Self-hosted in South Africa
Your files live on our own infrastructure (z1 object storage) — never handed to a third-party cloud.
Your files, your data,
on our own box.
PixelCore is built to keep your data yours. Everything runs on infrastructure we host ourselves in South Africa — no third-party cloud holding your files, no ad networks, no trackers. This page explains, in plain language, exactly what we collect and why.
Last updated June 2026
IPs are never stored raw
We keep only a salted SHA-256 hash — one-way and irreversible — for abuse prevention and aggregate stats.
No third-party trackers
No analytics scripts, no ad networks, no cross-site trackers. Nothing follows you around the web.
You control every link
Public, private, password-protected or anonymous — visibility is set per upload, and you can change it.
Who we are
PixelCore is a self-hosted personal cloud. Unlike most file-sharing services, your uploads are not handed off to a third-party cloud provider — they are stored on our own infrastructure (z1 object storage) hosted in South Africa. That means a much shorter list of parties who ever touch your data: practically, just us.
Sign-in & your account
You sign in with Google. When you do, PixelCore receives only three things from your Google account: your name, your email address, and your profile picture. We do not request, receive, or store anything else from Google — no contacts, no Drive access, no calendar, nothing beyond those three fields used to identify your account and show who you are in the app.
IP addresses & location
We never store your IP address in raw form. When a request reaches PixelCore, the IP is passed through a salted SHA-256 hash — a one-way, irreversible transform — and only that hash is kept. It lets us detect abuse and produce aggregate visit analytics (how many distinct visitors, roughly) without ever holding a value that can be turned back into your address.
Optionally, a coarse location (country and city) may be derived from a local MaxMind database to show approximate visit origins. This lookup happens locally on our server — your IP is never sent to any third party to resolve it.
Your files & visibility
You decide how visible each upload is. Every file can be set to one of four states:
- Public — reachable by anyone who has the link.
- Private — restricted to you.
- Password-protected — the link works only with the password you set.
- Anonymous — shared without tying it back to your identity.
Because a public upload is reachable by anyone with the link, treat a public link the way you would treat the file itself — anyone you give it to can open it. You can change a file's visibility at any time.
Cookies
PixelCore uses two cookies, and neither is for tracking. There is a sign-in session cookie that keeps you logged in, and a local theme preference that remembers whether you chose light or dark mode. That's the entire list — no advertising cookies, no cross-site identifiers.
No third-party tracking
We do not embed third-party analytics, ad networks, or cross-site trackers. The visit statistics we keep are computed in-house from the salted IP hashes described above, so your activity is never shared with an outside analytics company.
Deletion & retention
When you delete a file it moves to Trash, where it stays for 30 days in case you change your mind. After that window it is permanently removed and the underlying bytes are purged from storage. Deletion is final once a file leaves Trash.
Contact
Questions about your privacy or this policy? Email us and we'll help.
wentzel.dev@gmail.com