Terms of Service

Last updated:

1. Acceptance of Terms

By accessing or using the Html2Image API service ("Service"), you agree to be bound by these Terms of Service. If you do not agree, do not use the Service.

2. Service Description

Html2Image provides an API for converting HTML pages and URLs into images (PNG, JPG, GIF, SVG, PDF). The Service captures screenshots of web pages and returns them as image files.

3. Acceptable Use Policy

You agree NOT to use the Service to:

  • Capture screenshots of illegal content, including but not limited to:
    • Child sexual abuse material (CSAM)
    • Non-consensual intimate images
    • Content promoting terrorism or violence
    • Content infringing intellectual property rights
  • Access or attempt to access internal networks, private systems, or cloud metadata services
  • Conduct phishing attacks or create deceptive content
  • Distribute malware or attempt to compromise systems
  • Violate any applicable laws or regulations
  • Circumvent rate limits or security measures
  • Use automated tools to harvest or scrape content without authorization

4. Blocked Content

The following types of URLs are automatically blocked:

  • Internal/private IP addresses (127.0.0.1, 10.x.x.x, 192.168.x.x, etc.)
  • Localhost and local network addresses
  • Cloud metadata endpoints (169.254.x.x)
  • Known malicious domains

5. Account Responsibilities

  • You are responsible for maintaining the security of your API key
  • You must provide accurate registration information, including your real first and last name
  • Registration with fictitious names, pseudonyms, or incomplete names is not permitted
  • Accounts with invalid or false identity information may be suspended or terminated without prior notice
  • You are responsible for all activities under your account
  • You must notify us immediately of any unauthorized use
  • You must be at least 16 years old to use this Service

6. Rate Limits

  • Default limits: 1,000 requests/day, 30,000 requests/month
  • Per-minute limit: 30 requests
  • Exceeding limits may result in temporary suspension

7. Data Retention

  • Generated images: Automatically deleted after 24 hours
  • Usage logs: Retained for 90 days for security and abuse prevention
  • Account data: Retained until account deletion

8. Termination

We reserve the right to suspend or terminate your account at any time for:

  • Violation of these Terms
  • Suspected abuse or fraudulent activity
  • At our sole discretion with or without cause

9. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. We do not guarantee:

  • Uninterrupted or error-free service
  • Accuracy of screenshots
  • Availability at all times

10. Limitation of Liability

IN NO EVENT SHALL Html2Image BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES arising from your use of the Service.

11. Reporting Abuse

To report abuse or illegal content, contact: html2image@gmx.net

12. Changes to Terms

We may modify these Terms at any time. Continued use after changes constitutes acceptance.

13. Governing Law and Jurisdiction

These Terms of Service shall be governed by and construed in accordance with the laws of Switzerland. Any disputes arising from these Terms or the use of the Service shall be subject to the exclusive jurisdiction of the courts of Zurich, Switzerland.

14. Severability

If any provision of these Terms is found to be invalid or unenforceable by a court of competent jurisdiction, such invalidity shall not affect the validity of the remaining provisions, which shall remain in full force and effect.

15. Entire Agreement

These Terms constitute the entire agreement between you and Html2Image regarding your use of the Service and supersede all prior agreements and understandings.

16. Contact

For questions about these Terms, contact: html2image@gmx.net

Privacy Policy

Data Controller

The data controller responsible for processing your personal data is Html2Image, operated from Switzerland. For contact details, see Section 16 above.

Legal Basis for Processing (GDPR Art. 6)

We process your personal data based on:

  • Contract performance (Art. 6(1)(b)): Processing necessary to provide the Service you requested
  • Legitimate interests (Art. 6(1)(f)): Processing for security, fraud prevention, and service improvement
  • Legal obligation (Art. 6(1)(c)): Processing required by law

Information We Collect

  • Account Information: Email, name, company (optional), city (optional), phone (optional)
  • Usage Data: API requests, source URLs, IP addresses, timestamps, response times
  • Technical Data: Browser type, device information for security purposes

How We Use Your Data

  • To provide and maintain the Service
  • To monitor and prevent abuse
  • To enforce our Terms of Service
  • To respond to legal requests
  • To improve our Service

Data Security

  • Passwords are hashed using Argon2ID
  • All connections use HTTPS/TLS encryption
  • API keys are stored securely
  • Access is restricted to authorized personnel

Data Sharing

We do NOT sell your data. We may share data only:

  • When required by law
  • To protect our rights or safety
  • With service providers who assist in operations

Your Rights (GDPR)

You have the right to:

  • Access your personal data (Art. 15 GDPR)
  • Correct inaccurate data (Art. 16 GDPR)
  • Request deletion of your data (Art. 17 GDPR)
  • Restrict processing (Art. 18 GDPR)
  • Data portability / Export your data (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise these rights, contact: html2image@gmx.net

For Switzerland, the supervisory authority is the Federal Data Protection and Information Commissioner (FDPIC).

International Data Transfers

Your data is primarily processed in Switzerland. Switzerland is recognized by the EU as providing adequate data protection. If data is transferred to other countries, we ensure appropriate safeguards are in place.

Cookies

We use only essential cookies required for the Service to function. We do NOT use advertising cookies.

Analytics

We use Umami Analytics, a privacy-focused, GDPR-compliant analytics service. Umami:

  • Does NOT use cookies
  • Does NOT collect personal data
  • Does NOT track users across websites
  • Only collects anonymous, aggregated statistics (page views, referrers, countries)
  • Is hosted on our own servers (ana.novus.cloud)
Cookie Name Purpose Duration Type
h2i_session Session authentication - keeps you logged in 24 hours (default)
30 days (with "Remember me")		 Essential

Cookie Security:

  • HttpOnly: Cookies cannot be accessed by JavaScript (XSS protection)
  • Secure: Cookies are only sent over HTTPS
  • SameSite=Strict: Cookies are not sent with cross-site requests (CSRF protection)

"Remember Me" Feature: When you check "Remember me" during login, your session cookie will be valid for 30 days instead of the default 24 hours. You can log out at any time to delete this cookie.

Back to Home