STYLD Privacy Policy

Last Updated: March 5, 2026

This Privacy Policy explains how STYLD AI Inc. ("STYLD", "we", "our", or "us") collects, uses, shares, and safeguards personal information when you use STYLD: Your Digital Closet and our related services, including our iOS application, APIs, backend infrastructure, and support channels (collectively, the "Service").

1. Information We Collect

1.1 Account & Identity Data

• Contact details such as name and email address, or your Apple ID when you sign in with Apple.
• Authentication tokens, refresh tokens, and keychain metadata required to maintain secure sessions.

1.2 Wardrobe & Content Data

• Photos, outfit images, clothing items, collections, notes, and feedback you upload or create.
• Machine-learning derivatives generated from your uploads, including segmented clothing assets, background-removed renders, category tags, style embeddings, and outfit recommendations. These derivatives are produced using third-party AI services (see Section 3).
• Preferences you provide during onboarding and in-app settings, such as style archetypes, apparel preferences, and notification settings.

1.3 Usage & Device Data

• Device identifiers, operating system version, app version, locale, and time zone.
• In-app interactions — including feature usage, navigation flows, button taps, upload events, outfit saves and shares, subscription interactions, and sign-in/sign-out events — captured via PostHog (see Section 4).
• Crash reports, error logs, and processing pipeline telemetry used to diagnose reliability issues.

1.4 Session Recordings

• What is recorded: Screen state and user interactions (taps, scrolls, navigation). Recordings are captured in screenshot mode.
• What is masked: All text input fields (e.g., email, password, search boxes) are automatically masked and never appear in recordings. The profile and settings screens are masked entirely. Sandboxed system views are also masked.
• What is not masked by default: Wardrobe images and outfit photos may appear in recordings. If you prefer these not to appear, contact us at the address in Section 13.
• Environments: Session replay is active in all builds, including production releases distributed via the App Store.
• Retention & control: Session data is processed by PostHog under our data processing agreement. You may request deletion of your session data by contacting us.

1.5 Payment & Subscription Data

• Subscription status, trial eligibility, entitlements, and billing history managed by Apple In-App Purchase, RevenueCat, and Superwall.
• Limited transaction metadata (e.g., transaction identifiers and subscription tier) needed to manage access. We do not store full payment card information.

2. How We Use Information

• Authenticate sessions, enable uploads, and deliver core app functionality.
• Power AI features such as clothing segmentation, background removal, outfit recommendations, automated category tagging, and the AI Stylist chat — using the platforms described in Section 3.
• Perform on-device processing using Apple's Vision and VisionKit frameworks, including face detection for the optional face-privacy feature and background removal. No image data leaves your device during these on-device steps.
• Deliver personalized outfit suggestions, paywall messaging, and subscription management.
• Analyze session recordings and event analytics to improve product usability and fix bugs.
• Monitor service performance, debug failures, and maintain security through error tracking, queue monitoring, and health checks.
• Communicate with you about product updates, support responses, and policy changes. Marketing communications are sent only with your consent where required by law.
• Comply with legal obligations and enforce our Terms of Use.

3. Third-Party Services & AI Platforms

We do not sell your personal information. We share data with the following categories of service providers under contractual data protection safeguards:

Infrastructure & Storage

• Microsoft Azure — Backend hosting, APIs, and image storage (Azure Blob Storage). Clothing images and outfit renders are stored and proxied through our Azure-hosted backend.

AI & Machine Learning

• Google Gemini — AI and machine learning features within the Service.
• OpenAI (GPT-4) — AI and machine learning features within the Service.
• Replicate — AI and machine learning features within the Service.
• Apple Vision & VisionKit — On-device processing only. No image data is sent to Apple's servers during these operations.

Analytics & Session Recording

• PostHog — Event analytics and session replay (screenshot-based). User identifiers and interaction events are sent to PostHog's US-region servers. Sensitive fields are masked before transmission. PostHog processes data under our data processing agreement.

Subscriptions & Monetization

• RevenueCat — Subscription and entitlement management. Purchase receipts and customer identifiers are shared to determine subscription status.
• Superwall — Paywall presentation and A/B testing. User identifiers and subscription attributes are shared to determine paywall eligibility.
• Apple In-App Purchase — All payment transactions are processed directly by Apple. We receive only transaction metadata.

Image Delivery

• Kingfisher — An open-source image caching library that stores wardrobe images in local device memory and on-disk cache to improve load performance. Cached images remain on your device and are cleared when you delete the app or your account.

Other

• Authorized STYLD personnel and contractors — Access is restricted on a need-to-know basis and is subject to confidentiality obligations.
• Legal requirements — When required by law, court order, or to investigate fraud or protect safety.
• Business transfers — In connection with a merger, acquisition, or financing, subject to continued protection of your personal information.

4. Analytics & Tracking Technologies

The app uses the PostHog SDK to capture named events (such as sign-in, photo captures, outfit saves, subscription interactions, and onboarding steps) along with a pseudonymous distinct ID tied to your account. Automatic capture of application lifecycle events and screen views is disabled; only events we explicitly instrument are sent.

Session replay operates as described in Section 1.4. No third-party advertising or cross-app tracking SDKs are included in the app.

5. Your Choices & Controls

• Account Settings: Update your profile, manage your subscription, or delete your account directly in the app.
• Content Management: Upload, edit, or delete outfits, clothing items, and collections at any time.
• Device Permissions: Control camera, photo library, and notification access via iOS Settings. Revoking camera or photo access will limit upload functionality.
• Face Privacy: Enable the face-privacy feature in Settings to blur detected faces in outfit photos before they are uploaded. Detection runs entirely on-device.
• Session Replay: Contact us to request that your session recordings be deleted from PostHog.
• Marketing: Opt out of marketing communications via unsubscribe links or by contacting us.

6. Data Retention

We retain personal information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. When you delete your account:

• Wardrobe content, media assets, and authentication tokens are deleted from active systems.
• Locally cached images (via Kingfisher) are cleared from your device.
• PostHog event data and session recordings are retained per PostHog's data retention settings under our agreement; contact us to request earlier deletion.
• Aggregated or anonymized analytics may be retained indefinitely without identifying you.
• Archival logs may be kept for a limited period for safety, fraud prevention, or legal compliance.

7. Security

We employ technical, administrative, and physical safeguards to protect your data, including:

• HTTPS encryption for all data in transit.
• Authenticated image proxy — wardrobe images are served through our API using Bearer token authentication rather than publicly guessable URLs.
• Expiring SAS tokens for Azure Blob Storage access where the proxy is not in use.
• Keychain storage for authentication tokens on-device.
• Least-privilege access controls and audit logging on backend systems.
• Sensitive fields (email addresses, tokens, API keys) are redacted from PostHog session logs.

No system is 100% secure. Please notify us promptly at the contact below if you suspect a security incident.

8. International Data Transfers

We operate from Canada and the United States. Our service providers — including Microsoft Azure, Google, OpenAI, Replicate, PostHog, RevenueCat, and Superwall — may process data in various jurisdictions. When personal information is transferred across borders, we rely on appropriate safeguards such as contractual data protection obligations and, where applicable, Standard Contractual Clauses.

9. Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children. If we learn that a child under 13 has provided personal information, we will promptly delete it. Parents or guardians who believe their child has submitted information may contact us for assistance.

10. Rights of EEA, UK & Other Regions

Depending on your location, you may have rights regarding your personal information, including the right to access, correct, delete, restrict processing, or request data portability. You may also have the right to object to processing or to lodge a complaint with a supervisory authority. Contact us at the address in Section 13 to exercise these rights.

11. Third-Party Links & Integrations

The Service may include links to third-party websites or integrations. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before sharing information with them.

12. Changes to This Policy

We may update this Privacy Policy to reflect product changes, legal requirements, or operational practices. Material updates will be communicated via in-app notification or email. Continued use of the Service after the effective date signifies acceptance of the updated policy.

13. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our privacy practices, please contact us at:

STYLD AI Inc.
fitsdeveloper23@gmail.com

Thank you for trusting STYLD to power your digital closet.