← Back to Waredrobe

Privacy Policy

Last updated: April 13, 2026

1. About this Policy

This Privacy Policy explains how we collect, use, share, and protect your personal data when you use the Waredrobe mobile application ("App") and the website waredrobe.app ("Website"). The data controller responsible for your personal data under the EU General Data Protection Regulation (GDPR) is identified in Section 16 (Data Controller and Imprint) below; for any privacy-related question you can also email privacy@waredrobe.app. We have not appointed a Data Protection Officer as we are not legally required to do so.

2. Personal Data We Collect

Account information: email address, display name, unique handle, authentication identifier (from Apple Sign-In, Facebook Login, or email/password), and a verification status flag.

Profile information (optional): gender, body type, height, skin tone, age range, style preferences, colour preference, budget range, avatar image, and body photo. You can skip or delete this at any time.

Generated content: prompts you submit, AI-generated images and videos, chats with the AI stylist, posts, visual direct messages, and collections.

Usage data: features used, AI models selected, generation counts, credit balance and transactions, and in-app events. Used for analytics and fraud prevention.

Device and diagnostic data: device model, OS version, language, time zone, anonymised IP address, crash logs, and performance metrics. Used for stability and security.

Purchase data: Apple processes all in-app purchases. We only store the anonymised transaction ID, product identifier, credits received, and timestamp — we do not receive your payment method details.

3. Legal Basis for Processing (GDPR Art. 6)

• Contract (Art. 6(1)(b)): providing the App, authentication, AI generation, credit management, and social features you request.
• Consent (Art. 6(1)(a)): optional profile data, body photo, analytics cookies on the Website, and app tracking (ATT) on iOS. You can withdraw consent at any time.
• Legitimate interest (Art. 6(1)(f)): security, fraud prevention, crash diagnostics, and aggregated product analytics. You may object at any time.
• Legal obligation (Art. 6(1)(c)): tax record-keeping for purchases, responding to lawful requests.

4. How We Use Your Data

• Provide and personalise the AI styling experience
• Generate outfit images and videos based on your prompts
• Enable social features (feed, visual DMs, follows, notifications)
• Process in-app purchases and manage your credit balance
• Detect and prevent fraud, abuse, and security incidents
• Measure App and Website usage in aggregate
• Communicate with you about your account (verification, password reset)

We do not perform automated decision-making with legal or similarly significant effects (GDPR Art. 22).

5. Third-Party Processors and Recipients

We share the minimum data necessary with the following processors. Each is bound by a data processing agreement.

• Google LLC / Firebase (United States) — Authentication, Cloud Firestore, Cloud Storage, Hosting, Crashlytics, Analytics.
• Apple Inc. (United States) — Sign in with Apple, App Store purchase processing, push notifications.
• Meta Platforms Inc. / Facebook (United States) — Facebook Login, Meta SDK (analytics, install attribution, advertising measurement).
• OpenAI, L.L.C. (United States) — prompt crafting (GPT) and image generation (gpt-image models).
• xAI Corp. (United States) — image generation (Grok models).
• Fal AI, Inc. (United States) — additional AI image and video generation services.

When you generate an image or video, your prompt and — only if you use "Try It On Me" or "Combine Outfit" — the reference photo you selected are sent to the AI provider of the model you chose. We do not send your name, email, or other identifying account data to AI providers.

Before your data is first sent to any AI service, the app will ask for your explicit consent. You can review which services are used and what data is shared in this Privacy Policy at any time.

6. International Data Transfers

Most of our processors are located in the United States. When your data is transferred outside the European Economic Area (EEA), we rely on the European Commission's Standard Contractual Clauses (SCCs) or, where applicable, the EU-US Data Privacy Framework. You may request a copy of the safeguards in place by contacting us.

7. Cookies and Tracking Technologies

Website: we use Google Analytics 4 (GA4) with Google Consent Mode v2 and anonymised IP. Analytics cookies are only loaded after you accept them in the cookie banner. You can change your choice at any time by clearing site data.

App (iOS): upon first launch, iOS will present an App Tracking Transparency (ATT) prompt asking whether we may track your activity. If you deny, we do not pass your IDFA to Meta or any attribution provider. You can change this at any time in iOS Settings → Privacy → Tracking.

8. Your Body Photo

Your body photo is marked as "Private" and is used solely for the Try It On Me feature. It is never visible to other users, never posted to the social feed, and never used for training AI models. You can delete it at any time from your Profile.

8a. Face and Body Photos in AI Generation

Photos you upload for the "Try It On Me" and "Combine Outfit" features may include your face. We want to be clear about how these photos are handled:

• We do not perform facial recognition, face mapping, face detection, or any biometric analysis on your photos.
• Your photos are sent to third-party AI image generation services solely to create virtual outfit compositions. The AI provider processes your photo to generate the requested image and does not retain it beyond that request.
• Your photos are not used to identify you, build a profile of your facial features, or train AI models.
• Photos are stored in Firebase Storage (Google Cloud) under your personal account. You can delete them at any time from your Profile.
• Your body photo is never visible to other users and never appears on the social feed.

9. Social Features

When you post to the feed or send visual messages, that content is visible to other users according to your visibility settings (Public or Followers Only). Your handle, avatar, and public posts are visible on your public profile.

10. Data Retention

• Account data: retained while your account is active.
• Generated content: retained until you delete it or your account.
• Purchase records: retained for up to 10 years to comply with German tax law.
• Crash logs and diagnostics: retained for up to 90 days.
• Analytics data: retained for up to 14 months (GA4 default).

You can delete your account at any time from the App (Profile → Delete Account). Deletion removes your personal data from our active systems within 30 days, except where we are legally required to retain it.

11. Children's Privacy

Waredrobe is not directed at children under 16. We do not knowingly collect personal data from children under 16. If we learn that we have collected data from a child under 16 without verified parental consent, we will delete it. If you believe a child has provided us with personal data, please contact privacy@waredrobe.app.

12. Your Rights Under the GDPR

You have the right to:

• Access your personal data (Art. 15)
• Rectify inaccurate data (Art. 16)
• Erase your data ("right to be forgotten", Art. 17)
• Restrict processing (Art. 18)
• Data portability (Art. 20) — receive your data in a machine-readable format
• Object to processing based on legitimate interest (Art. 21)
• Withdraw consent at any time (Art. 7(3))
• Not be subject to solely automated decisions with legal effects (Art. 22)

To exercise any of these rights, email privacy@waredrobe.app. We will respond within one month.

13. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement. Our lead supervisory authority is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59–61
10555 Berlin, Germany
www.datenschutz-berlin.de

14. Data Security

We implement appropriate technical and organisational measures to protect your data, including encryption in transit (TLS) and at rest, access controls, and regular security reviews. No system is 100% secure, but we strive to protect your data against unauthorised access, alteration, disclosure, or destruction.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the App or email. The "Last updated" date at the top always reflects the current version.

16. Data Controller and Imprint

The data controller for the purposes of GDPR Art. 4(7) and the provider of the App and Website per § 5 TMG is:

Dovydas Jakstas (sole trader)
Hedwig-Porschütz-Straße 11
10557 Berlin
Germany
Email: privacy@waredrobe.app

17. Contact

For any privacy-related question, contact us at:
privacy@waredrobe.app