This Privacy Policy describes how Warderobe (“Warderobe”, “we”, “us”, “our”) processes personal data when you use our virtual try-on service. By creating an account or using the Service, you acknowledge that you have read and understood this Policy.
Plain summary:We collect what’s needed to run Warderobe. Your photos are sent to Google’s Gemini AI to generate try-on images and to nobody else. We do not sell your data. You can delete everything at any time. What happens inside Google’s infrastructure is subject to Google’s terms, not ours.
1. Who we are & contact
Warderobe is operated by Royal SoftWorks d.o.o. Kragujevac(“the Company”, “Royal SoftWorks”, “we”, “us”), a limited liability company (društvo sa ograničenom odgovornošću) registered under the laws of the Republic of Serbia, with registered office at [Street Address], 34000 Kragujevac, Republic of Serbia.
For data protection matters: privacy@warderobe.app.
Sole data controller: Royal SoftWorks d.o.o. is the sole data controller for all users globally. We are incorporated in the Republic of Serbia, whose Law on Personal Data Protection (Zakon o zaštiti podataka o ličnosti, ZZPL) is substantively aligned with EU GDPR requirements. We do not have an establishment in the EEA or the United Kingdom. Where the EU GDPR or UK GDPR applies to our processing by virtue of your location, we comply with those obligations to the extent required. If you are an EEA or UK resident and require us to designate a local representative pursuant to Article 27 GDPR, contact legal@warderobe.app.
2. Information we collect
Account data
- Email address, display name, and profile picture URL (from your sign-in provider).
- A unique user ID generated by Firebase Authentication.
- Subscription tier, billing status, and subscription source (Paddle, Apple, or Google Play). We do not store payment card details.
Content you upload
- Selfie photographs you upload for virtual try-on.
- Photographs of clothing, accessories, and other items.
- Folder names, item labels, and metadata you create.
- AI-generated output images stored in your account.
You are solely responsible for the legality and appropriateness of all content you upload. By uploading content, you represent and warrant that you have all necessary rights to do so and that the content does not violate any law or third-party rights. We bear no liability for content you upload.
Usage and technical data
- Feature usage events, generation counts, and session metadata.
- Server logs including IP address, browser/OS type, and request IDs.
- Error reports and diagnostic information.
- Cookies and device storage (see our Cookie Policy).
Communications
Any message you send to Warderobe support and our reply, retained for as long as necessary for customer service and legal purposes.
3. How we use your data
- Service delivery — authenticate you, store your wardrobe, transmit your photos to Google Gemini for AI generation, deliver generated images, sync across devices.
- Credit accounting — enforce Free (2/month) and Pro (100/month) generation limits via server-side transactions.
- Billing — process subscriptions through Paddle, Apple, or Google Play; manage renewals, cancellations, and entitlement.
- Support — respond to your requests and resolve issues.
- Security & abuse prevention — detect fraud, suspicious activity, policy violations, and threats to the Service or other users.
- Legal compliance — fulfil our obligations under tax law, accounting regulations, and enforceable legal orders.
- Product improvement — analyse aggregated, de-identified usage patterns to improve the Service. Aggregated data does not identify you and is not subject to erasure.
- Law enforcement cooperation — we may disclose your data to authorities proactively where we have a good-faith belief that doing so is necessary to prevent illegal activity, protect the safety of any person, or comply with applicable law, without prior notice to you where notice is not required or would compromise an investigation.
4. AI processing disclosure
When you initiate a generation, Warderobe transmits the selfie(s) and item photo(s) you selected, along with a system-generated prompt, to the Google Gemini 2.5 Flash Image API. The API processes your photos on Google’s infrastructure and returns a generated image. We store that image in your account.
You expressly acknowledge and accept that:
- Your photos are transmitted to Google’s servers for AI processing.
- AI-generated outputs are approximate visual representations, not accurate depictions of how any garment will actually look, fit, or appear in real life.
- Outputs may be unexpected, inaccurate, or undesirable despite safety filters.
- We use the paid Gemini API; per Google’s terms, your inputs are not used to train Google’s models. However, Google’s processing is subject to Google’s own Privacy Policy, not ours.
- Warderobe is not liable for how Google processes your data, for the content of AI-generated outputs, or for any losses arising from your reliance on such outputs.
5. User content & your responsibility
Warderobe has no obligation to monitor, review, or screen content you upload. We reserve the right, but not the obligation, to review, refuse, remove, or report any content at any time, in our sole discretion and without notice, where we reasonably believe it may violate these policies, applicable law, or third-party rights.
You bear full and exclusive responsibility for all content you upload, all generations you initiate, and all uses you make of generated images. Warderobe disclaims all liability arising from your content or your use of the Service.
6. Legal bases (EEA, UK & Switzerland)
Where GDPR or UK GDPR applies, we rely on:
- Contract (Art. 6(1)(b)) — processing necessary to provide the Service under our Terms of Service.
- Legitimate interests (Art. 6(1)(f)) — security, fraud prevention, abuse detection, aggregate analytics, law enforcement cooperation, and the protection of our legal rights. Our legitimate interests are not overridden by your interests where we have implemented appropriate safeguards.
- Legal obligation (Art. 6(1)(c)) — tax, accounting, anti-money laundering, and other legal requirements.
- Consent (Art. 6(1)(a)) — non-essential cookies and direct marketing, where we seek it separately.
7. Processors & sharing
We do not sell your personal data. We engage the following processors, each bound by data processing agreements:
- Google LLC / Google Ireland Ltd. — Firebase (Auth, Firestore, Cloud Storage, Cloud Functions) and Gemini AI API. Primary infrastructure provider.
- Paddle.com Market Ltd. — web billing, VAT handling, and payment processing. Paddle is the merchant of record and a separate data controller for payment data.
- Apple Inc. — iOS in-app purchase billing.
- Google LLC (Play) — Android in-app purchase billing.
We may also disclose data: (a) to comply with applicable law or legal process; (b) to protect the rights, property, or safety of Warderobe, our users, or the public; (c) in connection with a merger, acquisition, financing, or sale of all or part of our business, in which case data may be transferred as a business asset; or (d) with your explicit consent.
8. International transfers
Our infrastructure runs primarily on Google Cloud in the United States. If you are in the EEA, UK, or Switzerland, your data is transferred on the basis of the European Commission’s Standard Contractual Clauses (SCCs) and Google’s Data Processing and Security Terms. By using the Service, you acknowledge that your data, including your photos, will be processed in the United States and other countries whose data protection laws may differ from those in your country of residence.
9. Data retention
- Account and content data: retained for the life of your account. Upon account deletion, content files are removed within 30 days; account records within 30 days.
- Payment and financial records: retained for 7 years as required by applicable tax and accounting law. This data cannot be erased within that period.
- Server and security logs: up to 90 days; may be retained longer in connection with an ongoing security investigation or legal matter.
- Aggregated & de-identified data: retained indefinitely. Aggregated data does not identify you and is not subject to erasure requests.
- Legal hold: any data subject to a legal hold, dispute, or investigation will be retained until the matter is resolved, regardless of other timelines.
10. Security & data incidents
We implement industry-standard technical and organisational measures: TLS in transit, encryption at rest, Firebase row-level security rules, API key secret management, and restricted admin access.
No security measure is perfect.You acknowledge that: (a) no transmission over the internet or method of electronic storage is 100% secure; (b) data incidents caused by the actions or omissions of our processors (including Google) are subject to those processors’ terms and insurance, and Warderobe’s liability for such incidents is limited to the fullest extent permitted by law; (c) you use the Service and transmit personal data at your own risk.
We will notify you and relevant supervisory authorities of data incidents as required by applicable law.
11. Your rights
Subject to applicable law and the limitations below, you have the right to:
- Access a copy of the personal data we hold about you.
- Rectify inaccurate data.
- Erasure (“right to be forgotten”) — we will delete your account and content on request. Exceptions: financial records retained by law (7 years), anonymised aggregated data, data subject to legal hold.
- Restriction of processing in certain circumstances.
- Portability of data we process on the basis of contract or consent, in a commonly-used machine-readable format.
- Object to processing based on legitimate interests.
- Withdraw consent at any time for consent-based processing.
- Lodge a complaint with your local supervisory authority.
How to exercise rights: email privacy@warderobe.appfrom your account’s registered address. We will respond within 30 days. We may require identity verification before processing requests. We may reject requests that are manifestly unfounded, excessive, or that conflict with our legal obligations.
California residents (CCPA/CPRA): you have the right to know, delete, correct, opt-out of sale/sharing (we do not sell or share personal information for cross-context behavioural advertising), and non-discrimination. Submit requests to privacy@warderobe.app.
12. Biometric privacy laws (Illinois BIPA & similar)
Warderobe does notcollect, capture, purchase, receive, or otherwise obtain “biometric identifiers” or “biometric information” as those terms are defined under the Illinois Biometric Information Privacy Act (BIPA), the Texas Capture or Use of Biometric Identifier Act (CUBI), the Washington My Health MY Data Act, or similar laws. Specifically:
- We do not scan, extract, or generate face geometry maps, retina scans, fingerprints, or voiceprints from your photos.
- Your photos are transmitted as image files to Google Gemini for try-on generation. We do not derive, store, or use any biometric template from those images.
- We do not use your photos for identity verification or recognition.
If the law in your jurisdiction imposes requirements on the collection of biometric data, those requirements do not apply to Warderobe’s processing of your photos as described above. By uploading your photo, you acknowledge that you have read this disclosure and consent to the transmission of your photo to Google Gemini for AI-powered try-on generation as described in this Policy.
13. Children
The Service is not directed to children under 13 (or under 16 in the EEA/UK). If you are under the applicable minimum age, you may not use Warderobe. If we learn that a user is under the applicable age, we will delete their account and data promptly. Contact privacy@warderobe.app if you believe a child has used the Service.
14. Cookies
See our Cookie Policy. Essential session cookies are always active; all other categories require your consent via our cookie banner.
15. Changes to this Policy
We may update this Policy at any time. We will give at least 14 days’ notice of material changes via in-app notification and email. Continued use of the Service after the effective date constitutes your acceptance of the revised Policy. If you do not agree with material changes, you must stop using the Service and delete your account before the effective date.
16. Contact
privacy@warderobe.app
Royal SoftWorks d.o.o. Kragujevac
[Street Address], 34000 Kragujevac, Republic of Serbia
EEA/UK users may also contact their national supervisory authority. You have the right to do so without first contacting us. The competent supervisory authority for Serbia is the Commissioner for Information of Public Importance and Personal Data Protection (poverenik.rs).