A European Alternative to TinyPNG: Privacy-First Image Compression That Leaves No Trace

The Search for a European Alternative to TinyPNG

If you are a European business compressing images for the web, there is a reasonable chance you have used TinyPNG at some point. It is fast, accessible, and free for small volumes. But if you have ever paused to ask where your images go after you drop them onto that familiar panda interface, you are in the right place.

TinyPNG is operated by Tinify B.V., a Dutch company, but its infrastructure relies on cloud providers that sit outside EU jurisdiction — and its privacy policy, at the time of writing, does not provide the granular guarantees many EU businesses now need around data residency, retention periods, and CLOUD Act exposure. For many use cases that is fine. For others — medical imagery, client product shots under NDA, or anything containing embedded location metadata — it is not fine at all.

That tension is driving genuine interest in a GDPR-compliant image compression workflow with clear EU data residency. This guide explains the landscape and shows where Mochify fits in.

Why Europeans Are Moving Away from US Tech for Image Workflows

European organisations are increasingly scrutinising US-hosted tools not out of sentiment, but because the legal risk is real. The core issue is the CLOUD Act (Clarifying Lawful Overseas Use of Data Act), passed in 2018 in the United States. It allows US authorities to compel US companies to hand over data stored on their servers — regardless of where those servers physically sit. If your image optimisation tool runs on AWS, Google Cloud, or Azure in Frankfurt, the company operating it may still be subject to CLOUD Act disclosure obligations.

This creates an uncomfortable situation for EU controllers under GDPR. You can choose a server located inside the EU and still have your data accessible to a foreign government without your knowledge or consent. Schrems II (the 2020 European Court of Justice ruling) reinforced this concern by invalidating the Privacy Shield framework and requiring companies to assess the "effective level of protection" offered by third-country data transfers. For tools that process sensitive client images, that assessment is increasingly difficult to pass.

The practical response across European business has been a steady move toward services operated and hosted by entities that are genuinely subject to EU or UK law, with processing infrastructure that stays within EU jurisdiction. This is not just a compliance checkbox — it is a meaningful reduction in risk surface.

The Hidden Privacy Risks of "Free" Online Image Compressors

Most free online image compressors are not privacy-first tools — they are file-handling web apps built for conversion volume, and privacy is secondary to speed and simplicity. The risks are specific and worth naming directly.

None of this is catastrophic for someone compressing a stock photo of a coffee cup. But for agencies, healthcare-adjacent businesses, e-commerce brands with identifiable staff or customers in images, or any organisation subject to sector-specific regulation, these gaps are not theoretical.

What Zero-Retention, In-Memory Image Processing Really Means

Zero-retention means your image is processed and immediately discarded — it is never written to a persistent storage layer at any point. This is a technical architecture choice, not just a privacy policy statement.

Standard image processing pipelines write the uploaded file to disk (or an object store like S3), run the compression job, write the output to disk, serve the result, and then delete the files on a schedule. The deletion is real, but there is a window — sometimes hours — where your file sits in a storage system. That storage system can be backed up, cached, logged, or accessed by a third party with a legal instrument.

Mochify is built differently. Images are loaded directly into RAM, processed by the Squish engine, and the compressed output is returned to the browser or API caller. The file is never written to disk on the server. There is no object store, no S3 bucket, no temporary file on a filesystem. Once processing completes, the memory is released. There is nothing left to delete because nothing was retained in the first place.

This is not a nuance — it is a meaningful reduction in attack surface and legal exposure. There is no file to subpoena, no backup to breach, and no retention period to audit. It is the architectural equivalent of a conversation that leaves no transcript.

How Mochify Works as a Privacy-First, EU-Based Image Compressor

Mochify is a privacy-first image compression service built on zero-retention, in-memory processing, hosted on Netcup infrastructure in Germany, and operated by a UK-registered sole trader registered with the Information Commissioner's Office (ICO) under UK GDPR.

• · Processing: All image compression happens entirely in RAM. Files are never written to disk, never logged, and never used to train AI models.
• · EXIF stripping: The API exposes a stripExif parameter that defaults to true. By default, GPS coordinates, device identifiers, and other metadata are removed from every file you compress — no extra configuration required.
• · Format support: Mochify accepts JPEG, PNG, WebP, AVIF, JPEG XL, and HEIC/HEIF as inputs. Outputs include JPEG (encoded via Google's Jpegli for better efficiency at high quality), PNG, WebP, AVIF, and JPEG XL.
• · Interfaces: You can use the browser UI for individual files or small batches, the REST API for programmatic workflows, or the MCP server that allows AI coding assistants like Claude and Cursor to call the Squish compression engine directly.
• · Hosting: Netcup is a German hosting provider operating under EU data protection law. Processing stays within the EU.
• · Natural language features: Where Mochify uses an LLM (for example, in guided workflows or format recommendations), it uses Mistral AI — a French provider built around European data protection principles.

This stack means that from upload to download, your image never touches a US-jurisdiction service.

EU-Friendly Image Compressor Feature Comparison

Squoosh processes images client-side in the browser, which is inherently private — but it lacks API access, batch processing, and HEIC support at scale.

Practical Workflows for EU Merchants, Publishers, and Agencies

The right workflow depends on your volume and your risk tolerance. Here are three concrete scenarios.

Shopify and WooCommerce Merchants

Product photography for e-commerce is a high-frequency, moderate-risk workflow. A typical merchant shoots 20–50 product images per SKU on a smartphone. Those images contain EXIF data — GPS location of the shoot, device model, and timestamp — that has no place on a product page and could expose information you would rather keep private.

The standard workflow: upload your raw JPEG or HEIC exports to Mochify, let stripExif default to true, and download compressed WebP or AVIF files ready for your store. A 4MB HEIC from an iPhone typically compresses to under 200KB as AVIF at quality 70 with no perceptible loss — that is a 95% reduction that directly improves your Largest Contentful Paint score and Core Web Vitals. You can run this as a batch through the browser UI or automate it via the REST API if your upload volume justifies it.

WordPress Publishers

WordPress sites accumulate images fast. The privacy risk is lower here than for agencies, but page speed and format modernisation are real concerns. If you are serving JPEG files from five years ago, you are likely leaving 40–60% of your image weight on the table compared to AVIF equivalents.

For publishers, the practical Mochify workflow is to run existing libraries through the API in batches, converting JPEG and PNG to WebP or AVIF, and replacing the originals in your media library. The HEIC-to-JPEG conversion path is also useful if your editorial team shoots on iPhones and needs reliable, universally compatible output. See our HEIC to JPEG guide for format compatibility details.

Agencies Handling Client Assets

This is the highest-stakes scenario. Agencies often process client photography, identifiable staff headshots, unreleased product imagery, and brand assets that are commercially sensitive. Uploading that material to a US-hosted tool without a DPA is a genuine compliance failure, not a grey area.

Mochify's zero-retention architecture means there is no client data persisting on our infrastructure after the API call completes. Combined with automatic EXIF stripping, you can give clients a credible, documented answer to the question "where did our images go?" The answer is: they were processed in memory and discarded. Nothing was retained.

For agencies with high volumes, the REST API supports integration into existing asset management pipelines, and Mochify Pro (coming later this year) will add custom presets and higher rate limits — with identical zero-retention privacy guarantees.

Checklist: How to Choose a Secure, EU-Friendly Image Compressor

Use this checklist when evaluating any image compression tool for a European or privacy-sensitive workflow:

• · Data jurisdiction: Is the service operated by an entity subject to EU or UK GDPR? Where is processing infrastructure located?
• · Retention model: Does the tool write files to disk or object storage? Is there a documented retention period with a clear deletion policy?
• · EXIF handling: Are metadata fields stripped by default, or does the user need to opt in?
• · AI training policy: Does the privacy policy explicitly exclude uploaded images from model training?
• · DPA availability: Can you sign a GDPR Article 28 data processing agreement with the provider?
• · CLOUD Act exposure: Is the service or its infrastructure providers subject to US government data requests?
• · Format coverage: Does the tool support the formats you actually need — AVIF, JPEG XL, HEIC — or only the basics?
• · API and automation: If you have volume, does the tool offer a documented REST API with appropriate rate limits?

No free tool passes all eight of these without qualification. Mochify passes all eight. That is not a marketing claim — it is a direct consequence of the architecture and the jurisdictional choices we made when building it.

FAQ