Privacy Policy
Themezer collects information reasonably needed to operate, secure, improve, and protect the service. This policy explains what we collect, how we use it, and how to contact us about privacy or data removal.
Last updated: July 14, 2026
Who Operates Themezer
Themezer is independently operated by based in the Netherlands. Themezer is the controller of personal information processed through the service. For privacy questions or to exercise your rights, contact us using the details below.
Data Collection
Themezer collects information needed to provide, secure, and improve the service. This includes account data such as your username, email address, password stored in hashed form, linked third-party login identifiers, session data, language and notification preferences, and profile information. It also includes content and community activity that you provide or create, such as uploads, screenshots, descriptions, tags, comments, likes, saves, follows, reports, and moderation-related information. Themezer may process technical data such as IP address, browser or device characteristics, request and security information, and cookie or similar identifiers. Public profile information and content that you choose to publish are visible to other visitors.
Sources of Information
Themezer receives personal information directly from you when you register, update an account, upload or publish content, interact with community features, contact us, or submit a report or rights-holder request. We receive technical information automatically when you use the service. If you choose an optional third-party login method, we receive the account identifier, email address, and basic profile information that the provider makes available for authentication.
Reports and Moderation Data
Reports, abuse inquiries, rights-holder requests, and moderation actions may include account details, content references, reporter contact information, evidence supplied by users, and related security or activity context. Themezer uses this information to review reports, enforce policies, protect the service, respond to legal or safety issues, and maintain moderation records. Access is limited to people and systems that need it for those purposes.
Processing Purposes and Legal Bases
Themezer uses personal information to provide accounts and community features, host and display user content, authenticate users, send requested service and account communications, respond to support or rights-holder requests, secure the service, prevent fraud and abuse, moderate content, and maintain or improve Themezer. Where GDPR or UK GDPR applies, the legal bases are explained in the regional privacy section below.
Analytics
Themezer uses self-hosted analytics to monitor usage and performance. Themezer also uses Google Analytics through the gtag module to understand aggregate site usage. In the European Economic Area, UK, and Switzerland, Google Analytics is included as a custom disclosure and consent in NitroPay's consent-management platform. Until consent is granted, or if that platform is unavailable, Google Analytics operates with analytics storage denied and may receive limited measurements without analytics cookies for basic reporting and modelling. After consent, analytics storage is enabled. Outside those regions, analytics storage is enabled by default. Google Analytics may collect page views, device information, and interaction data according to Google's policies. You can review or change your choice through Privacy choices where available, opt out by disabling cookies, or use Google's opt-out browser extension.
Cookies
Themezer uses essential cookies for login sessions and authentication. Analytics and, when enabled, advertising or measurement partners may also use cookies or similar technologies to understand site usage, deliver ads, and measure performance. You can control cookies in your browser settings, though some site functionality may depend on them.
Data Storage and Security
Themezer's application and PostgreSQL database are hosted by Oracle in Frankfurt, Germany. Uploads and related assets are stored in Cloudflare R2 in Western Europe. Access is restricted to people and systems that need it to operate, secure, and maintain Themezer. Themezer also uses Cloudflare as a proxy and Turnstile provider for performance and abuse protection; Cloudflare may process traffic and technical data as part of those services.
Service Providers and Recipients
Themezer uses Oracle for application and database hosting in Germany, Cloudflare for object storage, content delivery, security, and Turnstile, privateemail.com for transactional email delivery, Google for optional login and analytics, and NitroPay and its advertising or measurement partners when advertising is enabled. These providers process information on Themezer's behalf or under their own applicable terms. Themezer may also disclose information when required to comply with law, enforce its policies, protect rights and safety, or handle a corporate reorganisation. Public content is available to the visitors who can view it.
International Transfers
Themezer's core application, database, and object storage are located in the European Economic Area. Some providers may process data outside the EEA, UK, or Switzerland, including Cloudflare's global network, Google services, privateemail.com, NitroPay, and advertising or measurement partners. Where an international transfer applies, Themezer relies on the provider's applicable data-processing terms and recognised transfer safeguards, such as an adequacy decision, the EU Standard Contractual Clauses, or the EU-U.S. Data Privacy Framework, where applicable.
Cloudflare Turnstile
Themezer uses Cloudflare Turnstile to protect account registration from automated abuse. Cloudflare's Turnstile Privacy Addendum applies to Turnstile.
Third-Party Services and Advertising
Themezer relies on third-party infrastructure and may work with analytics, authentication, hosting, security, and advertising partners. Themezer does not exchange personal information for money. When advertising is enabled, disclosure of certain online identifiers and activity information to advertising partners may be considered a sale or sharing under some privacy laws. Advertising partners process information under their own policies and applicable law.
Advertising Data and Use
When advertising is enabled, NitroPay and its advertising and measurement partners may collect or receive online identifiers, such as an IP address and cookie or device identifiers; internet or network activity, such as page views, browser or device characteristics, and ad interactions; approximate location derived from an IP address; and consent or opt-out signals. This information is used to select and deliver ads, measure advertising performance, prevent fraud, manage ad frequency, and honour applicable privacy choices.
Advertising Preferences
Themezer uses NitroPay to serve advertising. Use Privacy choices to manage advertising consent where the NitroPay consent-management platform applies. The same consent-management platform includes Themezer's custom Google Analytics disclosure and consent where available. Use the Do Not Sell My Personal Information link to opt out of advertising data processing covered by that control. These controls are available only where the relevant regional privacy framework applies.
U.S. Privacy Rights and Choices
Depending on your U.S. state of residence and applicable law, you may have rights to know, access, correct, delete, or opt out of the sale or sharing of personal information, and to be free from unlawful discrimination for exercising those rights. Use the Do Not Sell My Personal Information link above or in the footer when it is available to submit an advertising opt-out. For other privacy requests, contact Themezer using the details below. Themezer may need to verify requests other than an opt-out and may ask an authorised agent for proof of authority.
California Notice at Collection
During the preceding 12 months, Themezer has collected the following categories of personal information: identifiers, including usernames, email addresses, account identifiers, and online identifiers; internet or network activity, including page views, browser and device characteristics, and interactions; user-generated content, including uploads, descriptions, comments, profile information, and reports; approximate location derived from an IP address; account settings and preferences; and analytics, advertising, or consent identifiers when those services are enabled. Themezer collects this information directly from you, automatically from your device or browser, and from optional third-party login providers. We use it for the purposes described in this policy. Themezer may disclose these categories to hosting and storage providers, security and anti-abuse providers, email delivery providers, analytics providers, and, when advertising is enabled, NitroPay and advertising or measurement partners. Public profile and content information is also disclosed to people who view Themezer. Themezer does not knowingly sell or share the personal information of consumers under 16 years old.
Children's Privacy
Themezer is not directed to children. We do not knowingly collect personal information from children or knowingly sell or share personal information of consumers under 16 years old. If you believe a child has provided personal information to Themezer, contact us so that we can review and delete it where appropriate.
European Economic Area and UK Privacy
Where GDPR or UK GDPR applies, Themezer processes account, community, and support information as necessary to provide the service and perform its agreement with you; processes security, fraud prevention, moderation, service improvement, and legal-claim information for its legitimate interests or to meet legal obligations; and relies on consent for advertising technologies and Google Analytics where consent is required. Themezer presents its Google Analytics custom consent through NitroPay's consent-management platform. You can withdraw or change the choices available through that platform at any time through Privacy choices. You may also have rights to access, correct, erase, restrict, object to, or receive a portable copy of your personal data, and to lodge a complaint with your local data-protection authority. Contact Themezer using the details below to exercise rights that are not available through the consent controls.
Data Retention
Account data, user content, notifications, email job records, and moderation records are retained for the life of the associated account unless they are deleted earlier or retention is required for security, abuse prevention, legal claims, or legal compliance. Password-reset tokens expire after 30 minutes and email-verification tokens expire after 24 hours. Backups may retain data for up to one year before being overwritten. Application logs are kept only for the lifetime of the running service and are cleared when it restarts. Analytics and advertising providers retain data according to their configured retention settings and applicable policies. You can request account deletion in account settings; if a linked layout prevents self-service deletion, contact us for assistance. Deletion removes associated account data and uploads from active Themezer systems, subject to the limited retention described above.
Changes to This Policy
Themezer may update this Privacy Policy at any time. Continued use after updates indicates acceptance of the new policy. Themezer will post updated policy text when changes are made and may provide additional notice for material changes through the service, email when available, or another appropriate channel. Users are encouraged to check this page periodically.
Contact
For privacy-related inquiries, account-data questions, or data removal requests, contact [email protected].