This policy is provided in English. An official Italian-language version is available on request at [email protected].
This Privacy Policy describes how Vestimy ("Vestimy",
"we", "us", or
"our") collects, uses, stores, and shares personal
data when you use the Vestimy mobile application (the
"App") and the related backend services available at
https://api.vestimy.com (collectively, the
"Service").
We are committed to protecting your personal data and respecting your rights under the EU General Data Protection Regulation 2016/679 ("GDPR"), the Italian Personal Data Protection Code (D.Lgs. 196/2003 as amended), and other applicable privacy laws.
1. Data Controller
The data controller responsible for the processing of your personal data is Vestimy - operator of the Vestimy App. Contact email: [email protected]. If you have any questions about this policy or wish to exercise your rights, please contact us at the address above.
2. Categories of personal data we process
2.1 Data you provide directly
| Data | When collected | Purpose |
|---|---|---|
| Email address | Sign-up, login, password reset | Account creation and authentication |
| Password | Sign-up, login | Authentication (handled and stored only by Firebase Authentication; we never see your password in plaintext) |
| Display name | Sign-up | Personalisation of your profile |
| Gender preference | Onboarding and profile | Tailoring recommendations. A content preference, not a declaration of gender identity. |
| Username | Auto-suggested from email; editable | Identifying your profile within the Service |
| Photos of clothing items | When you add a garment | AI-based identification and persistent wardrobe storage |
| Garment metadata | When you finalize a garment | Building and organising your digital wardrobe |
| Outfit data | When you create an outfit | Wardrobe organisation, sharing outfits |
| Feedback messages | In-app feedback form | Improving the Service. Delivered to PostHog, not retained on the Vestimy backend. |
2.2 Data we derive automatically
- First/last name parsed from your Firebase display name or email local-part when not provided explicitly.
- Username generated by sanitising the local part of your email. You can change it at any time.
- Firebase user identifier (
uid), used internally and as the distinct identifier in our analytics.
2.3 Data from third-party sign-in (Google)
If you sign in with Google, we receive an OAuth ID token containing your Google account email and display name, which we exchange with Firebase Authentication. We do not access your Google Contacts, Drive, Calendar, photos, or any other Google product data.
2.4 Technical and usage data (analytics)
We automatically collect the events listed in Section 5, associated with your Firebase user identifier so we can understand how users interact with the App.
2.5 Data we do not collect
We do not collect: date of birth, age, phone number, postal address, payment information, precise or coarse geolocation, contacts, calendar entries, microphone audio, biometric identifiers, advertising identifiers (IDFA/AAID), or device fingerprints.
3. Device permissions
| Permission | Why we need it | When prompted |
|---|---|---|
| Camera | To photograph your clothing items | When you tap "Add item" → "Scan" |
| Photo library | To pick an existing photo of a clothing item | When you tap "Choose from library" |
The App does not request permission for: notifications, location, contacts, calendar, microphone, media library write access, tracking transparency (ATT), Bluetooth, motion sensors, or background fetch.
4. Purposes and legal bases
We rely on the following GDPR Article 6 legal bases:
| Purpose | Legal basis |
|---|---|
| Creating and authenticating your account | Contract - Art. 6(1)(b) |
| Building and maintaining your digital wardrobe | Contract - Art. 6(1)(b) |
| AI-based clothing identification | Contract - Art. 6(1)(b) |
| Outfit suggestions and personalised feed | Contract & legitimate interest - Art. 6(1)(b)/(f) |
| Product analytics (event tracking) | Legitimate interest - Art. 6(1)(f). You can object (Section 11). |
| Handling feedback you submit | Legitimate interest - Art. 6(1)(f) |
| Security, fraud prevention, abuse detection | Legitimate interest & legal obligation - Art. 6(1)(f)/(c) |
| Account deletion requests | Legal obligation - Art. 6(1)(c), Art. 17 |
We do not process any special categories of personal data (Art. 9 GDPR), and we do not rely on consent except where explicitly requested in-app (camera and photo library access).
5. Analytics
We use PostHog as our product analytics processor,
configured by default to the European hosting region
(https://eu.i.posthog.com).
5.1 What is sent to PostHog
When you are signed in, the following are associated with your
Firebase user identifier: your email address, your authentication
provider (e.g. password, google.com), and
your username.
5.2 Events tracked
We record discrete events corresponding to actions you take - including session lifecycle, the authentication funnel, onboarding, the add-item flow, closet activity, outfit and product detail actions, the Explore feed, account actions, and feedback. Automatic touch and screen capture are disabled; we do not record screen content, key presses, or input fields (other than feedback you choose to submit).
5.3 Opting out of analytics
To object to analytics processing under Art. 21 GDPR, contact
[email protected] and we will dissociate your data from
analytics records and refrain from further analytics processing for
your account.
6. Third parties (processors and sub-processors)
Each provider below processes personal data on our behalf under a data processing agreement compliant with Art. 28 GDPR.
| Provider | Role | Location |
|---|---|---|
| Google Firebase (Authentication) | Authentication service | Google global infrastructure (may include the US) |
| Google Sign-In | Federated identity (only if you choose Google sign-in) | Google global infrastructure |
| PostHog | Product analytics | European Union (default) |
| Vestimy backend | Profile, closet, garments, outfits, feed | European Union |
External merchant "Buy" links open in your device browser and are governed by their own privacy policy; we do not pass personal data through the outbound URL.
6.1 International data transfers
Where a processor transfers your data outside the EEA (in particular
Firebase / Google), the transfer is governed by the European
Commission's Standard Contractual Clauses (2021/914)
and supplementary measures where required. Contact
[email protected] for a copy of the safeguards.
7. Photos of clothing items
When you scan or upload a photo of a clothing item:
- The image is sent to our backend as a JPEG with its dimensions.
- An automated AI routine returns suggested categories, confidence scores, and dominant colors. No human reviews your images in the ordinary course of the Service.
- If you finalize the item, the image is stored persistently and re-served as image URLs tied to your wardrobe.
- If you abandon the flow, the identification record may be retained but the garment won't appear in your closet.
You can delete any garment (and its photos and metadata) at any time; deletion propagates to our backend.
8. AI-generated outfit suggestions
We use server-side AI to identify clothing categories and colors, to produce outfit suggestions from your closet, and to generate outfits anchored on Explore items. These features perform automated processing within the meaning of Art. 22 GDPR, but the outputs are non-binding recommendations with no legal or similarly significant effect - you can ignore, dismiss, or accept any suggestion. No on-device ML model is bundled; all AI runs on our backend.
9. Where and how long we store your data
9.1 On your device
Your Firebase auth token is held in secure storage (iOS Keychain / Android EncryptedSharedPreferences); the Firebase session and a 24-hour cache of the category taxonomy in local storage; transient flow state in memory. All of the above are wiped when you sign out or delete your account.
9.2 On our servers and processors
- Firebase Authentication - retained while your account is active; deleted on account deletion.
- Vestimy backend - profile, closets, garments, photos, outfits - retained while active; deleted on account deletion.
- PostHog analytics - retained up to 12 months, then pseudonymised or deleted.
- Backups and logs - retained up to 30 days for disaster recovery, then overwritten.
10. Sharing and social features
The App does not currently expose social-graph features (no followers,
friends, comments, likes, or DMs). Your closet is
private by default. You can share outfits through your
OS's native share sheet - the content is plain text only
(outfit and garment names); no images, links, or Vestimy URLs are
inserted.
11. Your rights
Under the GDPR you have the right to:
- Access (Art. 15) - obtain a copy of your data.
- Rectification (Art. 16) - correct inaccurate data.
- Erasure (Art. 17) - a one-tap Delete account in Settings → Account.
- Restriction (Art. 18) and portability (Art. 20).
- Object (Art. 21) - including processing based on legitimate interest (analytics, recommendations).
- Not be subject to automated decisions with legal effect (Art. 22).
- Withdraw consent (Art. 7) and lodge a complaint with a supervisory authority, including the Italian Garante.
To exercise any right, contact [email protected]. We respond within one month (Art. 12 GDPR).
12. Account deletion
Delete your account anytime from Account → Delete account.
This removes your profile, closets, garments, photos, and outfits from
our backend, signs you out of Firebase, deletes your credential, and
clears local storage. Deletion is immediate and irreversible;
backup snapshots are overwritten within 30 days. Analytics association
is removed on request to [email protected].
13. Security
- TLS (HTTPS) for all App–backend communication.
- Auth tokens stored in the device secure enclave (Keychain / EncryptedSharedPreferences).
- Server-side encryption at rest for photos and database records.
- Access controls and audit logging on backend infrastructure.
- Bearer-token authentication on every request, with automatic refresh.
No system is 100% secure. If a personal data breach affecting your rights occurs, we will notify the competent supervisory authority within 72 hours and, where required, inform you without undue delay (Art. 33–34 GDPR).
14. Children
The Service is not intended for users under 16 (or a
higher age where required locally). We do not knowingly collect data
from children below that age. If you believe a child has provided us
data, contact [email protected] and we will delete it
and the associated account promptly.
15. Cookies and similar technologies
The App is a native mobile application and does not use browser cookies. It uses local on-device storage (Keychain, AsyncStorage) for the strictly necessary purposes in Section 9.1. External merchant websites opened from "Buy" links may use their own cookies.
16. Changes to this policy
We may update this policy from time to time. For material changes we update the "Last updated" date and notify you in-app or by email where appropriate. Continued use after the effective date constitutes acceptance of the revised policy.
17. Contact
For any privacy-related question or request: Vestimy - [email protected].
This Privacy Policy is provided in English. Where required by
applicable law, an Italian-language version is available on request at
[email protected].