HomeStudioPricingDocs
Start free trial

Data security: how we protect your proprietary pixels

At BackgroundErase, protecting proprietary image data means enterprise-grade encryption during transfer, isolated processing, and highly secure storage architectures designed to prevent data leaks.

Jack
Written by Jack
Updated in March 2026

The BackgroundErase mentality regarding data security is simple: secure the pixels from the moment they leave your device. At BackgroundErase, that means every image you upload is protected by rigorous cybersecurity standards designed to ensure your proprietary data is never exposed, leaked, or intercepted.

Our approach: We believe your proprietary data is yours alone. We protect it using enterprise-grade encryption in transit and at rest, strict access controls, and an architecture built from the ground up to prevent unauthorized access.

In practice, our view of data protection requires more than just good policies. It requires world-class infrastructure. Whether your images are flowing through our API, being temporarily processed, or stored securely because you explicitly opted in to model training, we treat your data with the highest levels of cryptographic security.

Secure in transit: protecting the network layer

The moment you initiate a request to the BackgroundErase API, your image is secured. We mandate strict transport layer security so that no one can intercept your proprietary pixels between your servers and ours.

  • All API endpoints strictly enforce modern TLS (Transport Layer Security) encryption.
  • Connections are secured using strong cipher suites to prevent man-in-the-middle attacks.
  • Your API keys and image payloads are securely tunneled every step of the way.

Isolated processing and default 24-hour deletion

By default, BackgroundErase operates with a strict minimization posture. When your image reaches our processing environment, it is handled in secure, isolated memory spaces.

If you do not explicitly opt in to model training, the most powerful protection we offer kicks in: we do not retain your data for over 24 hours. The safest data is the data that is permanently purged from the system once it is no longer needed to serve your request.

Important: unless you explicitly turn on the opt-in feature at the top of the account page, your proprietary images are wiped from our servers within 24 hours.

Military-grade encryption for opted-in data

If you do choose to help us improve our models by opting in, we take the stewardship of your retained data incredibly seriously. Images are moved into heavily fortified, private object storage environments that are never accessible to the public internet.

To guarantee that data leaks are categorically prevented, we apply multiple layers of defense to our storage architecture:

  • AES-256 Encryption at Rest: Every single pixel is encrypted before it is written to disk using the industry-standard Advanced Encryption Standard.
  • Zero Public Access: Storage environments are completely blocked from public network paths. They can only be accessed internally by authorized core services.
  • Strict Identity and Access Management (IAM): We use principle-of-least-privilege rules. Only specific, verified microservices required for training can even read the encrypted objects.
  • Continuous Monitoring: Our infrastructure is automatically scanned and audited for misconfigurations to ensure buckets and vaults remain locked down.

The opt-in control is explicit

Because we treat your images as highly sensitive assets, participation in model improvement requires an explicit action from you. The opt-in control is located at the top of the account page on backgrounderase.com/account.

We designed it that way because we want the decision to be visible and user-directed. If you do not turn that control on, your uploads are processed securely, returned to you over TLS, and then deleted completely within 24 hours.

Clear boundary: the button at the top of the account page is the explicit line between automatic 24-hour deletion and highly-encrypted, customer-authorized model-improvement storage.

Why this matters for commercial workflows

Commercial image workflows are often where cybersecurity promises get tested hardest. Agencies handle pre-release client media. Ecommerce teams handle unannounced product assets. Marketplaces process millions of user listings.

In all of those environments, a data leak is unacceptable. That is why our pipeline does not just rely on good intentions; it relies on hard cryptography and aggressive network isolation. Your proprietary pixels are defended by the same security primitives trusted by global financial institutions.

  • Transit encryption guarantees safety across untrusted networks.
  • Automated 24-hour deletion minimizes your overall attack surface.
  • AES-256 encryption at rest protects assets if you opt in.
  • Strict access policies ensure complete data isolation.

Ownership still stays with you

Protecting proprietary pixels also means respecting the fact that the content is yours. Any image you upload to the BackgroundErase API remains your exclusive property. We do not claim any intellectual property rights over the images you upload.

Our security architecture exists solely to ensure that your ownership is honored and your data is never compromised while it is in our care.

The simplest version of our protection model

At BackgroundErase, your images are encrypted in transit and processed securely. Unless you explicitly opt in to model training, they are permanently deleted within 24 hours. If you do opt in, they are guarded by AES-256 encryption and strict access controls to prevent data leaks.

Check your setting

If you want to review how your account is configured, go to backgrounderase.com/account and look at the opt-in control at the top of the page. If it is not turned on, your uploads are not used for model improvement by default, and we do not retain your data for over 24 hours.