Privacy Policy

Last updated: 9 May 2025

Animal Detect ("we", "us", "our") is operated by Really A Robot ApS, Danserhøj 40, Brønderslev 9700, Denmark. We respect your privacy and are committed to processing personal data fairly, lawfully and transparently in accordance with Regulation (EU) 2016/679 ("GDPR") and applicable e-Privacy rules.

1. Who is responsible for your data?

Data controller: Really A Robot ApS, Denmark, E-mail: eugene@animaldetect.com
Data Protection Officer (DPO): Not legally required; please use the contact above for all privacy matters.

2. Scope of this notice

This policy describes how we collect, use, disclose and protect personal data when you:

  • visit animaldetect.com or any sub-domain ("Website");
  • create an account and use our web application ("App");
  • purchase a subscription or one-off service; or
  • interact with us by e-mail or support chat.

3. What data we collect

CategoryTypical itemsSource
Account dataE-mail address, hashed password, chosen display nameProvided by you during sign-up
OAuth dataGoogle account identifier and e-mail (if you sign in with Google)Google, after your consent
Payment dataSubscription tier, transaction ID, last four digits of card, billing address (if provided)Stripe Payments Europe S.A.
Content dataImages you upload, processed output files, associated metadataYou, via App upload
Usage dataDate/time of visit, pages viewed, browser & device type, truncated IP addressAutomatically from your browser via Umami Analytics
Technical dataAuthentication/session cookies, Stripe fraud-prevention cookiesAutomatically from your browser

We do not intentionally collect special-category data (GDPR Art. 9) nor do we profile or make automated decisions that produce legal effects.

4. Purposes & lawful bases

PurposeLawful basis (Art. 6 GDPR)Details
Create and maintain your user accountContract Art. 6 (1)(b)We need basic identity & credentials to deliver the service you request.
Process payments & issue invoicesContract Art. 6 (1)(b) & Legal obligation Art. 6 (1)(c)Required for subscription fulfilment and tax compliance.
Provide image-processing functionalityContractWe store the files you upload and generate results on your demand.
Prevent fraud & secure the serviceLegitimate interest Art. 6 (1)(f)Essential cookies and logs help detect abusive or automated behaviour.
Audience measurement & service improvement (Umami)Legitimate interestWe use cookieless, first-party analytics limited to aggregate statistics.
Respond to enquiries & support requestsLegitimate interestNecessary to answer you and improve customer experience.

Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms through an internal Legitimate-Interest Assessment and concluded that our processing is proportionate and minimally intrusive.

5. Cookies & similar technologies

We aim to keep tracking minimal. The Website only sets essential cookies.

We do not use advertising, social-media or analytics cookies, and therefore no consent banner is displayed. Umami Analytics operates without storing any identifier on your device.

How to block cookies anyway: Most browsers let you delete or block cookies in settings. Blocking the above cookies may prevent you from logging in or completing payments.

6. Hosting & sub-processors

  • Google Cloud Platform – europe-west (Frankfurt) → hosting & object storage for uploaded images and results.
  • Stripe Payments Europe S.A. (Ireland) → payment processing; PCI-DSS compliant.
  • Umami Cloud – EU region (Germany) → audience measurement (cookieless).

All data is stored and processed within the European Economic Area (EEA). If a future transfer outside the EEA becomes necessary we will implement EU-approved Standard Contractual Clauses or rely on an adequacy decision and update this notice accordingly.

7. Data retention

Data typeRetention period
Account & billing recordsAs long as you have an account + 6 years for statutory accounting
Uploaded images & outputsUntil user deletes either account or project that is assigned to the images.
Server logs & raw analytics24 hours, rolled-up aggregates kept 13 months

You may delete your account at any time from the profile page or by e-mail; backups are purged within 30 days.

8. Security measures

  • TLS encryption in transit (HTTPS)
  • AES-256 encryption at rest on all GCP storage volumes
  • Continuous vulnerability patching

9. Your rights

Under GDPR you have the right to:

  • access the personal data we hold about you;
  • request rectification or erasure;
  • restrict or object to processing (including analytics);
  • receive a copy of your data in portable format;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with your local supervisory authority (e.g., Datatilsynet, Denmark).

To exercise any right, please write to info@animaldetect.com. We will respond within 30 days.

10. Children

Our services are intended for professionals and organizations. We do not knowingly collect or solicit personal information from children under the age of 13. If we become aware that we have collected personal information from a child, we will delete it immediately.

11. Changes to this policy

We may update this document to reflect legal or technical changes. For substantial modifications we will notify registered users by e-mail at least 14 days in advance. The version date appears at the top of the page.

12. Contact

If you have questions about privacy or data protection, contact info@animaldetect.com.

By using Animal Detect you acknowledge that you have read and understood this Privacy & Cookie Policy.