Privacy Policy
Last updated: 9 May 2025
Animal Detect ("we", "us", "our") is operated by Really A Robot ApS, Danserhøj 40, Brønderslev 9700, Denmark. We respect your privacy and are committed to processing personal data fairly, lawfully and transparently in accordance with Regulation (EU) 2016/679 ("GDPR") and applicable e-Privacy rules.
1. Who is responsible for your data?
Data controller: Really A Robot ApS, Denmark, E-mail: support@animaldetect.com
Data Protection Officer (DPO): Not legally required; please use the contact above for all privacy matters.
2. Scope of this notice
This policy describes how we collect, use, disclose and protect personal data when you:
- visit animaldetect.com or any sub-domain ("Website");
- create an account and use our web application ("App");
- purchase a subscription or one-off service; or
- interact with us by e-mail or support chat.
3. What data we collect
| Category | Typical items | Source |
|---|---|---|
| Account data | E-mail address, hashed password, chosen display name | Provided by you during sign-up |
| OAuth data | Google account identifier and e-mail (if you sign in with Google) | Google, after your consent |
| Payment data | Subscription tier, transaction ID, last four digits of card, billing address (if provided) | Stripe Payments Europe S.A. |
| Content data | Images you upload, processed output files, associated metadata | You, via App upload |
| Usage data | Date/time of visit, pages viewed, browser & device type, truncated IP address | Automatically from your browser via Umami Analytics |
| Technical data | Authentication/session cookies, Stripe fraud-prevention cookies | Automatically from your browser |
We do not intentionally collect special-category data (GDPR Art. 9) nor do we profile or make automated decisions that produce legal effects.
4. Purposes & lawful bases
| Purpose | Lawful basis (Art. 6 GDPR) | Details |
|---|---|---|
| Create and maintain your user account | Contract Art. 6 (1)(b) | We need basic identity & credentials to deliver the service you request. |
| Process payments & issue invoices | Contract Art. 6 (1)(b) & Legal obligation Art. 6 (1)(c) | Required for subscription fulfilment and tax compliance. |
| Provide image-processing functionality | Contract | We store the files you upload and generate results on your demand. |
| Prevent fraud & secure the service | Legitimate interest Art. 6 (1)(f) | Essential cookies and logs help detect abusive or automated behaviour. |
| Audience measurement & service improvement (Umami) | Legitimate interest | We use cookieless, first-party analytics limited to aggregate statistics. |
| Respond to enquiries & support requests | Legitimate interest | Necessary to answer you and improve customer experience. |
Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms through an internal Legitimate-Interest Assessment and concluded that our processing is proportionate and minimally intrusive.
5. Cookies & similar technologies
We aim to keep tracking minimal. The Website only sets essential cookies.
We do not use advertising, social-media or analytics cookies, and therefore no consent banner is displayed. Umami Analytics operates without storing any identifier on your device.
How to block cookies anyway: Most browsers let you delete or block cookies in settings. Blocking the above cookies may prevent you from logging in or completing payments.
6. Hosting & sub-processors
- Google Cloud Platform – europe-west (Frankfurt) → hosting & object storage for uploaded images and results.
- Stripe Payments Europe S.A. (Ireland) → payment processing; PCI-DSS compliant.
- Umami Cloud – EU region (Germany) → audience measurement (cookieless).
All data is stored and processed within the European Economic Area (EEA). If a future transfer outside the EEA becomes necessary we will implement EU-approved Standard Contractual Clauses or rely on an adequacy decision and update this notice accordingly.
7. Data retention
| Data type | Retention period |
|---|---|
| Account & billing records | As long as you have an account + 6 years for statutory accounting |
| Uploaded images & outputs | Until user deletes either account or project that is assigned to the images. |
| Server logs & raw analytics | 24 hours, rolled-up aggregates kept 13 months |
You may delete your account at any time from the profile page or by e-mail; backups are purged within 30 days.
8. Security measures
- TLS encryption in transit (HTTPS)
- AES-256 encryption at rest on all GCP storage volumes
- Continuous vulnerability patching
9. Your rights
Under GDPR you have the right to:
- access the personal data we hold about you;
- request rectification or erasure;
- restrict or object to processing (including analytics);
- receive a copy of your data in portable format;
- withdraw consent where processing is based on consent;
- lodge a complaint with your local supervisory authority (e.g., Datatilsynet, Denmark).
To exercise any right, please write to info@animaldetect.com. We will respond within 30 days.
10. Children
Our services are intended for professionals and organizations. We do not knowingly collect or solicit personal information from children under the age of 13. If we become aware that we have collected personal information from a child, we will delete it immediately.
11. Changes to this policy
We may update this document to reflect legal or technical changes. For substantial modifications we will notify registered users by e-mail at least 14 days in advance. The version date appears at the top of the page.
12. Contact
If you have questions about privacy or data protection, contact info@animaldetect.com.
By using Animal Detect you acknowledge that you have read and understood this Privacy & Cookie Policy.