← All guides

What your photos reveal: EXIF data, GPS and how to remove them

Every photo a phone takes is really two things: the picture, and a hidden report about the picture — where you were standing, at what second, holding which device, using which settings. The report is called EXIF, it travels inside the file, and it survives copying, renaming and most casual sharing. None of this is sinister; cameras write it for good reasons. But it is worth knowing exactly what is in there, when it actually matters, and how to take it out in the cases where it does.

What EXIF actually is

EXIF — Exchangeable Image File Format — is a standard block of metadata that cameras and phones write into an image file at the moment of capture. It lives mainly in JPG and HEIC photos (TIFF too, and PNG has its own metadata scheme that can carry the same kind of information). It changes nothing about the pixels: two photos can look identical while one carries a full report and the other carries nothing. Ordinary viewers never show it, but any file manager, photo app or ten-line script can read it.

It exists for honest reasons. EXIF is how your photo library sorts by date, groups pictures by place, and knows which way up to display a shot taken sideways. The privacy question only appears when the file leaves your own devices.

What's actually embedded

From a typical phone photo, a reader can pull:

Dedicated cameras can embed more still — some record the camera body's serial number. Put together, a single original file can place a specific device at a specific location at a specific second. The fastest way to make this concrete is to look inside one of your own photos.

Look inside a photo: the EXIF viewer & remover shows everything embedded in a photo — camera, lens, timestamps, GPS — entirely in your browser, so the photo itself goes nowhere (how that works).

When it matters — and when it doesn't

This is not a reason to stop taking pictures. EXIF becomes a problem only when two things line up: the audience is untrusted, and the route passes your original file along. Some realistic cases:

And the reassurance: if your sharing happens mostly on big social feeds, the platforms already re-process images and strip metadata from what other users see. The situations that deserve attention are direct file handoffs — email, cloud links, “send as document” — and smaller sites that republish exactly what you upload.

Which sharing routes strip EXIF — and which don't

RouteWhat happens to the metadata
Facebook, Instagram, X, RedditStripped from what viewers see and download. The platform itself still receives the original data first, and may keep it.
WhatsApp or Telegram, normal photo sendThe image is recompressed for delivery; metadata is dropped in the process.
Chat apps, “send as file/document”The original file arrives intact — metadata included.
Email attachmentsUntouched. The recipient gets your exact file.
Cloud drive links (Drive, Dropbox, etc.)Untouched — faithfully storing your file is the product.
AirDrop and iPhone MessagesThe original file, though iOS's share sheet has an Options row that can remove the location first.
Forums, marketplaces, your own websiteVaries widely. Many serve exactly the bytes you uploaded — assume intact unless proven otherwise.

The pattern behind the table: anything that recompresses images for display tends to lose metadata as a side effect, and anything whose job is to deliver your file delivers all of it.

How to remove it

  1. Strip it from a finished photo. Drop the image into the EXIF viewer & remover, review what it found, and download the cleaned copy. The tool re-encodes the image without the metadata block (JPGs are re-saved at high quality, so the difference is not visible in normal use), and the rotation gets baked into the pixels — so stripping the orientation tag does not leave the photo sideways.
  2. Stop the location at the source. On an iPhone, the share sheet's Options row lets you switch off location for that share; Google Photos has a setting to hide location data from link shares. If you never want coordinates recorded, deny the camera app location access entirely.
  3. Let another tool do it incidentally. Any tool that redraws the image into a fresh file — the image compressor, the image converter — outputs a file with no EXIF, because metadata is not carried across the re-encode. If you were compressing for the web anyway, the metadata is already gone.
  4. Verify. Drop the cleaned file back into the viewer. It should report no readable EXIF — a five-second check that beats assuming.

What stripping EXIF does not do

Removing metadata removes the report, not the picture. Keep four things in mind:

So treat EXIF stripping as one habit among several for photos leaving your trusted circle — and give the image itself a look with fresh eyes before it goes anywhere public.

The bottom line

Your camera writes an invisible report into every shot: place, time, device. Big social feeds discard it for viewers; email, cloud links and file sends do not. For anything headed to strangers — a marketplace listing, a forum post, a pseudonymous account — spend the ten seconds: inspect, strip, verify, share. It is not about fear. It is about knowing what is in the envelope before you mail it.

Related: Why Toolkit runs entirely in your browser · How to compress images for the web without losing quality · Browse all tools