Stylofy Stylofy
ES Back

Privacy Policy

Version 2025-01 | Last updated:

Table of Contents

  1. Data Controller Information
  2. Introduction
  3. Data We Collect
  4. How We Collect Your Data
  5. Purpose, Legal Basis and Consent
  6. Who We Share Your Data With
  7. Data Security
  8. Application Permissions
  9. Data Retention
  10. Your Rights (GDPR)
  11. Cookies and Technologies
  12. Minors
  13. Changes to This Policy
  14. Contact and Complaints
  15. Jurisdiction and Applicable Law

1. Data Controller Information

Data controller:

2. Introduction

Stylofy ("we", "our app") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share and protect your personal information when you use our mobile application Stylofy.

By using Stylofy, you agree to the practices described in this policy. If you do not agree, please do not use the application.

3. Data We Collect

3.1. Personal Information

  • Full name: to create and manage your profile
  • Email address: for registration, authentication and communication
  • Unique user identifier: to identify your account
  • Date of birth: to personalize recommendations (optional)
  • Gender: to personalize style recommendations (optional)

3.2. Style Profile Information

  • Body measurements: height, weight, body shape
  • Style preferences: favorite styles, preferred brands
  • Clothing and shoe sizes
  • Skin tone and hair color (optional)

3.3. Photos and Images

  • Profile photos: for your account
  • Body photos: to generate your AI-powered personalized model
  • Clothing photos: for your digital wardrobe
  • Generated virtual model: created with AI from your photos

3.4. Financial Information

  • Payment information: processed by Stripe (we do not store card data)
  • Purchase history: subscriptions and in-app purchases
  • Subscription information: active plan, renewal dates

3.5. Usage Information

  • In-app actions: generated looks, saved products, searches
  • Preferences and settings
  • Interaction history: favorite looks, created collections

3.6. Technical Device Information

  • Unique device identifier: for sending push notifications
  • Device information: model, operating system, app version
  • Notification tokens: for sending push notifications (FCM)

3.7. Authentication Data

  • Login credentials: email and password (encrypted)
  • Authentication tokens: to keep your session active
  • Google sign-in information (if you use this option)

4. How We Collect Your Data

4.1. Information you provide directly

  • When you register
  • When you complete your profile
  • When you upload photos
  • When you use app features
  • When you contact us

4.2. Information collected automatically

  • Usage data through Firebase Analytics
  • Device information necessary for operation
  • Notification tokens for sending alerts

4.3. Information from third parties

  • Google Sign-In: name and email if you register with Google
  • Google Play Billing: in-app purchase information
  • Stripe: payment confirmation (no card data)

5. Purpose, Legal Basis and Consent

5.1. Service provision

  • Create and manage your account and authentication
  • Provide personalized style recommendations
  • Generate your virtual model with AI and let you try on looks
  • Manage your digital wardrobe and collections
  • Process subscriptions, payments and plan access

Legal basis: performance of a contract (GDPR Art. 6.1.b).

5.2. Service improvement (Statistics / Analytics)

  • Measure app usage to detect errors and performance issues
  • Analyze which features are used most to prioritize improvements
  • Conduct aggregated A/B product testing

Legal basis: your consent for the use of analytics tools. You can enable or disable this category from the Privacy Center in the app at any time.

5.3. Commercial communications (Marketing)

  • Send push notifications about news, offers, campaigns and promotional content
  • Reminders about features that may interest you

Legal basis: your consent (GDPR Art. 6.1.a). Commercial communications are disabled by default.

5.4. Advanced personalization

  • Further adapt recommendations and content to your style
  • Create advanced user segments for more relevant experiences

Legal basis: your specific consent (GDPR Art. 6.1.a). Disabled by default.

5.5. Legal compliance and security

  • Maintain transaction records to comply with tax obligations
  • Prevent fraud, unauthorized access and misuse
  • Respond to legal requests and court orders

Legal basis: compliance with legal obligations (GDPR Art. 6.1.c) and legitimate interest (GDPR Art. 6.1.f).

6. Who We Share Your Data With

6.1. Service providers (data processors)

Google (Firebase):

  • Firebase Authentication: authentication
  • Firebase Analytics: usage analysis
  • Firebase Cloud Messaging: push notifications
  • Firebase Storage: photo storage
  • Stripe: payment processing
  • Google Play / App Store: in-app purchase management

These providers act as data processors and only process data according to our instructions.

6.2. We do not sell your data

We do not sell, rent or share your personal data with third parties for third-party marketing purposes.

6.3. International transfers

Some providers may be located outside the EEA. In such cases, we use EU-approved standard contractual clauses.

7. Data Security

7.1. Technical measures

  • Encryption in transit: all communications use HTTPS/TLS
  • Encryption at rest: sensitive data encrypted
  • Secure authentication: hashed passwords
  • Restricted access: authorized personnel only
  • Regular security updates

7.2. Organizational measures

  • Access and confidentiality policies
  • Staff training
  • Periodic security audits

7.3. Limitations

While we implement reasonable measures, no system is 100% secure. We cannot guarantee absolute security.

8. Application Permissions

8.1. Camera

  • Purpose: take photos of clothing items and create your personalized model
  • When requested: when using features that require photos
  • You can deny it: some features will be limited

8.2. Photo gallery

  • Purpose: select clothing photos and save looks
  • When requested: when selecting images or saving looks
  • You can deny it: some features will be limited

8.3. Notifications

  • Purpose: alerts about new looks, subscription reminders
  • You can disable it: in device or app settings

9. Data Retention

9.1. Retention periods

  • Active account data: as long as your account is active
  • After account deletion: we delete your data within a maximum of 30 days
  • Transaction records: 7 years (tax obligation)
  • Anonymized data: may be retained indefinitely

9.2. Consent records

We maintain a record of your privacy decisions including the version of accepted policies, chosen options, and date and time of changes.

9.3. Deletion

You can request deletion of your account and data at any time from our data deletion page or from the app (Profile → Settings → Delete account).

10. Your Rights (GDPR)

  • Right of access: request a copy of your personal data
  • Right to rectification: correct inaccurate data from the app
  • Right to erasure: delete your account from Profile → Settings → Delete account
  • Right to data portability: request a copy in a structured format
  • Right to object: object to processing for certain purposes
  • Right to restrict processing: in certain specific cases
  • Right to withdraw consent: at any time

How to exercise your rights:

  • From the app: Privacy Center (Profile → Privacy Preferences)
  • Email: [email protected]
  • Response time: maximum 30 days

11. Cookies and Technologies

The mobile app does not use traditional cookies. We use:

  • Authentication tokens: to keep your session active
  • Device identifiers: for push notifications
  • Firebase Analytics: anonymized usage data

You can manage these technologies from the Privacy Center in the app.

12. Minors

Stylofy is not intended for persons under 13 years of age (or 16 in some countries). If we detect that a minor has provided data without parental consent, we will delete that information.

If you are a parent and believe your child has provided us with data, please contact us: [email protected]

13. Changes to This Policy

We may update this policy. We will notify you of significant changes through:

  • In-app notification
  • Email (if the change is significant)
  • Update to the "last updated" date

Continued use after changes implies acceptance.

14. Contact and Complaints

General contact: [email protected]

Supervisory authority:

If you reside in the EU and are not satisfied, you may file a complaint with your data protection authority:

15. Jurisdiction and Applicable Law

This policy is governed by:

  • General Data Protection Regulation (GDPR) - EU
  • Organic Law 3/2018 on Data Protection (Spain)
  • Other applicable laws according to your jurisdiction