Privacy Policy

1. Data Controller

The controller responsible for data processing on this website is:
Foth Group GmbH
Email:

2. Data We Collect

We collect the following personal data:

  • Name and email address upon registration
  • Reference photos you upload for image generation
  • Generated images and prompt text
  • Payment data (processed via Stripe — we do not store card details)

3. Purpose of Processing

Your data is used exclusively to provide the letsgoo.io service: delivering the AI image generation service, account management, and billing.

4. Reference Photos and Generated Images

Your uploaded reference photos and generated images are visible to you only. There is no public gallery. Your data is not shared with third parties or used for AI model training.

5. Data Sharing and Third-Country Transfers

We share your data only to the extent necessary to provide the service.

5.1 ByteDance / Seedream (Image Generation)

For AI-based image generation, your reference photos (the facial features of your AI model character) and your text prompts are transmitted to the Seedream API service operated by ByteDance Ltd.

ByteDance is a company headquartered in the People's Republic of China. No adequacy decision exists for China under Art. 45 GDPR. The transfer is based on Art. 49(1)(b) GDPR (necessity for contract performance): without this transfer, the core service — AI image generation — cannot be provided.

We explicitly draw attention to the following risks:

  • Companies based in China may be required to disclose data to Chinese authorities under the Chinese National Security Law.
  • The level of data protection in China does not meet EU standards.
  • There are no enforcement rights for data subjects against Chinese authorities comparable to those in the EU.

By using the service you consent to this transfer. If you wish to object, you may not use the service and should delete your account.

5.2 Stripe, Inc. (Payment Processing & Age Verification)

Payment processing and age verification (Stripe Identity) are handled by Stripe, Inc., USA. Stripe is certified under the EU–US Data Privacy Framework (adequacy decision of the European Commission of 10 July 2023). letsgoo.io receives from Stripe Identity only a confirmation of your verification status — never your identity documents or biometric raw data. A data processing agreement pursuant to Art. 28 GDPR is in place with Stripe.

5.3 Hetzner Online GmbH (Hosting)

Our servers and databases are operated by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. All user data — including reference photos, generated images, and account data — is stored on Hetzner servers in Germany. A data processing agreement pursuant to Art. 28 GDPR is in place with Hetzner.

5.4 Resend (Email Delivery)

For the delivery of transactional emails (registration, notifications) we use Resend, Inc., USA. Your email address and message content are transmitted in this process. Resend is SOC 2 Type II certified. A data processing agreement pursuant to Art. 28 GDPR is in place with Resend.

6. Retention Periods

Your data is stored for as long as your account is active. Upon account deletion:

  • Reference photos and generated images: Immediate permanent deletion
  • Name, email address, password: Immediate deletion (record is anonymised)
  • Payment and billing data (Stripe): Retained for 10 years pursuant to § 257 HGB and § 147 AO (statutory retention obligation). We store only the Stripe customer ID; full payment records remain with Stripe.
  • Moderation logs: 3 years (statutory documentation obligation, § 184b StGB)

The right to erasure (Art. 17 GDPR) applies subject to the statutory retention obligations listed above.

7. Your Rights

You have the right to access, rectification, erasure, and restriction of processing of your data. Please contact:

8. Cookies

This website uses only technically necessary storage (localStorage) for authentication. No tracking cookies or analytics tools are used.

← Back to homepage