Privacy Policy

Last updated: April 23, 2026

1. Introduction

Closet Heritage ("we", "us", or "our") respects your privacy. This Privacy Policy explains what data we collect, how we use it, how AI processes your photos, how payments are handled, and your rights regarding your personal information when you use the Closet Heritage mobile app and website (the "Service").

2. Data We Collect

Information you provide

  • Account information: Name, email address, gender, and authentication data (email/password, Google, or Apple sign-in)
  • Profile preferences: Washing frequency and display preferences (e.g., dark mode)
  • Clothing photos: Photos you upload of your clothing items
  • Avatar photo: A full-body photo used solely for virtual try-on generation (see Section 4 for how we handle this)
  • Outfit preferences: Occasion, style vibes, pinned items, and dismissed combinations
  • Comments and outfit names: Any text you enter on shared outfits or when naming items (see Section 7 for content moderation)
  • Referral / promo codes: If you redeem a code, we store the code you used and link it to your account so the correct reward is applied

Information collected automatically

  • Device information: Device model, operating system version, screen size, app version, and language/locale
  • Device identifier for anti-abuse: When you redeem a referral, gift, or promo code, we collect your iOS identifierForVendor or Android ANDROID_ID. These identifiers are scoped to our app, are not cross-app trackable, and are used solely to prevent the same device from repeatedly farming referral rewards
  • Push notification tokens: Expo push tokens (which are ultimately delivered through Apple's APNs or Google's FCM) used to deliver notifications about completed processing, comments on shared outfits, and outfit reminders
  • Usage analytics: Anonymized usage data such as screens visited, features used (e.g., outfit generation, virtual try-on), and session information, collected via PostHog (see Section 8)
  • Error and crash data: JavaScript exceptions and error logs to help us identify and fix issues
  • Session recordings: Anonymized screen sessions at a 10% sample rate, with text inputs masked for privacy. Clothing and try-on images are visible in recordings because they are core to how the Service is used
  • Payment metadata: When you complete a purchase, we receive a transaction reference, amount, currency, plan or coin pack, and success/failure status. We never receive or store card numbers, mobile money PINs, CVVs, bank account numbers, or similar sensitive payment credentials (see Section 5)

3. How We Use Your Data

  • Wardrobe management: Processing your clothing photos with AI to detect, categorize, tag, and remove backgrounds from clothing items
  • Outfit planning: Generating personalized outfit suggestions based on your wardrobe, preferences, and context (occasion, weather, style vibe)
  • Virtual try-on: Combining your avatar photo with clothing items to synthesize try-on visualization images
  • Notifications: Sending push notifications about completed photo processing, comments on shared outfits, or outfit reminders
  • Payments and subscriptions: Processing purchases, crediting coins, activating subscriptions, handling refunds, and sending renewal reminders
  • Anti-abuse and security: Preventing spam, referral fraud, duplicate-account abuse, and payment fraud
  • Service improvement: Understanding usage patterns to improve features and fix issues

4. AI Processing

Closet Heritage uses Google's Gemini family of AI models (accessed through Google's paid Gemini API) to process your photos and generate content. When you upload a clothing photo, use virtual try-on, or generate outfits:

  • Your clothing photos and avatar photo are sent to Google's AI services for processing — specifically for photo validation, item detection, clothing tagging, background removal, hallucination verification, and try-on image generation. For virtual try-on we additionally send the gender you selected during onboarding so the rendered image is anatomically consistent. We do not send your occasion, style, vibe, or weather preferences to Google — outfit suggestions are computed by our own backend using a non-AI algorithm against the AI-generated tags already on your items
  • Paid tier — no training use: We use Google's paid Gemini API. Under Google's paid-tier terms, your prompts, uploads, and AI outputs are not used to train Google's AI models and are not retained by Google beyond the short window needed to fulfill the request and provide abuse protections
  • AI-generated content disclosure: Virtual try-on images are synthesized by AI — they are approximations, not photographs of you actually wearing the items. Outfit suggestions, item tags, and grid layouts are likewise AI-generated and may contain errors or misclassifications
  • Processed results (crops, try-on images, tags) are stored in your personal account and are not shared with other users, except when you explicitly share an outfit via the sharing feature

Avatar photos and biometric data

Your avatar is a full-body photo of you used solely to generate try-on images:

  • We do not extract biometric templates, face embeddings, fingerprints, voiceprints, or any other biometric identifiers from your avatar
  • We do not use your avatar for identity verification, face matching, surveillance, or any identification purpose
  • Avatar photos are sent to Google Gemini for try-on generation under the paid-tier terms described above and are not retained by Google for training
  • You can replace or delete your avatar at any time from the app. When you delete your account, your avatar is permanently deleted along with all other personal data

5. Payment Data

Closet Heritage offers subscriptions and one-time coin-pack purchases. We never see, process, or store your card numbers, mobile money PINs, CVVs, or bank account numbers — those are handled entirely by the payment providers below.

Payment providers

  • Apple In-App Purchase (iOS): Purchases on iOS are processed by Apple. Apple receives your Apple ID and payment method and handles the transaction. We receive a transaction identifier and subscription status from Apple via RevenueCat
  • Google Play Billing (Android): Purchases on Android are processed by Google. Google receives your Google account and payment method and handles the transaction. We receive a transaction identifier and subscription status from Google via RevenueCat
  • Paystack (Ghana — MTN MoMo, Telecel Cash, AirtelTigo, card): When you pay via our web checkout, you enter your payment details directly into Paystack. Paystack processes the payment and sends us a transaction reference, amount, and success/failure status. We pass your email and an anonymous user ID to Paystack so they can issue a receipt
  • RevenueCat: We use RevenueCat to manage subscription entitlements and your coin balance across platforms. RevenueCat receives your Closet Heritage user ID, subscription events, and coin-ledger transactions. RevenueCat does not receive payment credentials

What we store

  • Transaction reference (from Apple, Google, or Paystack)
  • Amount, currency, plan or coin pack identifier
  • Status (success, failed, refunded, processing)
  • Timestamp and channel (e.g., "mobile_money")
  • Your email (as used with the payment provider, for receipt delivery)

We retain payment records for the duration required by tax, accounting, and fraud-prevention obligations (typically 7 years in jurisdictions where applicable), even after account deletion. See Section 11.

6. Data Storage & Security

Your data is stored securely using Supabase (cloud infrastructure) with the following measures:

  • All data is encrypted in transit (TLS/SSL)
  • Database access is controlled by row-level security policies
  • Images are stored in secure cloud storage with access restricted to your account
  • Authentication tokens are stored securely on your device
  • Payment webhooks are signed with HMAC and verified before any state change is applied

7. Content Moderation

We apply automated content filters to user-submitted text (including outfit names and comments on shared outfits) to block profanity and abusive language. If your text is flagged, you will see an error and the text will not be saved; the specific words that triggered the filter may be shown so you can revise. We do not currently employ human moderators. Image content is not moderated by humans; the AI pipeline performs basic validation (e.g., full-body checks on avatars) but does not classify images for policy violations.

8. Analytics & Tracking

We use PostHog, a privacy-focused analytics platform, to understand how the app is used and to improve the Service. PostHog collects:

  • Usage events (e.g., features used, screens visited)
  • Device information (model, OS version, screen size, language)
  • Session recordings (a 10% sample of sessions, with text inputs masked for privacy)
  • Error and crash reports

We do not use any advertising trackers, IDFA/GAID collection, or cross-app tracking. PostHog data is used solely for product improvement and is not shared with advertisers.

Cookies

The mobile app does not use cookies. Our website (closetheritage.com) uses the following cookies:

  • Theme preference (essential): a small cookie storing your light/dark-mode preference so the correct theme loads on your next visit
  • PostHog analytics cookies: used to distinguish unique visitors and sessions in aggregate analytics. No personally identifying data is stored in these cookies

We do not use advertising cookies, third-party marketing cookies, or any cookie that enables cross-site tracking.

9. Data Sharing & Third-Party Processors

We do not sell your personal data. We share data only with the third-party processors listed below, each acting on our behalf under contractual data-protection terms, and only to the extent necessary to deliver the Service.

  • Google (Gemini API): AI photo and text processing. See Section 4
  • Supabase: Database, authentication, file storage, and realtime subscription infrastructure. Hosted in the EU (Frankfurt region)
  • Railway: Backend application hosting
  • PostHog: Product analytics and session recordings (US-hosted)
  • Resend: Transactional email delivery (verification emails, referral and gift-code invitations, account notifications)
  • RevenueCat: Subscription entitlement and virtual currency (coin) management
  • Paystack: Payment processing for Ghana mobile money and card payments
  • Apple and Google: In-app purchase processing, push notification delivery (APNs and FCM respectively), and, if you use Google or Apple sign-in, identity verification
  • Expo: Push notification routing to APNs and FCM
  • Legal and regulatory: We may disclose data if required by law, regulation, valid legal process, or to protect our rights, your safety, or the security of the Service
  • Shared outfits: If you explicitly share an outfit, only the outfit details and try-on image are visible to anyone with the link. Your avatar, full wardrobe, and profile information are not exposed

10. International Data Transfers

Delivering the Service involves transferring your personal data across borders. In particular:

  • Our primary database and storage are hosted in the European Union (Supabase, Frankfurt)
  • AI processing (Google Gemini), analytics (PostHog), email (Resend), subscription management (RevenueCat), and backend hosting (Railway) are primarily hosted in the United States
  • Paystack is hosted in Ghana and other African regions
  • Apple and Google operate globally

For transfers of EU/UK personal data to countries outside the EEA/UK, we rely on the European Commission's Standard Contractual Clauses (SCCs) and equivalent UK safeguards, together with supplementary technical measures (encryption in transit, access controls, row-level security). Each of our third-party processors listed in Section 9 has either executed SCCs with us or operates under an adequacy decision.

11. Data Retention

We retain your data for as long as your account is active. When you delete your account:

  • All personal data, clothing photos, processed images, outfits, and your avatar are permanently deleted
  • Deletion is immediate and irreversible
  • We may retain anonymized, aggregated data (e.g., total user counts) that cannot be linked back to you
  • Payment records exception: transaction records required for tax, accounting, and fraud-prevention compliance are retained for the period required by applicable law (typically up to 7 years). These records include only the reference, amount, status, and plan — not your clothing photos, avatar, or wardrobe content

12. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with equivalent law, we rely on the following legal bases under the General Data Protection Regulation (GDPR) Article 6:

  • Performance of a contract (Art. 6(1)(b)): Processing your account, photos, outfits, and payments to deliver the Service you signed up for
  • Consent (Art. 6(1)(a)): Optional features such as analytics, session recordings, and push notifications. You can withdraw consent at any time through device settings or by contacting us
  • Legitimate interest (Art. 6(1)(f)): Security, fraud prevention, anti-abuse (including referral device fingerprinting), debugging, and protecting the integrity of the Service
  • Legal obligation (Art. 6(1)(c)): Retaining payment and tax records as required by law

You have the right to lodge a complaint with your local data protection authority if you believe we have mishandled your data.

13. Automated Decision-Making

We use AI-driven personalization to generate outfit suggestions, tag clothing items, and synthesize try-on images. These decisions are purely for convenience and do not produce legal effects or similarly significant effects on you within the meaning of GDPR Article 22. They do not affect pricing, creditworthiness, eligibility, or access to services.

You can always override AI-generated tags, reject outfit suggestions (dismiss), or retake photos. If you believe an AI output has caused you harm, contact us at the address below.

14. Your Rights

You have the right to:

  • Access your data: View all your personal information, clothing items, and outfits within the app
  • Correct your data: Update your name, gender, avatar, and all clothing item details at any time
  • Delete your data: Delete individual items, or delete your entire account (which permanently removes all data including photos, outfits, and your profile, subject to the payment-record retention exception in Section 11)
  • Port your data: Request a machine-readable export of your data by contacting us
  • Object to or restrict processing: Where we rely on legitimate interest, you can object to specific processing activities
  • Withdraw consent: Revoke push notification, analytics, or other optional permissions through your device settings or by contacting us
  • Non-discrimination (California residents, CCPA/CPRA): We will not deny you service, charge you a different price, or provide a different quality of service because you exercised any of these rights
  • Opt out of sale/sharing (California residents): We do not sell or share your personal information for targeted advertising. There is nothing to opt out of, but we state this explicitly for clarity

15. Children's Privacy

Closet Heritage is designed for a general audience and is rated 4+ on the App Store and has a content rating on Google Play. We do not knowingly collect personal data from children under 13 without parental consent. If we learn that we have collected data from a child under 13, we will promptly delete it. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

16. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the app or by email. The "Last updated" date at the top reflects the most recent revision.

17. Contact Us

If you have questions about this Privacy Policy or how we handle your data, or you want to exercise any of your rights, contact us:

Closet Heritage — Preserve the story your clothes tell
Terms of ServicePrivacy Policy