Privacy policy
Last updated: 30 June 2026
wemakeit.app is built around a simple idea: do the job, then get out of the way. We process the file you give us and delete it automatically. We do not track you, build a profile about you, or sell your data to anyone.
Who operates this service
wemakeit.app is operated by I. M. Shwartz, an individual operator ("we," "us," "our"). For privacy questions, contact us at privacy@wemakeit.app.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, wemakeit.app acts as the data controller for any personal data processed in connection with your use of the service, as defined under the General Data Protection Regulation (GDPR), Regulation (EU) 2016/679.
What we collect and why
Files you upload
When you use the GIF converter or sticker pack maker, you upload a file to our servers. That file is stored only long enough to process your request and make the output available for download. We do not read, index, or use your file for any purpose other than producing the output you asked for.
Retention periods, enforced by automated deletion jobs: GIF source files and converted output are deleted within one hour of creation. Sticker pack files are deleted when the shareable link expires, seven days after generation.
IP address
We record your IP address for rate limiting and abuse prevention. This helps us enforce per-IP limits so the service remains available to everyone, and gives us a way to investigate abuse (including unlawful content) if we have to. The IP address is stored with the upload record and deleted with it — within one hour for GIF jobs, within seven days for sticker packs. It is never sold or shared with third parties for marketing purposes.
What we do not collect
We collect no name, email address, account credentials, or payment information. We do not use third-party analytics scripts (no Google Analytics, no Meta Pixel, no similar tools). We do not set persistent tracking cookies. We have no advertising relationship.
Legal basis for processing (GDPR)
Under Article 6 of the GDPR, we rely on the following legal bases:
- Performance of a contract (Art. 6(1)(b)). Processing your uploaded file to produce the output you requested is necessary to deliver the service you asked for.
- Legitimate interests (Art. 6(1)(f)). Logging IP addresses for rate limiting and abuse prevention is necessary to maintain service availability. This interest is not overridden by your privacy interests given the minimal nature of the data and the absence of any profiling.
We do not rely on consent as a legal basis because we do not use your data for marketing, profiling, or any purpose beyond delivering the service you explicitly requested.
Data retention
Uploaded and processed files are deleted automatically on the schedule above. No action is required from you. Once deleted, the files cannot be recovered.
If you want your files removed before the automatic deletion window, email privacy@wemakeit.app with a description of your upload (approximate time and tool used). Because we do not link uploads to identities, we may be unable to locate a specific file, but we will delete any file we can identify.
Third parties and data sharing
We use an infrastructure provider (server hosting) to operate the service. Files are processed and stored on our own server, not handed to third-party processing services. We do not share data with advertisers, data brokers, or analytics companies.
We may disclose information if required by law, court order, or valid legal process. We will notify you to the extent permitted by law before complying.
We do not sell, rent, or trade personal information. This applies to all users, including California residents under the CCPA.
Your rights under GDPR (EEA, UK, Switzerland)
Under Articles 15 through 22 of the GDPR, you have the following rights with respect to personal data we hold:
- Right of access (Art. 15). You may request a copy of the personal data we hold about you and information about how we process it.
- Right to rectification (Art. 16). You may request correction of inaccurate personal data.
- Right to erasure / "right to be forgotten" (Art. 17). You may request deletion of your personal data, subject to any legal obligation to retain it.
- Right to restriction (Art. 18). You may request that we restrict processing in certain circumstances.
- Right to data portability (Art. 20). You may request your personal data in a structured, machine-readable format where processing is automated and based on contract or consent.
- Right to object (Art. 21). You may object to processing carried out on the basis of legitimate interests.
- Right to lodge a complaint (Art. 77). You have the right to lodge a complaint with your local data protection supervisory authority if you believe we are processing your data unlawfully.
Because we do not collect names or email addresses, we cannot verify your identity through account credentials. Email privacy@wemakeit.app with as much context as you can provide (time of upload, tool used, IP address if known). We will respond within 30 days as required by Art. 12 GDPR.
EEA residents may contact their national supervisory authority. A full list is available at edpb.europa.eu.
Your rights under CCPA (California residents)
Under the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA), California residents have the following rights:
- Right to know. You may request disclosure of the categories and specific pieces of personal information we have collected, the purposes for collection, and the categories of third parties with whom we share it.
- Right to delete. You may request deletion of personal information we have collected from you, subject to certain exceptions.
- Right to correct. You may request correction of inaccurate personal information we hold.
- Right to opt out of sale or sharing. We do not sell or share personal information as defined under the CCPA. No opt-out action is needed.
- Right to non-discrimination. We will not discriminate against you for exercising any of your CCPA rights.
To exercise CCPA rights, email privacy@wemakeit.app. We will verify and respond within 45 days as required by law, with one possible 45-day extension if we notify you.
Cookies
We do not set persistent cookies. Any session-level cookies are strictly necessary for the operation of the service (such as CSRF protection) and are not used for tracking or advertising.
Children
This service is not directed at children under the age of 13, or under 16 in the EEA. We do not knowingly collect personal data from children. If you believe a child has submitted data to us, contact us at privacy@wemakeit.app and we will delete it promptly.
Changes to this policy
We may update this policy from time to time. We will update the "Last updated" date at the top of the page. If changes are material, we will note them clearly. Continued use of the service after a change constitutes acceptance of the updated policy.
Contact
Email: privacy@wemakeit.app
Operator: I. M. Shwartz. A postal address is available on legitimate request via email.