Effective Date: 19.12.2025 Last Updated: 19.12.2025
This Privacy Policy describes how Wardroberry ("we," "us," "our," or "the Service") collects, uses, and protects your personal information when you use our mobile application and related services.
This policy explains what information we collect, how we use it, and your rights regarding your personal data.
When you create an account, we collect: - Email address (provided by Apple or Google during sign-in) - Name (optional, only if provided by Apple or Google Sign-In and you choose to share it) - Authentication tokens from Apple or Google (we do not store passwords) - Account preferences and settings
Important: We use Apple Sign-In and Google Sign-In for authentication. We do not manage passwords directly, and all authentication security is handled by Apple and Google. Name data is only stored if you share it during OAuth sign-in – this is optional and can be hidden with Apple Sign-In.
We collect and store information about your clothing items: - Uploaded images of your clothing items - Original filenames of uploaded images - AI-analyzed metadata: - Category (Tops, Pants, Jackets, Shoes, Accessories) - Color (e.g., black, white, gray, red, blue, etc.) - Style (e.g., casual, elegant, sporty, business, vintage, modern) - Season (spring, summer, autumn, winter, all-season) - Material (cotton, polyester, wool, denim, leather, etc.) - Occasion (everyday, work, sport, party, formal, casual) - Confidence score (AI certainty of analysis: 0-100%) - Processing status (pending, processing, completed, failed) - Upload and modification timestamps
When you create outfits, we store: - Outfit name and description - Associated clothing items in an outfit - Weather conditions (if specified) - Occasion tags (if specified) - Mood tags (if specified) - Creation date and wear dates
We automatically collect information about your app usage: - App interaction patterns and preferences - Log data (access times, feature usage, error reports) - Image upload history - Processing queue status
The following technical data may be passively collected by authentication services (Apple Sign-In, Google Sign-In): - Device information (model, operating system, app version) - Device IDs for authentication purposes - App crash reports and diagnostic data (only if you actively share them)
Important: We do not actively collect this data ourselves. It is processed by Apple and Google as part of their authentication services. For more details, please refer to Apple's and Google's privacy policies.
Transparency Notice: In compliance with GDPR, we explicitly inform you about the following technical data that is stored during your use of our app:
Session Data We Store: - IP Address: Your Internet Protocol address is automatically stored with each login (for security and fraud prevention) - User-Agent: Technical information about your device and browser/app version (e.g., "Wardroberry/1.0 iOS/17.0"). This data is automatically collected by the infrastructure (Supabase Auth) during login to ensure session security. - Session Timestamps: Time of login and last activity - Device ID (Demo Mode only): A temporary device identifier for associating your demo data
Purpose of Session Data Storage: - Security: Detection of suspicious login attempts and unauthorized access - Fraud Prevention: Protection against abuse and automated attacks - Technical Support: Troubleshooting login issues - Session Management: Managing concurrent logins
Retention Period: - Session data (including IP addresses and user agent) is automatically deleted after 30 days - Manual logout immediately invalidates session tokens - Upon account deletion, all session data is permanently removed within 30 days
Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) - Storage of session data is necessary to ensure the security of our service and prevent fraud.
Data Minimization Notice: We have implemented an automatic cleanup policy that ensures session data is not stored longer than 30 days to comply with the GDPR principle of data minimization.
When using Demo Mode (without account creation): - Demo data is stored in the cloud (not locally on your device) - Demo data is linked to a temporary anonymous user ID - Device ID is temporarily stored for demo session association - No personal data (email, name) is collected - Demo data is automatically deleted after 30 days of inactivity - Session data (IP address, user agent) is also stored in Demo Mode according to our 30-day policy
Important Notes on Demo Data Storage: - Demo data is temporary and not permanently stored - Device ID is only used for session association and is automatically deleted after 30 days - When you create a full account, demo data cannot be migrated - To delete demo data early, contact contact@wardroberry.app
When you contact us, we may retain: - Support request details - Feedback and survey responses - Communication preferences
When you log outfits in the Outfit Calendar, we store: - Date: The date you wore an outfit - Outfit Reference: Link to the outfit configuration you wore - Notes (optional): Personal notes about the occasion - Timestamps: When the log entry was created and last modified
Storage Location:
Outfit calendar data is stored in our database (Supabase EU, Frankfurt) in the outfit_logs table. Row-Level Security ensures you can only access your own data.
Retention: Stored as long as your account exists. You can: - Delete individual logs from the Outfit Calendar screen - Clear all logs via Settings → App Settings → Reset Usage Statistics
Legal Basis: Contract fulfillment (Art. 6(1)(b) GDPR) – core app feature / Consent (voluntary user action)
To provide weather information, we store your selected weather location: - City Name: The location name you selected - Coordinates: Latitude and longitude of the selected city
Important Privacy Notes: - ⚠️ This is NOT your GPS location – you manually select a city - Location is stored only on your device (local storage) - Default location: Berlin, Germany - No location data is sent to Wardroberry servers - Location data is only sent to Open-Meteo (weather API) when fetching weather
Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) / Contract fulfillment (user explicitly configures location)
We calculate wardrobe usage statistics based on your outfit logs: - Wear count per item: How many times each clothing item was worn - Last worn date: Most recent date an item was worn - Days since worn: Number of days since last wear - Most/least worn rankings: Top 10 items by wear frequency - Category distribution: Breakdown of wardrobe by category - Color distribution: Breakdown of wardrobe by color
Important Privacy Notes: - Statistics are derived from outfit logs (not stored separately) - Temporarily cached in app memory (5-minute duration) for performance - No permanent separate storage – always calculated on demand - You can reset all statistics via Settings → App Settings → Reset Usage Statistics
Legal Basis: Contract fulfillment (Art. 6(1)(b) GDPR) – core analytics feature
We use PostHog to collect anonymized usage analytics:
- User Identification: Links sessions to your account (user ID only)
- Screen Views: Which screens you visit (e.g., "Wardrobe", "Paywall")
- Feature Events: Discrete actions (e.g., "clothing_added", "paywall_viewed")
- Event Properties: Contextual data (e.g., is_onboarding: true)
Storage Location: PostHog Cloud EU (EU data residency). See § 4.1 for full details.
Purpose: - Understanding feature adoption - Improving user experience - Identifying technical issues
Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) with opt-out capability / Consent
We use your data to: - Create and manage your user account - Process and analyze clothing images using AI - Store and organize your wardrobe collection - Create and manage outfits - Provide customer support and troubleshooting - Authenticate your identity and prevent unauthorized access - Provide Demo Mode functionality
We analyze usage patterns to: - Improve our AI clothing analysis algorithms - Enhance user experience and app functionality - Identify and fix technical issues - Develop new features based on user needs - Internal usage statistics for cost optimization (e.g., API usage, processing times) - this data is anonymized and used exclusively for service improvement
We may contact you for: - Important service announcements - Security alerts and account notifications - Support responses and technical assistance - Updates about new features (if you've opted in)
We may process data to: - Comply with applicable laws and regulations - Respond to legal requests and court orders - Protect our rights and enforce our Terms of Service - Prevent fraud and ensure platform security
We share limited data with trusted third-party providers: - Cloud Infrastructure: Secure hosting and data storage - Email Services: Account verification and essential communications - OpenAI GPT-5 & GPT-5-mini: AI-powered clothing image analysis (see details below) - Supabase: Database, backend infrastructure, and image storage (see details below) - PostHog: Usage analytics (see details below) - Open-Meteo: Weather data (see details below) - Apple Sign-In: Secure authentication via Apple ID (see details below) - Google Firebase: Exclusively for Google Sign-In (see details below)
We use OpenAI's GPT-5 and GPT-5-mini vision models to analyze and categorize clothing images.
AI Provider: OpenAI, L.L.C. 3180 18th Street San Francisco, CA 94110, USA
Data Processed by OpenAI: - Uploaded clothing images - Image metadata (filename, upload timestamp) - AI analysis prompts (instructions for categorization)
What We Do NOT Send to OpenAI: - ❌ Your personal account information - ❌ Your email address or authentication data - ❌ Your browsing history or app usage patterns - ❌ Other clothing items in your wardrobe - ❌ Outfit combinations - ❌ Any personally identifiable information
OpenAI's Data Handling: - OpenAI may temporarily process data to provide AI services - OpenAI states that API data is not used to train their models (as of their API policy) - Data retention: 30 days for abuse monitoring, then deleted - OpenAI implements security measures including encryption
Legal Basis: Contract fulfillment (Art. 6(1)(b) GDPR) - AI processing is necessary to provide clothing analysis services.
Data Transfer: OpenAI is based in the USA. Data transfer is based on EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR.
Your Control: - You can choose not to upload clothing images if you object to AI processing - Analyzed clothing data is stored on our EU servers, not with OpenAI - You can delete your clothing items at any time
Further Information: OpenAI Privacy Policy: https://openai.com/policies/privacy-policy OpenAI API Data Usage: https://openai.com/policies/api-data-usage-policies
We use Supabase as our primary database, backend infrastructure, and image storage solution to store and manage your data.
Provider: Supabase, Inc. 970 Toa Payoh North, #07-04 Singapore 318992
Hosting Location: All your data is stored on Supabase servers located in Frankfurt, Germany (EU region: eu-central-1). This ensures full GDPR compliance and EU data protection.
Data Stored in Supabase:
- User account information (email, name, authentication tokens)
- Your clothing collection (metadata, categories, colors, styles, etc.)
- Your uploaded images via Supabase Storage:
- Original Images: High-resolution original uploads (bucket: clothing-images-original)
- Processed Images: Optimized images for app display (bucket: clothing-images-processed)
- Your outfit data (names, descriptions, combinations)
- Session data (IP addresses, user agent) for maximum 30 days
- Your consent to legal documents (Privacy Policy, Terms of Service)
- Usage logs and error reports
Image Storage:
We use Supabase Storage to securely store:
- Original Images: Full-resolution uploaded clothing images (bucket: clothing-images-original)
- Processed Images: Optimized images for app display (bucket: clothing-images-processed)
Security Measures: - All data encrypted at rest (AES-256) - All data encrypted in transit (TLS 1.3) - Regular automated backups - Row-Level Security (RLS) policies ensure data isolation - Multi-factor authentication for admin access - Access policies ensure users can only access their own data
Legal Basis: Contract fulfillment (Art. 6(1)(b) GDPR) - Supabase is necessary to provide data storage and app functionality.
Data Transfer: Since Supabase servers are located in Frankfurt, Germany, no international data transfer occurs. Your data remains within the EU at all times.
Data Retention: Data is retained in Supabase according to our retention policy (see § 7). Upon account deletion, all data is permanently deleted from Supabase within 30 days.
Further Information: Supabase Privacy Policy: https://supabase.com/privacy Supabase Security: https://supabase.com/security
We use Apple's native Sign-In service to provide secure authentication for iOS users. Apple Sign-In prioritizes user privacy and gives you control over your data.
Data Processed During Apple Sign-In: - Apple User ID (unique identifier, not your Apple password) - Email address (real or Apple's private relay email) - Name (optional, if you choose to share)
Apple's Privacy Features: - You can choose to hide your real email and use Apple's private relay - Apple does not track your activity within our app - Your authentication data is encrypted end-to-end
Not Used: - ❌ No Apple advertising services - ❌ No cross-app tracking - ❌ No Apple analytics or data collection beyond authentication
Legal Basis: Contract fulfillment (Art. 6(1)(b) GDPR) - Apple Sign-In is necessary to provide authentication services.
Data Storage: Authentication tokens are stored securely in your device's keychain and our EU-based database. We never receive or store your Apple password.
Further Information: Apple Privacy Policy: https://www.apple.com/legal/privacy/
We use Google Firebase exclusively to provide Google Sign-In functionality. Firebase Analytics and all tracking services are completely disabled.
Data Processed During Google Sign-In: - OAuth tokens (encrypted) - Google account ID (not your password) - Email address
Not Used: - ❌ Firebase Analytics - ❌ Firebase Crashlytics - ❌ Firebase Performance Monitoring - ❌ Firebase A/B Testing - ❌ Firebase Remote Config
Configuration:
In our Firebase configuration, Analytics is explicitly disabled (IS_ANALYTICS_ENABLED: false).
Legal Basis: Contract fulfillment (Art. 6(1)(b) GDPR) - Firebase is necessary to provide Google Sign-In.
Data Transfer: Google Firebase is based in the USA. Data transfer is based on EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR.
Further Information: Privacy Policy: https://firebase.google.com/support/privacy
We use PostHog to collect anonymized usage data to improve the app experience.
Provider: PostHog, Inc. San Francisco, CA, USA
Hosting Location: PostHog Cloud EU – all analytics data is stored on servers in the European Union, ensuring GDPR compliance.
Data Collected: - User ID (for session linking, no personal information) - Screen views (which screens you visit) - Feature events (e.g., adding clothing, viewing paywall) - Session data (duration, frequency)
What We Do NOT Collect: - ❌ Your clothing images or wardrobe content - ❌ Personal information (name, email) - ❌ Location data - ❌ Device identifiers for advertising
PostHog's Data Handling: - EU data residency ensures GDPR compliance - Data is used only for app improvement - No data sharing with third parties for advertising
Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) – Analytics is necessary to improve user experience and identify issues.
Your Control: - Analytics helps us improve the app for all users - No personal content is ever tracked - You can request deletion of your analytics data via contact@wardroberry.app
Further Information: PostHog Privacy Policy: https://posthog.com/privacy PostHog GDPR Compliance: https://posthog.com/docs/privacy/gdpr-compliance
Weather data is fetched from Open-Meteo, a free, open-source weather service.
Provider: Open-Meteo (open-meteo.com) Open-source weather API
Data Sent to Open-Meteo: - Latitude and longitude coordinates of your selected city - City search queries when searching for a location
What We Do NOT Send: - ❌ Your user ID or account information - ❌ Personal information - ❌ Device identifiers - ❌ Your GPS location (only manually selected city)
Open-Meteo's Data Handling: - Open-Meteo is a free, open-source service - Does not require registration or API keys - Claims not to store personal data - No cookies or tracking
Legal Basis: Contract fulfillment (Art. 6(1)(b) GDPR) – Weather display is a requested app feature.
Your Control: - Weather location is stored only on your device - You can change or reset your weather location anytime in App Settings - You can disable weather display if you prefer not to share location with Open-Meteo
Further Information: Open-Meteo Terms: https://open-meteo.com/en/terms
We may disclose information if required by: - Valid legal process (subpoenas, court orders) - Law enforcement requests with proper authorization - National security requirements - Protection of our users' safety and rights
In case of merger, acquisition, or sale: - User data may be transferred as part of business assets - You will be notified with reasonable advance notice - The same privacy protections will continue to apply
We currently do not collect anonymized statistics or analytics data. Should this change in the future, you will be notified at least 30 days in advance and can object to the data processing.
We implement security controls: - Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256) - Access Controls: Strict employee access limitations and Row-Level Security (RLS) - Infrastructure: Secure cloud hosting with industry certifications - Monitoring: 24/7 security monitoring and incident response - Updates: Regular security patches and system updates - Authentication: JWT tokens (HS256) with secure session management
All personal data is hosted exclusively in the European Union (Germany): - Full GDPR compliance and protection - Data stored in Frankfurt, Germany (eu-central-1) - EU-based cloud infrastructure and data centers - Direct enforcement of EU data protection rights
In case of a security incident: - Immediate containment and investigation procedures - Notification to authorities within 72 hours (if required) - User notification for high-risk breaches - Remediation and prevention measures implementation
Under GDPR, you have the right to: - Access: Request copies of your personal data - Rectification: Correct inaccurate or incomplete data - Erasure: Request deletion of your personal data - Portability: Receive your data in machine-readable format - Restriction: Limit how we process your data - Objection: Object to certain types of processing - Withdraw Consent: Revoke consent for data processing
To exercise your rights: - Use in-app privacy controls and settings - Contact us directly via email with your request - Provide verification of your identity - Specify which rights you wish to exercise
We will respond to your requests: - Within 30 days for most requests - Complex requests may require up to 90 days
You can delete your outfit logging and usage data at any time:
Outfit Calendar Data: - Delete individual logs: Outfit Calendar screen → swipe or tap to delete - Delete all logs: Settings → App Settings → Reset Usage Statistics
Usage Statistics: - All statistics are derived from outfit logs - Resetting usage statistics clears all data
Weather Location: - Change or reset anytime in App Settings - Stored only on your device (no server data to delete)
Analytics Data: - Contact contact@wardroberry.app to request deletion of analytics data - We'll notify you if additional time is needed - Free of charge for reasonable requests
We do not use your personal data for automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you (Art. 22 GDPR). The AI analysis of clothing images is for categorization purposes only and does not have legal consequences.
We retain your information: - Active Accounts: Throughout your account lifetime - Inactive Accounts: Up to 2 years of inactivity - Deleted Accounts: Immediate irreversible deletion with no recovery option - Demo Mode Accounts: Automatic deletion after 30 days - Legal Hold: Longer if required by law
Important Notice: Account deletion is final and cannot be undone. All clothing images, outfits, and data are irrevocably deleted.
Session Management: - Active sessions remain valid for 30 days (Supabase default) - Automatic logout occurs after 30 days of inactivity - You can manually log out at any time - Session tokens are immediately invalidated upon logout
Different data types have different retention periods: - Clothing & Outfit Data: Until account deletion or user removal - Image Files: Permanently deleted within 30 days after account deletion - Log Data: 90 days for troubleshooting and improvement - Support Communications: 2 years for reference
We automatically delete: - Temporary processing files after image analysis - Failed authentication attempts after 30 days - Expired session tokens and access credentials - Orphaned data without associated accounts - Demo Mode data after 30 days
Wardroberry is not intended for children under 13 (or under 16 in the EEA): - We do not knowingly collect data from children under these age limits - Users aged 13-17 (or 16-17 in the EEA) require parental consent - Parents can request deletion of their child's data
Parents and guardians can: - Review their child's account information - Request modification or deletion of data - Contact us regarding their child's privacy
All processing occurs within the EU: - Primary servers located in Frankfurt, Germany - Backup systems within EU boundaries - No transfers to third countries without adequate protection - Full GDPR compliance maintained
Third-party services we use are either: - Located within the EU (Supabase: Frankfurt, Germany), or - Certified under appropriate adequacy decisions, or - Subject to Standard Contractual Clauses (SCCs) (OpenAI, Google Firebase)
Our mobile app uses: - Essential Data: Required for app functionality (authentication, session management) - Preferences: Your personalized settings (language, theme) - Security: Authentication tokens and fraud prevention
As a mobile app, we don't use traditional web cookies. We use Local Storage on your device which is strictly necessary for the operation of the App (exempt from consent under Art. 5(3) ePrivacy Directive). Stored Data includes: - Authentication tokens (to keep you logged in) - User preferences (theme, language) - Weather location settings (city and coordinates) - Temporary cache data (for performance) - No tracking across other websites or services
We use PostHog for usage analytics to improve the app: - What we track: Screen views, feature usage events, session data - What we don't track: Personal content, images, or identifying information - Data location: EU servers (PostHog Cloud EU) - Purpose: App improvement and issue identification
See § 4.1 for full details on PostHog data handling.
We do not use: - ❌ Google Analytics - ❌ Facebook Pixel - ❌ Advertising trackers - ❌ Cross-site tracking - ❌ Behavioral profiling for advertising
We may update this Privacy Policy to reflect: - Changes in data processing practices - New legal requirements or regulations - Enhanced privacy protections - Service improvements and new features
Material changes will be communicated via: - In-app notifications with clear visibility - Email notifications to registered users - Updated effective date in the policy - 30-day advance notice for significant changes
Continued use after policy changes constitutes acceptance. If you disagree with changes, you may delete your account before the changes take effect.
For privacy-related inquiries:
Privacy Officer: Email: contact@wardroberry.app Subject: Privacy Policy Question
Data Protection: Email: contact@wardroberry.app Subject: Data Protection Request - [Your Request Type]
General Support: Email: contact@wardroberry.app Subject: General Privacy Question
EU users can contact their local data protection authority: - Germany: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit - Other EU countries: Your national data protection authority - European Data Protection Board: For EU-wide concerns
We will: - Respond to privacy inquiries within 30 days - Provide clear information - Resolve privacy concerns promptly
Document Version: 1.1 Effective Date: 19.12.2025 Last Review Date: 19.12.2025 Next Review: 18.12.2026
This Privacy Policy is designed to provide clear information about our data practices while ensuring full compliance with applicable privacy laws including GDPR and other relevant regulations.