Your photos contain secrets you never agreed to share.
Every JPEG carries hidden metadata — GPS coordinates, device model, timestamps, editing history. Upload it to a random online "EXIF cleaner" and you've just handed all of that to a stranger's server.
So we built PrivacyKit. One HTML file. Open it. Done. Your photos never leave your device.
What's inside
7 tools, zero dependencies, zero server:
🔍 EXIF Cleaner -
strips metadata at binary level, not just the surface
✏️ Metadata Editor - edit or delete specific fields
✂️ Crop - free or preset ratios
🔄 Rotate & Flip
📐 Resize - presets or custom px
🌊 Watermark - drag, pinch, two-finger rotate on mobile
🗜️ Compress - live before/after preview
The bug we almost shipped
After cleaning a file, ExifTool still found GPS in the XMP block. Turns out JPEG hides metadata in 4 different places - and most tools only clean one of them.
We fixed it by stripping all APP blocks at binary level first, then re-inserting only what the user wants to keep.
Then we caught another one - Honor/Huawei phones use non-standard EXIF that makes piexif.load() throw silently. The old code would "clean" the file while leaving the original EXIF completely intact.
Real-world testing caught both. The verification report that shows REMOVED / PRESENT / was empty after every clean was born from that experience.
Stack
Vanilla JS. No frameworks. No build step. ~109 KB total.
exifr + piexifjs + Canvas API + ArrayBuffer for binary JPEG manipulation.
Built together with Claude through a lot of iteration, testing, and real bugs on real photos.
Try it
🔒 Live: https://darkenamber.github.io/privacykit/
⭐ GitHub: https://github.com/DarkenAmber/privacykit
MIT. Single file. Works offline.
Top comments (0)