI feature. Remove sensitive areas first and use local-only features whenever appropriate.
4. Hosting and security logs
DrowPack uses Cloudflare Workers and static-asset hosting. In the course of routing site requests, blocking attacks, and diagnosing errors, Cloudflare may process access data such as IP address, request time, browser and device information, requested URL, and HTTP headers. This is infrastructure processing for service delivery and security, not the creation of a DrowPack member profile.
We use security headers, same-origin checks for AI requests, input-size limits, and rate limits, but no Internet transmission can be guaranteed absolutely secure. Keep your browser and operating system up to date and avoid sensitive work on shared devices.
5. Google advertising, cookies, and web beacons
DrowPack may use advertising services such as Google AdSense to support operations. When advertising is active, Google and third-party ad providers may use the following technologies and information to serve ads, control frequency, prevent abuse, measure performance, and decide whether personalization applies:
- Cookies or similar local identification technologies
- Web beacons, pixel tags, or advertising-request signals
- IP address, browser and device information, page URL, and access time
- Information associated with visits to this or other sites, within the scope of applicable consent and settings
Learn how Google uses information from partner sites in How Google uses information from sites or apps that use its services. You can manage personalized advertising through Google Ad Settings and delete or restrict cookies in your browser.
In the European Economic Area, the United Kingdom, Switzerland, and other regions where consent is required, a consent-management process required by Google may be shown. If you decline consent, non-personalized or limited advertising may still appear; behavior can differ according to applicable law and provider settings.
6. Email inquiries
If you send us an email, we may review your email address, information in your name or signature, the message, and any file you choose to attach in order to reply, investigate an error, handle a rights-infringement report, and maintain necessary records. Do not send sensitive information or source artwork that is not required to solve the problem.
Inquiry information may be retained for the period required for a response and follow-up. You may request deletion where there is no legal duty or dispute-preservation need. Your email provider's own retention and backup policies can also apply.
7. Children's privacy
DrowPack is not designed for children under 13 and does not intentionally collect children's accounts or profiles. A parent or guardian who believes a child has sent unnecessary personal information by email may ask us to review it for deletion.
8. Your choices and requests
- You can use all standard local features without running an AI feature
- You can restrict or delete advertising cookies through browser settings
- You can manage personalized advertising through Google Ad Settings
- You can ask whether an inquiry email can be accessed, corrected, or deleted
- You can report a page and specific reason when you suspect a privacy or rights infringement
We may request reasonable verification to protect the rights and identity of the requester. If applicable law, security, another person's rights, or a legal retention obligation prevents us from fulfilling all or part of a request, we will explain the reason.
9. Changes to this Policy
If features, AI providers, advertising, or legal requirements change, we may revise this Policy and update the date shown at the top of the page. We will also try to reflect material changes in data flow in the tool interface or related guides.
10. Contact
Questions about this Privacy Policy, AI data flow, advertising, or deletion requests: bagminjun341@gmail.com
