GDPR Compliance

1. Introduction

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to individuals in the European Union (EU) and European Economic Area (EEA). At ImageTranslatorAI, we are committed to protecting your personal data and respecting your privacy rights under GDPR.

This page explains your rights under GDPR and how we comply with these regulations when you use our service.

2. Data Controller Information

For the purposes of GDPR, the data controller is:

• Service Name: ImageTranslatorAI
• Contact Email: contact@imagetranslatorai.com

If you have any questions about how we process your personal data or wish to exercise your GDPR rights, please contact us at the email address above.

3. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

4.1 Consent (Article 6(1)(a))

When you create an account or use our service, you provide consent for us to process your personal data for the purposes outlined in our Privacy Policy.

4.2 Contract Performance (Article 6(1)(b))

Processing is necessary to provide the image translation service you have requested and to manage your account.

4.3 Legitimate Interests (Article 6(1)(f))

We may process your data based on our legitimate interests in:

• Improving our services and user experience
• Preventing fraud and ensuring security
• Analyzing usage patterns to optimize performance

4.4 Legal Obligations (Article 6(1)(c))

In some cases, we may be required to process your data to comply with legal obligations.

5. Personal Data We Collect

We collect and process the following categories of personal data:

5.1 Account Information

• Email address
• Encrypted password
• Account creation date

5.2 Usage Data

• Translation count and dates
• IP address (for usage limits, stored for 30 days maximum)
• Browser type and device information
• Session data

5.3 Images

Important: Images you upload for translation are NOT stored on our servers. They are processed in real-time and immediately discarded after translation. We do not retain any copy of your images.

5.4 Analytics Data

• Page views and navigation patterns (via Google Analytics)
• Session duration
• Anonymized user behavior data

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Account Data: Retained until you delete your account or request deletion
• Usage Data: Stored for 30 days for registered users; 30 days for IP-based records
• Uploaded Images: NOT stored - processed in memory and immediately discarded
• Translation Results: Temporarily cached during your session only, not permanently stored
• Analytics Data: Retained according to Google Analytics retention settings (up to 26 months)

7. Data Sharing and Third Parties

We share your personal data only in the following limited circumstances:

7.1 Service Providers

• AI Translation Services: Images are sent to third-party AI providers for translation processing in real-time (not stored by providers)
• Authentication and Database: Secure third-party services manage user accounts and usage data
• Analytics: Google Analytics processes anonymized usage data

7.2 Legal Requirements

We may disclose your personal data if required to do so by law or in response to valid legal requests from public authorities.

7.3 No Sale of Data

We do NOT sell your personal data to third parties.

8. International Data Transfers

ImageTranslatorAI is operated from China. If you are accessing our service from the EU/EEA, your personal data will be transferred to and processed in China and potentially other countries where our service providers operate.

These countries may not have the same data protection laws as the EU. However, we take appropriate measures to ensure your data is protected in accordance with GDPR, including:

• Implementing appropriate technical and organizational security measures
• Using service providers that comply with international data protection standards
• Ensuring contractual protections are in place with third-party processors

By using our service, you acknowledge and consent to the transfer of your personal data outside the EU/EEA as described in our Privacy Policy.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

• HTTPS/SSL encryption for data transmission
• Secure password storage with industry-standard hashing
• Regular security audits and updates
• Access controls limiting data access to authorized personnel only
• Real-time image processing without storage to minimize data exposure

10. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

• Email: contact@imagetranslatorai.com

When submitting a request, please include:

• Your name and email address associated with your account
• A clear description of the right you wish to exercise
• Any specific information or data you are requesting

Response Time

We will respond to your request within 30 days (one month) of receipt. In complex cases, we may extend this period by two additional months, and we will inform you of the extension and the reasons for the delay.

Verification

To protect your privacy and security, we may need to verify your identity before processing your request. We may ask for additional information to confirm you are the person whose data is being requested.

No Fee

You will not have to pay a fee to exercise your GDPR rights. However, we may charge a reasonable fee or refuse to comply with your request if it is clearly unfounded, repetitive, or excessive.

11. Right to Lodge a Complaint

If you are not satisfied with how we have handled your personal data or responded to your requests, you have the right to lodge a complaint with a supervisory authority in the EU member state where you live, work, or where an alleged infringement of GDPR occurred.

A list of EU supervisory authorities can be found at: European Data Protection Board

However, we encourage you to contact us first so we can try to resolve your concerns directly.

12. Data Breach Notification

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay (within 72 hours of becoming aware of the breach) in accordance with GDPR requirements.

The notification will include:

• The nature of the breach
• The categories and approximate number of data subjects affected
• The likely consequences of the breach
• The measures we have taken or propose to take to address the breach and mitigate its effects

13. Children's Data

Our service is not intended for children under 16 years of age (or the applicable age of digital consent in their country). We do not knowingly collect personal data from children under this age.

If we become aware that we have collected personal data from a child under the applicable age without parental consent, we will take steps to delete that information as soon as possible.

14. Changes to This Policy

We may update this GDPR compliance page from time to time. We will notify you of any material changes by:

• Posting the new policy on this page
• Updating the "Last updated" date
• Sending you an email notification (for significant changes)

We encourage you to review this page periodically for the latest information on our GDPR compliance practices.

15. Contact Information

For any questions, concerns, or requests related to GDPR and your data protection rights, please contact us:

• Email: contact@imagetranslatorai.com
• Service: ImageTranslatorAI

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy and data protection.