Privacy Policy

Privacy Policy

Last Updated: 21 June 2026

GPT Watermark Remover (the "Service") is operated by Grow Fast Ltd, a company registered in England and Wales (Company No. 16534124), registered office 27 Old Gloucester Street, London, WC1N 3AX ("we", "us", "our"). We are the data controller for the personal data described here. This Privacy Policy explains how we collect and use information when you use the Service.

1. Information We Collect

1.1 Account information (registered users) When you sign in using Google OAuth, we receive your Google profile information (name and email address), your Google profile picture, and authentication tokens, which we store in encrypted form.

1.2 Payment information Paid plans are processed by Stripe. Payments are handled on Stripe's systems and we do not receive or store your full card details. We retain limited records needed to manage your subscription (for example, plan, status, and renewal dates).

1.3 Profile picture display We may show your Google profile picture to you within the application for personalisation. We will only display your profile picture publicly (for example, on our homepage) if you have given separate, explicit consent. You can withdraw that consent at any time by contacting us at jake@grow-fast.co.uk.

1.4 No content storage We do not log, record, or retain any text or document content you submit for watermark detection. Processing happens in your browser or in a transient, in-memory session and is not stored by us.

2. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To manage your account and subscriptions
  • To display your profile picture for personalisation, and publicly only with your consent
  • To detect and prevent fraud or abuse
  • To comply with our legal obligations

3. Legal Bases for Processing (UK and EU GDPR)

  • Contract: to create and manage your account and provide paid subscriptions
  • Legitimate interests: to secure the Service and prevent fraud or abuse, in a way that is not overridden by your rights
  • Consent: for any public display of your profile picture, and any optional communications, which you may withdraw at any time
  • Legal obligation: where we must process data to comply with the law

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We share data only with:

  • Stripe, for payment processing, subject to Stripe's privacy policy
  • Google, for OAuth authentication, subject to Google's privacy policy
  • Authorities or third parties, where required by law or to establish, exercise, or defend legal claims

5. International Transfers

Some of our providers (including Stripe and Google) may process personal data outside the UK or European Economic Area. Where that happens, the transfer is protected by appropriate safeguards, such as UK International Data Transfer Agreements, EU Standard Contractual Clauses, or an applicable adequacy decision.

6. Data Retention

  • Account data: retained while your account is active and for a reasonable period afterwards for backup and legal purposes
  • Profile pictures: displayed while your account is active and removed within 30 days of account deletion
  • Subscription records: retained as long as needed to meet accounting and tax obligations
  • Submitted text and documents: never stored

7. Cookies

We use essential cookies for authentication and session management. These are always active, and disabling them may limit Service functionality. We do not use advertising cookies.

8. Your Rights

If you are in the UK or the EU, you have the right to access your personal data, correct inaccurate data, request deletion, restrict or object to processing, request data portability, and withdraw consent at any time. To exercise these rights, contact us at jake@grow-fast.co.uk.

9. Security

We use measures appropriate to the risk, including HTTPS/TLS encryption for data in transit, encryption of stored authentication tokens, and access controls that limit who can access account data. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Service is not directed at children. We do not knowingly collect personal data from children under 13, and some EU member states set this age higher (up to 16). If you believe a child has provided us with personal data, contact us and we will delete it.

11. Changes to This Policy

We may update this Policy to reflect changes in technology, law, or our practices. The "Last Updated" date shows when changes were made. Continued use of the Service after changes take effect constitutes acceptance.

12. Contact

For questions about this Privacy Policy, or to exercise your rights, contact: Grow Fast Ltd 27 Old Gloucester Street, London, WC1N 3AX Email: jake@grow-fast.co.uk