Política de privacidade
Last Updated: November 10, 2025
1. INTRODUCTION
This Privacy Policy (the "Policy") describes how GOOD RETOUCH LP, located at 1 Lochrin Square, 92-98 Fountainbridge, Edinburgh, EH3 9QA, United Kingdom ("Retouchme," "we," "us," or "our"), collects, uses, stores, and discloses your information.
We are committed to protecting your privacy and processing your personal data transparently and in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
This Policy applies when you download, access, or use our mobile application Retouchme (the "App") and any related retouching services (collectively, the "Services"). This Policy explains what personal data we collect, how we use it, the legal bases we rely on to do so, and your rights regarding your data.
2. WHAT PERSONAL DATA WE COLLECT
We collect personal data about you from several sources, as described below.
2.1. Data You Provide Directly
- Photos and Videos. We collect and process the photos and/or videos you upload to the App for use of our retouching Services. We only process the media files you specifically select to upload and edit.
- Account Information. When you create a Retouchme account or log in, we collect the information necessary for authentication. This may be your email address and password, or if you use a third-party service to log in (e.g., Apple ID or Google Account), we receive your user identifier from that service (e.g., Apple ID or the email address associated with your Google Account).
- Marketing Contact Information. After a successful login, we may present a separate screen asking for your permission to collect your email address for the purpose of sending you marketing and promotional communications, including information about promotions, discounts, and special offers. You provide this data only on the basis of your explicit (opt-in) consent.
- Communications and Support. If you contact us for support or other inquiries, we collect records and copies of your correspondence (including email addresses, phone numbers if provided, and the content of your inquiries).
2.2. Data We Collect Automatically
- Device Information. We collect information about your mobile device, such as IP address, unique device identifiers (e.g., IDFA for iOS or Android Advertising ID, if you have provided consent), operating system and version, and device type.
- Usage Details. We automatically collect information about your interaction with the App. This includes frequency of use, the features you use, and information about your interaction with the App's interface.
- Image Data. When you upload a photo or video for processing, our technologies may generate technical data about the elements of the image, such as the position, orientation, and topology of a face ("Face Data").
- Transaction and Subscription Data. We collect details about in-app purchases and subscriptions, such as the time of purchase, cost, and subscription status. All payments are processed by third-party payment processors (e.g., Apple, Google, or other providers). We do not collect, receive, or store your full credit card information. We may receive redacted cardholder data or transaction IDs from the processor to confirm payment.
- Client Identifier. We may assign a unique signature to identify you on the Service ("Client ID").
3. HOW WE PROCESS YOUR PHOTOS AND VIDEOS (AND IMAGE DATA)
This section focuses on how we process the primary type of data in our App—your photos, videos, and associated Face Data.
- Exclusively for Providing Services. Your photos, videos, and any derivative Face Data are used exclusively to provide you with the retouching features you request. Our systems analyze the image to apply the effects you have selected.
- On-Device Processing: To provide some functionalities, we use face recognition technology that is carried out on the user’s device (e.g., using Apple's
CIDetectorclass or Android'sFaceDetector). - Face Data Limitations: Information related to the user's face data processed on-device cannot be used to identify a specific person and is not shared with any third parties. This on-device data is stored on your device only during the retouching process and is permanently deleted after the order is done.
- No Identification. We do not use your photos, videos, or server-side Face Data to identify you personally.
- No AI Training (Without Consent). We do not use your content (photos or videos) to train our artificial intelligence models unless we have obtained your separate, explicit, and voluntary consent to do so.
- Storage. The retention periods for your photos and videos on our servers are described in Section 6 "Data Retention" of this Policy.
4. PURPOSES AND LEGAL BASES FOR PROCESSING YOUR PERSONAL DATA
Under the GDPR, we are required to inform you of the purposes for processing your personal data and the legal bases we rely upon.
| Purpose of Processing (Why we use your data) | Types of Personal Data (Examples) | Legal Basis (under GDPR) |
|---|---|---|
| Providing Retouchme Services (including processing and retouching your photos and videos). | Photos, videos, Image Data (Face Data). | Performance of a contract (Article 6(1)(b) GDPR). Processing is necessary to fulfill our Terms of Use. |
| Creating, maintaining, and securing your account. | Email address (for login), Apple/Google ID, device identifiers, Client ID. | Performance of a contract (Article 6(1)(b) GDPR). |
| Sending you marketing communications (promotions, special offers, news). | Email address (for mailing list). | Consent (Article 6(1)(a) GDPR). You provide this consent voluntarily on a separate screen in the app. |
| Communicating with you and providing technical support. | Email address, correspondence records, device information. | Our legitimate interest (Article 6(1)(f) GDPR) in providing quality support and responding to your inquiries. |
| Processing payments and subscriptions. | Transaction data, subscription data. | Performance of a contract (Article 6(1)(b) GDPR) and Compliance with a legal obligation (Article 6(1)(c) GDPR) (e.g., tax laws). |
| App improvement and analytics. | Usage details, device ID, IP address. | Our legitimate interest (Article 6(1)(f) GDPR) in understanding how our Services are used in order to improve them. |
5. YOUR CHOICES AND MARKETING COMMUNICATIONS
We respect your choices regarding promotional communications.
- Obtaining Your Consent. We will not send you marketing email messages (information about promotions, special offers, etc.) unless you have given your explicit, affirmative (opt-in) consent. Consent is requested on a separate screen within the App and is not required to use the App's core features. We maintain a record of your consent as required by GDPR.
- Your Right to Opt-Out / Withdraw Consent. If you have previously given consent to receive marketing emails, you have the right to withdraw this consent at any time and free of charge.
- How to Withdraw Consent. You may withdraw your consent (unsubscribe) in one of the following ways:
- By clicking the "Unsubscribe" link, which is located in the footer of every marketing email we send.
- By contacting us directly at the email address provided in Section 13 "Contact Information."
- Consequences of Withdrawal. Withdrawing your consent for marketing communications will not affect the lawfulness of processing based on consent before its withdrawal. Your withdrawal of marketing consent will also not affect your ability to use the core Services of the App, including your account and subscriptions.
6. DATA RETENTION
We do not store personal data for longer than is necessary for the purposes for which it was collected and as required by law.
- General Principle. We will retain your personal data only for as long as necessary for the purposes set out in this Policy.
- Account Data. We retain your account data (e.g., login email, Client ID) as long as you have an active Retouchme account.
- Data on Marketing Consent. If you have consented to receive marketing emails, we will retain your email address on our active mailing list until you withdraw your consent (i.e., unsubscribe).
- Photos and Videos (Automatic Deletion). All customer images and videos, including both original and retouched versions, are stored securely on our Services. All such images and videos are automatically and permanently deleted from our servers after a 30-day period. If you delete the App from your device, your images and videos will still be automatically deleted from our servers after this 30-day period.
- Manual Deletion. You can manually delete your orders within the App. If you choose to do this, your images and videos associated with those orders will be permanently deleted from our servers within 24 hours. You can also request to delete your entire account. Upon this request, all your personal data will be permanently deleted from our systems in accordance with this policy.
- Legal Obligations. We may retain certain data (e.g., transaction and payment records) for a longer period if required to comply with our legal, tax, or accounting obligations, or to resolve disputes.
7. YOUR DATA PROTECTION RIGHTS (EEA AND UK RESIDENTS)
If you are a resident of the European Economic Area (EEA) or the United Kingdom (UK), you have certain rights regarding your personal data under the GDPR:
- The Right to Access. You have the right to request copies of your personal data from us.
- The Right to Rectification. You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
- The Right to Erasure (Right to be Forgotten). You have the right to request that we erase your personal data, under certain conditions.
- The Right to Restriction of Processing. You have the right to request that we restrict the processing of your personal data, under certain conditions.
- The Right to Object to Processing. You have the right to object to our processing of your personal data based on our legitimate interests.
- The Right to Data Portability. You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
- The Right to Withdraw Consent. Where we rely on your consent for processing (as in the case of marketing communications described in Section 5), you have the right to withdraw that consent at any time.
- The Right to Lodge a Complaint. You have the right to lodge a complaint with a data protection supervisory authority if you believe our processing of your personal data infringes the GDPR. You may file a complaint with your member state's authority or with the UK's Information Commissioner's Office (ICO), as we are registered in the UK.
If you wish to exercise any of these rights, please contact us using the details in Section 13.
8. NOTICE TO UNITED STATES RESIDENTS
This section supplements the information contained in our Privacy Policy and applies solely to residents of U.S. states with comprehensive data privacy laws, including, but not limited to, California (CCPA/CPRA), Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and Utah (UCPA).
8.1. Your Rights and Choices
Depending on your state of residence, you may have the following rights:
- The Right to Know and Access. The right to know what personal data we collect, use, or disclose, and the right to access a copy of that data.
- The Right to Delete. The right to request the deletion of your personal data that we have collected and retained (subject to certain legal exceptions, e.g., if the data is necessary to complete a transaction or comply with a legal obligation).
- The Right to Correct. The right to request the correction of inaccurate personal data we maintain.
- The Right to Opt-Out of "Sale" or "Sharing." Retouchme does not sell your personal data for monetary consideration. We also do not "share" your personal data for purposes of cross-context behavioral or targeted advertising, as those terms are defined under U.S. law.
- The Right to Non-Discrimination. We will not discriminate against you (e.g., by denying services or providing a different price level) for exercising any of your privacy rights.
To exercise these rights, please contact us using the details in Section 13.
8.2. Notice at Collection (CCPA Table)
Over the past 12 months, we have collected (or may have collected) the following categories of personal information, as defined by the California Consumer Privacy Act (CCPA).
| Category of Personal Information (per CCPA) | Do We Collect This? | Primary Purpose of Collection |
|---|---|---|
| A. Identifiers (e.g., Email, IP-address, Apple/Google ID, Device ID, Client ID) | YES | Providing Services, Account Management, Marketing (for email), Support. |
| B. Personal Information (per Cal. Civ. Code 1798.80) (e.g., name, if you provide it in support) | YES | Support. |
| C. Characteristics of Protected Classifications | NO | We do not collect this category of data. |
| D. Commercial Information (Subscription data, purchase history) | YES | Payment processing, Subscription management. |
| F. Internet or other electronic network activity (App usage details) | YES | Analytics, Service Improvement. |
| G. Geolocation Data (Only imprecise, based on IP address) | YES | Analytics. |
| K. Inferences (e.g., about user preferences) | NO | We do not draw inferences to build a profile about you. |
| L. Sensitive Personal Information (Image Data, Face Data, as uploaded by you) | YES | Solely to provide the retouching Services you request. We do not use this data for other purposes. |
We disclose these data categories for business purposes to our service providers (e.g., hosting providers, payment processors, customer support services) who are obligated to process this data only on our behalf.
9. INTERNATIONAL DATA TRANSFERS
Our head office is in the United Kingdom. Your personal data may be stored and processed in any country where we have facilities or where we engage service providers (e.g., in the United States or the European Union).
If you are located in the EEA, your data will be transferred to the UK, which is recognized by the European Commission as providing an adequate level of data protection. When transferring data to countries outside the EEA or UK that do not have an adequacy decision (e.g., the US), we use approved safeguarding mechanisms, such as Standard Contractual Clauses (SCCs).
10. DATA SECURITY
We take reasonable technical, administrative, and organizational measures to protect personal data from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. We use measures such as data encryption in transit and at rest, as well as strict access controls to our systems.
However, please be aware that no method of data transmission over the Internet or method of electronic storage is 100% secure.
11. CHILDREN'S PRIVACY
Our Service does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through our Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data through our Services without their permission. If you believe that we might have any information from or about a child under 13, please contact us via email at info@retouchme.com.
12. CHANGES TO OUR PRIVACY POLICY
We may update this Privacy Policy at any time. The policy is updated on our website, and the "Last Updated" date at the top of this page indicates the date of the latest revision. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Services after any changes indicates your acceptance of the new policy, which will not alter the fundamental principles of personal data storage.
13. CONTACT INFORMATION
If you have any questions, comments, or concerns about this Privacy Policy or our data practices, or to exercise your rights, please contact us via email or through the contact form in our Application.
Data Controller: GOOD RETOUCH LP 1 Lochrin Square, 92-98 Fountainbridge, Edinburgh, EH3 9QA, United Kingdom
For all privacy-related inquiries, please email us at: Email: info@retouchme.com