Privacy Policy

Last Updated: October 10, 2025

1. Introduction

ServeProxy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our image CDN service located at serveproxy.com (the "Service").

ServeProxy is a free image content delivery network that optimizes and caches images to improve website performance. We do not require user accounts, and we minimize data collection to only what is technically necessary to operate the Service.

2. Information We Collect

We collect minimal information necessary to operate the Service:

2.1 Automatically Collected Technical Data

  • IP Addresses: We temporarily store your IP address for rate limiting and abuse prevention purposes. IP addresses are stored in Redis for 10 minutes to 1 hour depending on usage patterns.
  • Image URLs: When you request an image through our Service, we process and temporarily log the URL of the requested image for caching and error tracking purposes.
  • Hostnames: We store the hostname (domain) of requested images in Redis for 7 days to maintain our service statistics.
  • Cache Data: Processed images are cached locally for 7 days and on Cloudflare's edge network for 14 days to improve performance.
  • Request Headers: Standard HTTP headers including browser type, referrer, and cache validation headers (ETags, If-Modified-Since) are processed but not permanently stored.

2.2 Information We Do NOT Collect

  • We do not use cookies or tracking pixels
  • We do not collect personal identification information (names, emails, phone numbers)
  • We do not create user profiles or track browsing behavior across websites
  • We do not collect payment information (the Service is free)

3. How We Use Information

We use the collected information solely for the following purposes:

  • Service Operation: To process, optimize, and deliver images through our CDN network
  • Rate Limiting: To prevent abuse by limiting requests to 5,000 uncached requests per 10 minutes per IP address
  • Caching: To store optimized images and reduce load times for subsequent requests
  • Error Logging: To diagnose technical issues and improve service reliability
  • Security: To protect against DDoS attacks, malicious requests, and service abuse
  • Service Statistics: To monitor overall service usage and performance

We do not use your information for advertising, marketing, or any purposes beyond operating the Service.

4. Data Storage and Retention

4.1 Storage Duration

  • IP Addresses: Stored in Redis for 10 minutes (rate limiting) to 1 hour (blocking), then automatically deleted
  • Hostnames: Stored in Redis for 7 days, then automatically deleted
  • Cached Images: Stored locally for 7 days and on Cloudflare's edge for 14 days, then automatically deleted
  • Error Logs: Retained for up to 30 days for debugging purposes

4.2 Data Location

Our servers are located in various data centers worldwide. We use Cloudflare's global CDN network, which means your data may be processed in servers closest to your geographic location for optimal performance.

5. Data Sharing and Third Parties

5.1 Cloudflare

We use Cloudflare as our CDN provider and for DDoS protection. When you use our Service, your request passes through Cloudflare's network. Cloudflare may collect certain information as described in their Privacy Policy.

5.2 No Data Selling

We do not sell, rent, or trade your information to third parties. We do not share your information with third parties except as necessary to operate the Service (Cloudflare) or as required by law.

5.3 Legal Requirements

We may disclose information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or law enforcement agencies).

6. Security Measures

We implement several security measures to protect the Service and your data:

  • HTTPS Enforcement: All images are served over HTTPS; HTTP URLs are automatically upgraded
  • Rate Limiting: Prevents abuse and protects against DDoS attacks
  • Content Validation: Images are validated before processing to prevent malicious content
  • SVG Sanitization: SVG files undergo script removal to prevent XSS attacks
  • Family-Safe DNS: We use Cloudflare's family DNS servers (1.1.1.3 and 1.0.0.3) to block access to harmful domains
  • URL Validation: Self-referential and invalid URLs are rejected

While we implement reasonable security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of data transmitted through the Service.

7. Your Rights and Choices

7.1 Access and Deletion

Since we do not collect personally identifiable information beyond temporary IP addresses, there is no persistent personal data to access or delete. All data collected is automatically deleted per the retention periods described in Section 4.

7.2 Opting Out

If you do not wish to use our Service, simply do not integrate ServeProxy into your website. Website owners who have integrated ServeProxy can remove it at any time by reverting to direct image URLs.

7.3 Do Not Track

Our Service does not track users across websites and does not respond to Do Not Track signals since we don't engage in tracking.

8. International Data Transfers

By using the Service, you consent to the transfer of your information to servers located worldwide, including in countries that may have different data protection laws than your country of residence. We rely on Cloudflare's global network, which complies with applicable data protection frameworks.

9. Children's Privacy

Our Service is not directed to children under the age of 13. We do not knowingly collect personal information from children. Since our Service does not require registration and we do not collect personally identifiable information, we have no way of determining the age of users.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

11. California Privacy Rights

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA). However, since we do not collect personal information beyond temporary IP addresses used for technical purposes, most CCPA provisions do not apply. We do not sell personal information.

12. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have certain rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process your data based on legitimate interests (service operation and security)
  • Data Minimization: We collect only the minimum data necessary
  • Automatic Deletion: All data is automatically deleted per retention schedules
  • Right to Object: You may object to processing by not using the Service

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Service: ServeProxy Image CDN

Website: https://serveproxy.com

Summary: ServeProxy is a privacy-focused service that collects minimal technical data necessary for operation. We do not track users, use cookies, collect personal information, or sell data. All collected data is automatically deleted per our retention schedules.