Privacy Policy
Last updated: March 18, 2026
Animal Detect ("we", "us", "our") is operated by Really A Robot ApS, Danserhøj 40, Brønderslev 9700, Denmark. This policy explains how we collect, use, store, and protect personal data when you use our website, application, API, billing pages, and support channels.
1. Controller and contact
Data controller: Really A Robot ApS, Danserhøj 40, 9700 Brønderslev, Denmark
Contact: info@animaldetect.com
Support: support@animaldetect.com
We have not appointed a Data Protection Officer. For all data protection inquiries, please contact us using the details above.
2. Roles and responsibilities
For account, billing, and operational data, we act as the data controller.
For content you upload and process through the service, you act as the data controller, and we act as a data processor on your behalf, except where content is processed under the Public plan for our own legitimate interests as described in this policy.
You are responsible for ensuring that you have a valid legal basis for processing any personal data submitted to the service.
Where required under applicable law, a Data Processing Agreement (DPA) may be made available upon request.
3. What data we collect
| Category | Typical items | Source |
|---|---|---|
| Account data | Name, email address, password hash, authentication metadata | Provided by you during sign-up or sign-in |
| Billing data | Plan, billing interval, credit balances, Stripe customer/subscription references, invoices, transaction records | Generated through your account and payment provider |
| Content data | Uploaded images, generated outputs, project metadata, API request payloads and results | Submitted by you through the platform or API |
| Usage and security data | API request logs, rate-limit data, timestamps, device/browser data, IP-related security logs | Collected automatically when you use the service |
| Support and communications data | Emails, support requests, product notices, onboarding and billing communications | Provided by you or sent by us |
Content you upload may include personal data, including images of identifiable individuals. You are responsible for ensuring you have a lawful basis for submitting such data.
4. Public and private plans
Animal Detect offers a free Public plan and paid private plans. This affects how submitted content may be handled.
- Public plan: content submitted while your account is on Public may be reviewed or reused by us for service improvement, evaluation, and internal research, based on our legitimate interests in improving and evaluating the service, and subject to applicable law.
- Paid plans and legacy trial accounts: content submitted while your account is on a paid plan or active legacy trial is treated as private and is not reused for those purposes, except where access is needed to operate, secure, support, or comply with legal obligations.
This distinction is disclosed in pricing, billing, signup, and legal pages. We do not backfill consent records or retroactively reclassify previously stored content solely because your plan later changes.
We do not sell personal data to data brokers or advertisers, and we do not use uploaded wildlife content for advertising networks or ad targeting.
5. Why we process your data
| Purpose | Lawful basis | Examples |
|---|---|---|
| Provide the service you requested | Contract | Account creation, uploads, API processing, credit tracking, billing portal access |
| Process payments and maintain records | Contract and legal obligation | Subscription billing, top-up purchases, invoices, accounting retention |
| Secure the service and prevent abuse | Legitimate interests | Rate limiting, fraud checks, abuse prevention, incident investigation |
| Improve and evaluate the product | Legitimate interests | Aggregate usage analysis, public-tier content evaluation, docs and onboarding improvements |
| Communicate with you | Contract and legitimate interests | Transactional emails, billing notices, support replies, migration announcements |
| Improve models and internal evaluation using Public plan content | Legitimate interests | Training, benchmarking, and evaluating system performance using content submitted under the Public plan |
We do not use personal data for automated decision-making that produces legal or similarly significant effects on individuals.
6. Billing and usage specifics
We process billing and usage data to operate the credit system. This includes tracking plan status, billing interval, recurring included credits, top-up balances, grace usage, API request counts, and feature access decisions.
If a legacy trial ends or a subscription changes state, we update account entitlements accordingly. If a payment fails, we may mark the account as past due and limit renewed subscription benefits until payment is recovered.
7. Sub-processors and service providers
We use third-party providers to operate Animal Detect, including infrastructure, analytics, billing, and email delivery vendors.
- Google Cloud Platform for storage, processing, and supporting infrastructure
- Supabase for database, authentication, and platform data services
- Stripe for billing, invoices, and payment processing
- Resend for transactional and account communications
- Umami for privacy-conscious analytics
Some providers may process limited personal data outside your country or the EEA. Where that happens, we rely on appropriate safeguards such as adequacy decisions or the European Commission's Standard Contractual Clauses (SCCs), together with supplementary measures where required.
Our primary infrastructure is hosted within the European Economic Area (EEA), unless otherwise stated.
8. Communications
We may send service and account communications related to security, billing, product changes, legal notices, support, onboarding, and migration of your account. You cannot opt out of strictly necessary service messages while maintaining an active account.
These service communications may include credit threshold notices, grace-period notices, billing recovery reminders, migration notices, and other messages necessary to help you keep service working as expected.
Where we send optional product updates or similar non-essential communications, we will provide a way to stop receiving them when required by applicable law or the sending channel.
These communications are sent based on our contractual obligations and legitimate interests in operating the service.
9. Cookies and analytics
We use limited cookies and similar technologies necessary for authentication, security, and basic analytics.
We use privacy-focused analytics tools designed to avoid tracking individuals across websites. Where required by applicable law, we will request consent before using non-essential cookies.
10. Data retention
| Data type | Retention period |
|---|---|
| Account and billing records | As long as the account exists, plus statutory retention where required |
| Uploaded content and generated outputs | Until deleted by you, removed with the related project, or deleted under our retention controls |
| Operational, API, and security logs | Retained as needed for security, billing, support, and abuse prevention, then deleted or aggregated |
| Support and transactional communications | Retained as needed to support the account relationship and compliance obligations |
We periodically review stored data and delete or anonymize data that is no longer necessary for the purposes described in this policy.
When you delete your account, we will delete or anonymize your personal data within a reasonable period, except where retention is required for legal, accounting, or security purposes.
11. Security
We use technical and organizational measures designed to protect the service and the data we process, including encrypted transport, access controls, infrastructure hardening, and operational logging.
While we implement appropriate safeguards, no system can be guaranteed to be completely secure.
12. Your rights
Subject to applicable law, you may have the right to:
- access the personal data we hold about you
- request correction or deletion
- object to or restrict certain processing
- withdraw consent where processing is based on consent
- object to processing based on legitimate interests
- receive a portable copy of certain data
- lodge a complaint with your supervisory authority
To exercise these rights, email info@animaldetect.com.
You also have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet).
We aim to respond to requests within one month, as required by applicable law.
13. Children
The service is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children.
14. Changes to this policy
We may update this policy when the service, billing model, or legal requirements change. Material updates will be reflected here and will be communicated where appropriate by email or within the product prior to taking effect.
Did we convince you?
Start now