Skip to main content
CESDK/CE.SDK/FAQ

Data Privacy and Retention in CE.SDK

An overview of IMG.LY's data privacy and retention policies for CE.SDK.

At IMG.LY, we prioritize your data privacy and ensure that apart from a minimal contractually stipulated set of interactions with our servers all other operations take place on your local device, with only minimal, contractually stipulated interaction with our servers. Below is an overview of our data privacy and retention policies:

Data Processing#

All data processed by CE.SDK remains strictly on your device. We do not transfer your data to our servers for processing. This means that operations such as rendering, editing, and other in-app functionalities happen entirely locally, ensuring that sensitive project or personal data stays with you.

Data Retention#

We do not store any project-related data on our servers. Since all data operations occur locally, no information about your edits, images, or video content is retained by CE.SDK. The only data that interacts with our servers is related to license validation and telemetry related to usage tied to your pricing plan.

License Validation#

CE.SDK performs a license validation check with our servers once upon initialization to validate the software license being used. This interaction is minimal and does not involve the transfer of any personal, project, or media data.

Event Tracking#

While CE.SDK does not track user actions other than the exceptions listed below through telemetry or analytics by default, there are specific events tracked to manage customer usage, particularly for API key usage tracking. We gather the following information during these events:

  • When the engine loads: App identifier, platform, engine version, user ID (provided by the client), device ID (mobile only), and session ID.
  • When a photo or video is exported: User ID, device ID, session ID, media type (photo/video), resolution (width and height), FPS (video only), and duration (video only).

This tracking is solely for ensuring accurate usage calculation and managing monthly active user billing. Enterprise clients can opt out of this tracking under specific agreements.

Personal Identifiable Information (PII)#

The only PII that is potentially collected includes device-specific identifiers such as identifierForVendor on iOS and ANDROID_ID on Android. These IDs are used for tracking purposes and are reset when the user reinstalls the app or resets the device. No consent is required for these identifiers because they are crucial for our usage-based pricing models. This is covered by the GDPR as legitimate interest.

User Consent#

As mentioned above, user consent is not required when solely using the CE.SDK. However, this may change depending on the specific enterprise agreement or additional regulatory requirements. IMG.LY is committed to maintaining compliance with GDPR and other applicable data protection laws, ensuring your privacy is respected at all times. For details consult our privacy policy.