StylistAI

Privacy Policy

Privacy Policy for StylistAI

Last Updated: November 16, 2025
Effective Date: November 16, 2025

1. Introduction

Welcome to StylistAI. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web service (collectively, the “Service”).

By using StylistAI, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

Account Information

  • Email address (required for account creation and authentication)
  • User ID (automatically generated upon registration)
  • Password (encrypted and securely stored)

Photos & Content

  • Photos you upload for outfit generation
  • Preferences you specify (budget, season, style preferences)
  • Outfit history and saved outfits

2.2 Automatically Collected Information

Usage Data

  • Number of outfits generated
  • Features accessed within the app
  • Session duration and frequency
  • Subscription tier and status

Device Information

  • Device type and model (iOS, Android, or web browser)
  • Operating system version
  • App version
  • Device identifiers (for analytics and troubleshooting)
  • IP address (temporarily for security purposes)

Transaction Data

  • Purchase history (subscription plans purchased)
  • Receipt validation data (encrypted)
  • Payment provider information (processed by Apple or Google; we do not store credit card details)

2.3 Information from Third Parties

In-App Purchase Providers

  • We receive verification data from Apple App Store and Google Play Store to validate your subscription purchases
  • This data includes purchase receipts and subscription status but NOT your payment card details

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Core Service Delivery

  • Outfit Generation: Process your photos to generate AI-powered outfit recommendations
  • Account Management: Create and maintain your account, authenticate logins
  • Subscription Management: Track your subscription status, usage limits, and renewal dates
  • Content Delivery: Provide personalized outfit recommendations based on your preferences

3.2 Service Improvement

  • Analyze usage patterns to improve AI accuracy and user experience
  • Debug technical issues and optimize app performance
  • Develop new features based on user behavior insights

3.3 Communication

  • Send important service updates and security notifications
  • Respond to your support requests and inquiries
  • Provide subscription renewal reminders (if opted in)

3.4 Legal & Security

  • Prevent fraud, abuse, and unauthorized access
  • Comply with legal obligations and enforce our Terms of Service
  • Protect the rights and safety of our users and the public

4. How We Share Your Information

We do NOT sell, rent, or trade your personal information to third parties. We only share your data in the following limited circumstances:

4.1 Service Providers

AI Processing Partners

  • We use Perplexity AI to generate outfit recommendations
  • Only anonymized or pseudonymized data is shared when possible
  • Photos are processed securely and temporarily; they are not stored by third-party AI providers

Cloud Infrastructure (Supabase)

  • We use Supabase for secure data storage, authentication, and backend services
  • All data is encrypted in transit (TLS 1.3) and at rest
  • Servers are located in secure, SOC 2 certified data centers

Payment Processors

  • Apple App Store and Google Play Store process all in-app purchases
  • We do not have access to your payment card details
  • We only receive confirmation of successful transactions

4.2 Affiliate Partners

Amazon Associates Program

  • When you click on product links in generated outfits, we may earn a small commission from Amazon
  • We add an affiliate tag to Amazon URLs (tag=stylistaillc-20)
  • Amazon may collect browsing data per their own privacy policy; we have no control over this
  • We do NOT share your personal information with Amazon

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Valid legal processes (court orders, subpoenas, warrants)
  • Requests from government authorities or law enforcement
  • Emergency situations involving threats to safety or security

4.4 Business Transfers

If StylistAI is involved in a merger, acquisition, or asset sale, your information may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

5. Data Retention

5.1 Active Accounts

  • We retain your account data, photos, and outfit history for as long as your account remains active
  • Uploaded photos are stored securely until you delete them or close your account

5.2 Inactive Accounts

  • Accounts inactive for 24 months may be anonymized or deleted
  • We will send email notifications before taking action on inactive accounts

5.3 Legal & Compliance

  • Transaction records are retained for 7 years to comply with tax and financial regulations
  • Audit logs for security incidents are retained for 2 years

6. Your Privacy Rights

Depending on your location, you may have the following rights:

6.1 Access & Portability (GDPR Article 15, CCPA §1798.100)

  • Request a copy of all personal data we hold about you
  • Receive your data in a machine-readable format (JSON)

How to Exercise: Email support@stylistaillc.com with subject “Data Access Request”

6.2 Correction (GDPR Article 16, CCPA §1798.106)

  • Update or correct inaccurate personal information
  • Edit your account details directly in the app settings

6.3 Deletion (GDPR Article 17, CCPA §1798.105)

  • Request permanent deletion of your account and all associated data
  • This includes photos, outfit history, and usage records
  • Note: Some data may be retained for legal compliance (e.g., transaction records)

How to Exercise: Email support@stylistaillc.com with subject “Data Deletion Request” or use the in-app data deletion feature

Deletion Timeline: We will complete your request within 30 days and send confirmation

6.4 Opt-Out of Marketing (CCPA §1798.120)

  • Unsubscribe from promotional emails (all service-related communications will continue)

6.5 Do Not Sell (CCPA)

  • We do NOT sell your personal information to third parties
  • We do NOT share data for cross-context behavioral advertising

6.6 Authorized Agent

  • You may designate an authorized agent to make privacy requests on your behalf
  • We require written proof of authorization

7. Data Security

We implement industry-standard security measures to protect your information:

7.1 Technical Safeguards

  • Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256
  • Authentication: Secure password hashing (bcrypt) and JWT token-based sessions
  • Access Controls: Role-based access control (RBAC) with principle of least privilege
  • Rate Limiting: Protection against brute-force attacks and API abuse
  • PII Redaction: Automatic removal of sensitive data from error logs

7.2 Organizational Safeguards

  • Regular security audits and vulnerability assessments
  • Employee training on data protection best practices
  • Incident response plan for data breaches
  • Third-party security certifications (SOC 2 via Supabase)

7.3 Breach Notification

  • In the event of a data breach affecting your personal information, we will notify you within 72 hours via email
  • We will also report breaches to relevant authorities as required by law

Note: No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Children’s Privacy

StylistAI is NOT intended for users under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at support@stylistaillc.com. We will delete such information within 72 hours.

9. International Data Transfers

9.1 Data Processing Locations

  • Our servers are primarily located in the United States
  • Data may be processed in countries where our service providers operate

9.2 EU Users (GDPR Compliance)

  • We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers
  • Supabase is GDPR-compliant and provides appropriate safeguards

9.3 California Residents (CCPA)

  • You have specific rights under the California Consumer Privacy Act (see Section 6)
  • We comply with the CCPA’s requirements for businesses collecting California residents’ data

10. Cookies & Tracking Technologies

10.1 Essential Cookies

  • Authentication Cookies: Keep you logged in to your account
  • Session Management: Store temporary data during your session

10.2 Analytics

  • We use anonymized analytics to understand app usage patterns
  • You cannot opt out of essential cookies, but you can clear them by logging out

10.3 Third-Party Cookies

  • Amazon may place cookies when you click affiliate links (governed by Amazon’s privacy policy)
  • We do not use advertising or tracking cookies

11. Third-Party Links

Our Service may contain links to third-party websites and services (e.g., Amazon, retailer websites). We are NOT responsible for the privacy practices of these external sites. We encourage you to read their privacy policies before providing any personal information.

12. California Shine the Light Law

California residents may request information about our disclosure of personal information to third parties for direct marketing purposes. As stated in Section 4, we do NOT share your personal information with third parties for their direct marketing purposes.

13. Nevada Residents

Nevada residents have the right to opt out of the sale of their personal information. We do NOT sell personal information as defined under Nevada law. If you still wish to submit an opt-out request, email support@stylistaillc.com.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Posting a prominent notice in the app
  • Sending an email to your registered email address
  • Updating the “Last Updated” date at the top of this policy

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@stylistaillc.com
Subject Line: “Privacy Policy Inquiry”
Response Time: Within 48 business hours

For data or account deletion requests, use subject line “Data Deletion Request”
For data access requests, use subject line “Data Access Request”

Mailing Address:
StylistAI LLC
58 Rose Street
Smithtown, New York 11787
United States

16. Legal Basis for Processing (GDPR)

For EU users, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide the Service you requested
  • Legitimate Interest: Improving our Service, fraud prevention, security
  • Consent: Marketing communications (where applicable)
  • Legal Obligation: Compliance with laws, regulations, and legal processes

You may withdraw consent at any time by contacting us.

Appendix: Data Processing Summary

Data TypePurposeLegal BasisRetention
Email AddressAuthentication, supportContractActive account + 30 days
Uploaded PhotosOutfit generationContractUntil user deletes or account closes
Usage DataService improvement, analyticsLegitimate interest24 months
Purchase HistoryTransaction records, tax complianceLegal obligation7 years
Device InfoTroubleshooting, securityLegitimate interest12 months
IP AddressSecurity, fraud preventionLegitimate interest90 days

By using StylistAI, you acknowledge that you have read and understood this Privacy Policy.