Legal

Privacy Policy

Your privacy is fundamental to how we build Orlume. This document explains exactly what data we handle and, more importantly, what we don't.

Last Updated: March 26, 2026  |  Effective: December 1, 2025

At Orlume Vision Labs, privacy is not a feature we added after the fact. It is the foundation our entire architecture is built on. Orlume processes your photos locally on your device using WebGL2, WebGPU, and client-side AI models. Your images never leave your browser.

The short version: Orlume is a 100% client-side application. Your photos are processed by your GPU, inside your browser. We have no server infrastructure that touches your images. We cannot see your photos because they never reach us.

Technical Proof of Local Processing

Orlume's privacy guarantees are not just policy statements. They are enforced by the application's architecture. Here is verifiable evidence:

100% Client-Side

All image processing uses WebGL2/WebGPU shaders running on your local GPU. No server round-trips.

Zero Image Upload

Inspect your browser's Network tab while editing. You will see zero outbound image data.

Open Source Code

Our entire codebase is public on GitHub. Audit every line yourself at github.com/kunal0230/Orlume.

Verify It Yourself

You don't have to trust our promises. You can verify our privacy claims independently using any modern browser's developer tools:

  1. Open Orlume in your browser and press F12 to open DevTools
  2. Navigate to the Network tab and clear existing entries
  3. Upload a photo and perform any edits (relighting, color grading, background removal)
  4. Filter the Network tab for image types (PNG, JPEG, WebP, blob)
  5. Result: Zero outbound image requests. Every processing call is a local GPU operation.

Architecture: How Local Processing Works

When you upload an image, the following pipeline executes entirely within your browser's sandboxed environment:

// Simplified Orlume processing pipeline (client-side only)
const image = await loadImageFromFile(userFile); // File API - no upload
const depthMap = await runDepthModel(image); // ONNX Runtime - local GPU
const normals = computeNormals(depthMap); // WebGL2 shader - local GPU
const result = renderPBR(image, normals, light); // WebGPU - local GPU
downloadToDevice(result); // Blob URL - stays local
// Network calls: 0. Server uploads: 0. Data transmitted: 0 bytes.

Information We Collect

We collect the minimum amount of data necessary to operate and improve Orlume. Here is an exhaustive list:

Data Type Collected? Purpose Retention
Your photos Never N/A N/A (never leaves your device)
Image metadata (EXIF) Never N/A N/A
Facial recognition data Never N/A N/A
Editing history/actions Never N/A Session only (browser memory)
Page views & feature usage Anonymized Understand which features are used Aggregated, no individual profiles
Core Web Vitals Anonymized Performance monitoring (LCP, CLS, FID) Aggregated via Vercel Analytics
Browser & device type Anonymized Optimize for common environments Aggregated, not linked to individuals

Information We Never Collect

To be absolutely clear, Orlume does not collect, process, store, or transmit:

  • Your photos or edited images in any form
  • Image contents, thumbnails, or previews
  • EXIF metadata (GPS location, camera model, timestamps)
  • Facial features or biometric data
  • Clipboard contents
  • Local file system paths
  • Contacts, calendar, or other personal data
  • Browsing history outside of Orlume

AI Model Privacy

Orlume uses multiple AI models for features like depth estimation, segmentation, and background removal. All of these models run locally:

  • Depth Anything V2 (ViT-Small): Downloaded once, cached in IndexedDB, runs entirely via ONNX Runtime Web on your GPU. No inference API calls.
  • SegFormer B0 (Semantic Segmentation): Same local execution model. The 150-class ADE20K model runs in your browser.
  • Background Removal: Uses a client-side TensorFlow.js model. Your photos are never sent to any cloud API.

Model weights are downloaded from public CDNs (Hugging Face) over HTTPS the first time you use a feature. After the initial download, models are cached locally and no further network requests are made.

Third-Party Services

Orlume uses a minimal set of third-party services. Here is a complete, transparent list:

Service Purpose Data Shared Privacy Policy
Vercel Hosting & edge delivery Standard HTTP request data (IP, user-agent) vercel.com/privacy
Vercel Analytics Anonymized performance metrics Page views, Web Vitals (no personal data) vercel.com/analytics/privacy
Google Fonts Typography (Inter font family) Standard HTTP request data Google Privacy Policy
Hugging Face CDN AI model weight delivery Standard HTTP request data (one-time download) huggingface.co/privacy

We do not use Google Analytics, Facebook Pixel, advertising trackers, or any personal data brokers.

Cookies & Local Storage

Orlume uses minimal browser storage, exclusively for functional purposes:

  • IndexedDB: Cached AI model weights (so you don't re-download them every session)
  • LocalStorage: Editor UI preferences (panel layout, last-used tool)
  • Session storage: Temporary editing state (cleared when you close the tab)

We do not use tracking cookies, advertising cookies, or cross-site cookies of any kind.

Data Security

Although we collect minimal data, we take security seriously for what we do handle:

  • HTTPS everywhere: All connections to orlume.io use TLS 1.3 encryption
  • No database of user data: We do not maintain a user database since there are no accounts
  • Content Security Policy: Strict CSP headers prevent cross-site scripting attacks
  • Open source: Our entire codebase is auditable at GitHub
  • No server-side image processing: There is no server endpoint that accepts image data

Children's Privacy

Orlume does not knowingly collect personal information from children under 13. Since Orlume requires no account creation and collects no personal data, children can use the editor safely. The anonymized analytics we collect cannot identify any individual user, regardless of age.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your data:

  • Right to access: Request a copy of any data we hold about you
  • Right to deletion: Request that we delete any data associated with you
  • Right to portability: Receive your data in a machine-readable format
  • Right to object: Object to the processing of your data for specific purposes
  • Right to restriction: Request that we limit how we use your data

In practice, because we collect almost no personal data and maintain no user accounts, most of these rights are already satisfied by default. If you have any concerns, contact us and we will respond within 30 days.

Changes to This Policy

We may update this privacy policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Our commitment to local-first, privacy-respecting architecture will not change.

Contact Us

If you have any questions, concerns, or requests related to this privacy policy, please contact us:

We aim to respond to all privacy-related inquiries within 30 business days.