Privacy Policy

Last updated: [Current Date]

This Privacy Policy explains how JMTR LTD (“Fotool,” “we,” “us,” “our”) collects, uses, discloses and protects information about you when you:

• visit our website at www.fotool.ai and any subdomains;
• use our web-based platform, dashboard or APIs;
• otherwise interact with us (for example by email or support channels)

(collectively, the “Service”).

Fotool.ai is a trading name for JMTR LTD.

We are committed to protecting your privacy and handling your information in a transparent and lawful way. If you do not agree with this Policy, you should not use the Service.

1. Who We Are and Our Role

JMTR LTD is the data controller for personal data we collect directly from you for:

• website accounts,
• billing and invoicing,
• marketing communications,
• support and general business contacts.

For images and other data that you upload about your products or end-customers in order to generate AI imagery:

• typically you (your company) are the data controller,
• and Fotool acts as your data processor, processing that data on your instructions to provide the Service.

In some cases we may also act as an independent controller where required by law (for example for security logs, fraud prevention or accounting).

Our details:
JMTR LTD
1053 London Road, Leigh-On-Sea, Essex, SS9 3JP, UK
Email: support@fotool.ai

2. Information We Collect

We collect different types of information depending on how you use the Service.

2.1 Information you provide directly

Account and contact details: When you sign up or contact us, we may collect:

• Name
• Business email address
• Password or login identifier (hashed, not stored in plain text)
• Company name, role and contact details
• Country / region
• Communication preferences

Billing and payment information: If you purchase a paid plan or buy credits, we (and/or our payment providers) may collect:

• Billing address and company details
• VAT or tax number (where applicable)
• Payment method details (e.g. partial card details, expiry date) – full card data is handled by our PCI-compliant payment processors, not stored by us directly.

Support and communications: When you contact us (email, forms, in-app chat), we collect the content of your message, attachments, and necessary technical details.

2.2 Content you upload to the Service

User Content / Image Data: To use Fotool, you may upload product photos, brand assets, images of models or people, prompts, and metadata. Depending on your use case, these images may contain personal data.

We process this data to generate AI-created images, provide previews, and maintain quality/safety. Where possible, we encourage you to avoid uploading unnecessary personal data.

2.3 Automatically collected information

When you access or use the Service, we automatically collect certain information:

• Technical data: IP address, browser type, OS, language settings, referring URLs.
• Usage data: Pages visited, clicks, time spent, date/time of access, API calls, error logs.
• Cookie and tracking data: Session cookies, analytics cookies, marketing pixels.

2.4 Information from third parties

We may receive limited information from identity providers (e.g. Google), payment providers, analytics tools, and business partners.

3. How We Use Your Information (Purposes and Legal Bases)

We use your information for the following purposes:

3.1 To provide and operate the Service

Legal basis: performance of a contract; legitimate interests

• Creating and managing your account
• Processing image uploads and generating AI imagery
• Providing API access and related functionality
• Maintaining and improving core Service features

3.2 To process payments and manage billing

Legal basis: performance of a contract; legal obligations

• Handling subscriptions, credit packs and invoices
• Detecting and preventing payment-related fraud
• Keeping financial records as required by law

3.3 To communicate with you

Legal basis: performance of a contract; legitimate interests

• Sending service-related emails (e.g. account notices, updates, security alerts)
• Responding to support requests and queries
• Informing you about changes to our policies or terms

3.4 To improve and secure the Service

Legal basis: legitimate interests

• Monitoring usage patterns and running analytics
• Detecting, preventing and investigating abuse, spam, fraud and security incidents

3.5 Marketing communications

Legal basis: consent (where required); legitimate interests

Sending newsletters and updates. You can opt out at any time by clicking "unsubscribe".

3.6 Legal and compliance

Legal basis: legal obligations; legitimate interests

Handling disputes, responding to lawful requests, and enforcing our Terms.

4. Image / Face Data and AI Processing

Fotool is primarily used for fashion imagery generation, which may involve processing images containing people.

4.1 What we do with image data

We use uploaded images to generate requested images, provide previews, and run internal safety checks.

4.2 Face data

If your images include identifiable faces, our models may detect face regions for proper garment placement. We do not build consumer “face recognition” profiles, attempt to identify unknown individuals, or sell face data. You are responsible for ensuring you have a lawful basis to use these images.

4.3 Training and improvement

By default, we do not use your identifiable product or customer images to train general models for other customers unless we have explicit consent. We may use aggregated/de-identified technical data to optimize our systems.

5. Cookies and Tracking Technologies

We use cookies to keep you logged in, remember preferences, understand usage, and measure marketing effectiveness. You can manage cookies through your browser settings.

6. How We Share Your Information

We do not sell your personal data. We may share information with:

• Service providers (processors): Trusted providers for hosting, payments, support, and analytics, who process data only on our instructions.
• Professional advisers and authorities: When necessary for legal, tax, or regulatory reasons.
• Business transfers: In case of a merger, acquisition, or sale of assets.
• With your direction or consent: When you ask us to share with third parties.

7. International Data Transfers

We are based in the UK and may process data in the UK, EEA, or other countries. When transferring data to countries without equivalent protection, we implement safeguards like Standard Contractual Clauses (SCCs).

8. Data Security

We implement technical and organisational measures like HTTPS encryption, encryption at rest, access controls, and regular security updates. While we strive for security, no system is 100% secure.

9. Data Retention

We retain personal data only as long as necessary. Account info is kept for the account lifetime plus a backup period. Billing records are kept for ~7 years (tax law). Uploaded images are retained while active and for a limited period after.

10. Your Rights

Depending on your location (UK, EU/EEA, etc.), you may have rights to access, rectification, erasure, restriction, objection, data portability, and withdrawal of consent. To exercise these rights, contact us at support@fotool.ai.

11. Children’s Privacy

Our Service is for business/professional users and not directed to children under 16.

12. Third-Party Websites and Services

We are not responsible for the privacy practices of third-party websites linked from our Service.

13. Changes to This Privacy Policy

We may update this Policy. Material changes will be posted with a new date and/or notified to you. Continued use implies acceptance.

14. Contact Us

If you have questions about this Privacy Policy, please contact us at:

JMTR LTD
Email: support@fotool.ai
Postal: 1053 London Road, Leigh-On-Sea, Essex, SS9 3JP, United Kingdom