Legal
Privacy Policy
Last updated:
Your Privacy Matters
At AI Photo Detect, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service.
Introduction
This Privacy Policy describes how aiphotodetect.com / Internet Mate Ltd ("Company", "we", "us", or "our") collects, uses, and shares information about you when you use our AI Photo Detect website, web application, and API services (collectively, the "Service").
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws. By using the Service, you acknowledge that you have read and understood this Privacy Policy.
This Privacy Policy should be read alongside our Terms of Service and Acceptable Use Policy.
Data Controller
For the purposes of applicable data protection laws, the data controller is:
aiphotodetect.com / Internet Mate Ltd
- Registered Address: Suite 7, Second Floor, Apple Market Hub, 9 Crown Passage, Kingston Upon Thames, KT1 1JD
- Company Number: 07709209
- Email: support@aiphotodetect.com
If you have any questions about this Privacy Policy or our data practices, please contact us using the details above.
Information We Collect
3.1 Information You Provide
We collect information you provide directly to us, including:
| Category | Data Types | Purpose |
|---|---|---|
| Account Information | Name, email address, password (hashed) | Account creation and authentication |
| Billing Information | Payment card details (via Stripe), billing address | Processing payments and invoicing |
| User Content | Images uploaded for analysis | Providing AI detection services |
| Communications | Support requests, feedback, correspondence | Customer support and service improvement |
3.2 Information Collected Automatically
When you use the Service, we automatically collect certain information:
- Usage Data: Pages visited, features used, API calls made, detection results, timestamps
- Device Information: Browser type, operating system, device identifiers
- Log Data: IP address, access times, referring URLs, error logs
- Cookies: Session cookies, preference cookies, analytics cookies (see Section 11)
3.3 Information from Third Parties
We may receive information about you from third-party services:
- Authentication Provider (Clerk): Account verification status, login activity
- Payment Processor (Stripe): Payment status, transaction history
- Analytics Services: Aggregated usage patterns and demographics
How We Use Your Information
We use the information we collect for the following purposes:
4.1 Service Delivery
- Provide, maintain, and improve the Service
- Process and analyse images for AI detection
- Manage your account and subscription
- Process payments and send invoices
- Generate and manage API keys
4.2 Communication
- Send service-related notifications and updates
- Respond to your comments, questions, and support requests
- Send marketing communications (with your consent)
- Notify you of changes to our Terms or Privacy Policy
4.3 Safety & Security
- Detect, prevent, and address fraud, abuse, and security issues
- Enforce our Terms of Service and Acceptable Use Policy
- Comply with legal obligations and law enforcement requests
- Protect the rights, property, and safety of our users and the public
4.4 Analytics & Improvement
- Analyse usage patterns and trends
- Improve the accuracy and performance of our detection services
- Develop new features and services
- Conduct research and analysis
Legal Basis for Processing
Under UK GDPR, we must have a valid legal basis for processing your personal data. We rely on the following legal bases:
| Legal Basis | Processing Activities |
|---|---|
| Contract Performance | Providing the Service, processing payments, managing your account, delivering detection results |
| Legitimate Interests | Service improvement, fraud prevention, security, analytics, customer support |
| Consent | Marketing communications, optional cookies, newsletter subscriptions |
| Legal Obligation | Tax records, responding to legal requests, reporting illegal content |
Where we rely on legitimate interests, we have conducted a balancing test to ensure our interests do not override your fundamental rights and freedoms.
Data Sharing & Third Parties
We do not sell your personal data. We share your information only in the following circumstances:
6.1 Service Providers
We use trusted third-party service providers to help operate our Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Identity Provider | User authentication | Email, name, login activity |
| Stripe | Payment processing | Billing information, transaction data |
| AI Detection Provider | AI image detection | Uploaded images (for analysis) |
| Cloud Storage Provider | Cloud hosting, image storage | All service data |
| Database Provider | Database hosting | Account and usage data |
| Hosting Provider | Web application hosting | Access logs, usage data |
| Email Service Provider | Email communications | Email address, name |
All service providers are bound by data processing agreements that require them to protect your data and use it only for the purposes we specify.
6.2 Legal Requirements
We may disclose your information if required to do so by law or in response to:
- Valid legal processes (court orders, subpoenas)
- Requests from law enforcement or government authorities
- Situations involving potential threats to safety
- Protection of our legal rights or defence against legal claims
6.3 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal data.
International Data Transfers
Your information may be transferred to and processed in countries outside the United Kingdom, including the United States and European Union, where our service providers operate.
When we transfer personal data outside the UK, we ensure appropriate safeguards are in place, including:
- Adequacy Decisions: Transfers to countries deemed adequate by the UK Government
- Standard Contractual Clauses (SCCs): EU/UK-approved contractual terms with data recipients
- Data Privacy Framework: For US transfers to certified organisations
- Binding Corporate Rules: Where applicable
You may request a copy of the safeguards we use by contacting us at support@aiphotodetect.com.
Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
| Data Type | Retention Period |
|---|---|
| Account Information | Duration of account + 2 years after deletion |
| Uploaded Images | 30 days after analysis (or as configured by user) |
| Detection Results | Duration of account + 90 days |
| Billing Records | 7 years (legal requirement) |
| API Logs | 90 days |
| Support Communications | 3 years after resolution |
After the retention period, data is securely deleted or anonymised. We may retain anonymised, aggregated data indefinitely for analytics purposes.
Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction:
- Encryption: All data transmitted via HTTPS/TLS; data at rest encrypted using AES-256
- Access Controls: Role-based access, multi-factor authentication for staff
- Infrastructure: Secure cloud hosting with SOC 2 compliant providers
- Monitoring: Continuous security monitoring and logging
- Passwords: Passwords are hashed using industry-standard algorithms (never stored in plaintext)
- API Security: Secure API key generation, rate limiting, and abuse detection
While we strive to protect your data, no method of transmission or storage is 100% secure. If you believe your account has been compromised, please contact us immediately.
Your Rights
Under UK GDPR, you have the following rights regarding your personal data:
Right of Access
Request a copy of the personal data we hold about you
Right to Rectification
Request correction of inaccurate or incomplete data
Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data in certain circumstances
Right to Restrict Processing
Request limitation of how we use your data
Right to Data Portability
Receive your data in a structured, machine-readable format
Right to Object
Object to processing based on legitimate interests or for marketing
Right to Withdraw Consent
Withdraw consent at any time where processing is based on consent
How to Exercise Your Rights
To exercise any of these rights, please contact us at support@aiphotodetect.com. We will respond to your request within one month.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data appropriately:
Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children under 18. If we become aware that we have collected personal data from a child under 18, we will take steps to delete such information promptly.
If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@aiphotodetect.com.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:
- We will update the "Last Updated" date at the top of this Policy
- We will notify you by email (for material changes)
- We may display a notice within the Service
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes indicates your acceptance of the updated Policy.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
aiphotodetect.com / Internet Mate Ltd — Data Protection
- Support: support@aiphotodetect.com
- Email: support@aiphotodetect.com
- Registered Address: Suite 7, Second Floor, Apple Market Hub, 9 Crown Passage, Kingston Upon Thames, KT1 1JD
We aim to respond to all privacy-related enquiries within 30 days.