Last updated: March 29, 2026
We built Retouch.to with privacy in mind from day one. This policy explains plainly what data we collect, why we need it, and how we protect it — in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
Retouch.to is the data controller for your personal data. If you have any questions about this policy or want to exercise your privacy rights, just reach out: [email protected]
We only collect what we actually need to run the service.
Your email address
Used for signing in and sending you essential account communications like password resets and billing confirmations. Nothing else.
Legal basis: Article 6(1)(b) GDPR — necessary to provide the service you signed up for.
Images you upload
Your photos are processed solely to produce the retouched output you asked for. We never use your images to train AI models, and we never share them with third parties. Images containing faces are treated as ordinary photos for editing — we do not perform any biometric identification or profiling.
Legal basis: Article 6(1)(b) GDPR — necessary to deliver the service.
Payment data
Card payments are handled entirely by Stripe — we never see or store your card details. We keep basic transaction records (amount, date, subscription status) as required by law.
Legal basis: Article 6(1)(b) GDPR (contract) and Article 6(1)(c) GDPR (legal obligation — financial records).
Anonymous usage statistics
We self-host Plausible Analytics, a privacy-focused tool that counts page views and feature usage without collecting any personal data, without fingerprinting your device, and without setting any cookies. The aggregated stats help us understand what’s working and improve the product.
Legal basis: Article 6(1)(f) GDPR — our legitimate interest in improving the service. Because the data is fully anonymised and never linked to you, this does not override your privacy rights.
We work with a small number of trusted providers, each under a GDPR-compliant Data Processing Agreement. They process data only on our instructions, never for their own purposes.
Cloudflare R2 — File storage
Your uploaded images and processed outputs are stored in Cloudflare R2 on European servers. Under normal conditions, this data stays within the EEA. Cloudflare is certified under the EU–U.S. Data Privacy Framework.
Privacy policy: cloudflare.com/privacypolicy
RunPod — Image processing
AI retouching runs on RunPod’s GDPR-compliant Secure Cloud, which uses isolated dedicated servers in compliant data centres. Images are processed transiently — RunPod does not retain any image data after inference completes.
Privacy policy: runpod.io/privacy-policy
Brevo — Transactional email
Account and billing emails are sent through Brevo (headquartered in Paris, France). As an EU company, Brevo operates within the EEA and is subject to GDPR directly. They process your email address and basic delivery metadata on our behalf.
Privacy policy: brevo.com/legal/privacypolicy
Stripe — Payment processing
Stripe handles all payment card data under PCI-DSS standards and is certified under the EU–U.S. Data Privacy Framework. We only receive non-sensitive transaction metadata from Stripe.
Privacy policy: stripe.com/privacy
We aim to keep your data in the EEA. Where transfers outside the EEA are unavoidable (for example, via Cloudflare or Stripe’s US parent entities), they are covered by Standard Contractual Clauses (SCCs) approved by the European Commission and/or EU–U.S. Data Privacy Framework certification. You can request details of the applicable safeguards by emailing [email protected].
• Email address: Kept while your account is active, deleted within 30 days of account closure.
• Uploaded images and outputs: Kept long enough to deliver the service and allow re-download, then permanently deleted. You can also request immediate deletion at any time.
• Transaction records: Kept for 7 years as required by EU accounting and tax law.
Under GDPR you have real, enforceable rights over your data. Just email [email protected] and we’ll help:
• Access (Art. 15): Get a copy of the data we hold about you.
• Rectification (Art. 16): Correct anything that’s inaccurate or incomplete.
• Erasure (Art. 17): Ask us to delete your data (“right to be forgotten”).
• Restriction (Art. 18): Ask us to pause processing in certain situations.
• Portability (Art. 20): Receive your data in a machine-readable format.
• Object (Art. 21): Object to processing based on legitimate interests.
• No automated decisions (Art. 22):We don’t make any automated decisions about you that have legal or significant effects.
We’ll respond within 30 days. If we need a little more time (up to 90 days total), we’ll let you know upfront.
If you feel we haven’t handled your data properly, you have the right to lodge a complaint with your national data protection authority. A full list of EU supervisory authorities is at: edpb.europa.eu/about-edpb/about-edpb/members_en
We only use cookies that are strictly necessary for login and session management. We have no advertising cookies, no third-party trackers, and our analytics (Plausible, self-hosted) is completely cookieless.
We protect your data with encryption in transit (TLS) and at rest, strict access controls, and regular security reviews. If a breach occurs that poses a high risk to your rights, we will notify you without undue delay as required by Article 34 GDPR.
Retouch.to is not intended for anyone under 16. If you believe a minor has created an account, please let us know at [email protected] and we will delete the data immediately.
If we make material changes, we’ll let you know by email or via a notice on the site before they take effect. The “last updated” date at the top always reflects the current version.
Questions, requests, or just want to know more? We’re happy to help.
Email: [email protected]