Privacy Policy

When you create an account, we collect:

• Email address (for email/password sign-up or Apple Sign In)
• Hashed password (we never store plaintext passwords)
• Apple ID token (if you use Sign In with Apple)
• Display name (optional, if provided via Apple Sign In)
• Referral code (if entered during registration)

When you add items to your digital wardrobe, we process:

• Photographs of clothing items (captured via camera or uploaded from your library)
• Item metadata you provide: category, color, brand, season, occasion tags
• AI-generated descriptions and categorizations derived from your photos
• Favorite status and usage frequency

• Generated outfit combinations and your saved looks
• Style preferences, occasion selections, and generation history
• Style reference profiles you create or save

This section describes in full how GENTIQ handles face data, including face photos, facial landmarks, and derived facial attributes. We understand that face data is sensitive, and we have designed our features to minimize collection, storage, and sharing.

(a) Whether face data is retained

GENTIQ does not retain face data on its servers. No face photo, facial landmark, facial geometry, or derived facial attribute is ever uploaded to or stored on GENTIQ’s backend infrastructure. The only on-device face data stored is the user’s own reference photo (if they choose to save one) and locally derived color analysis results — both of which remain on the user’s device and are never transmitted to us.

(b) Reasons for storing face data

The limited face data that is stored locally on the user’s device is stored solely to:

• Enable the virtual try-on feature without requiring the user to re-take a selfie every session;
• Provide personalized color and style recommendations based on the user’s skin tone, hair color, and eye color.

GENTIQ does not use face data for identification, authentication, advertising, profiling, model training, or any purpose other than the features described above.

(c) Length of time face data is stored and why

• On GENTIQ’s servers: Face data is not stored at all — retention period is zero.
• On the user’s device: The user’s reference face photo and derived color analysis values (skin/hair/eye color) are stored in the iOS secure keychain and local app storage only for as long as the user chooses to keep them. The user can delete this data at any time from within the app (Settings → Remove Photo) or by deleting their account or uninstalling the app. We retain on-device face data for this duration because the user’s color season and facial reference photo remain valid for providing consistent style recommendations and virtual try-on across sessions. We do not impose an automatic expiry because the underlying attributes (skin tone, facial features) do not change frequently, and premature deletion would degrade the user experience by requiring re-capture. The user retains full control and can delete at any time. We do not retain this data indefinitely against the user’s wishes: it is permanently erased the moment the user removes it, deletes their account, or uninstalls GENTIQ, and it never leaves the device.
• During transmission for virtual try-on: When the user invokes the virtual try-on feature, the face photo is transmitted to Google Gemini for the duration of a single rendering request (typically a few seconds) and is then discarded. It is not stored by GENTIQ before, during, or after this transmission.

(d) Third parties we share face data with

GENTIQ shares face data with exactly one third party, and only when the user actively invokes the virtual try-on feature:

• Google LLC (Google Gemini API) — the generative image model that renders clothing onto the user’s likeness.

We do not share face data with OpenAI, Supabase, Resend, Apple, analytics vendors, advertisers, data brokers, or any other third party.

(e) Reasons for sharing face data with third parties

The user’s face photo is transmitted to Google Gemini for the sole purpose of rendering a virtual try-on image — that is, generating a synthetic image showing the user wearing a selected garment. Transmission happens only when the user explicitly initiates a virtual try-on request. The photo is not shared for any other purpose, including advertising, analytics, identification, or model training.

(f) Whether third parties store face data — and their practices

Google Gemini: Under our paid Google Gemini API agreement (Google Cloud Vertex AI / Gemini API terms), Google does not retain face photos submitted by GENTIQ beyond the active processing session and does not use them to train Google’s models.

• Does Google store face data? Only transiently, for the duration of the single inference request (typically a few seconds).
• Why does Google process it? Solely to execute the virtual try-on image generation requested by the user.
• For how long, and why that length? Google retains the data only for the duration of the single inference request because that is the minimum period technically necessary to generate the rendered image; no longer retention is required or permitted under our API usage. After the request completes, the input is discarded, and our API agreement prohibits further retention or use of the data for model training.
• Google’s public policies: See Google’s Gemini API data-use policy (ai.google.dev/gemini-api/terms) and Google Cloud privacy commitments (cloud.google.com/terms/data-processing-addendum).

(g) On-device face analysis (no transmission)

Separately from the virtual try-on feature, GENTIQ performs facial landmark detection and skin/hair/eye color analysis entirely on the user’s device using Apple’s Vision framework. No facial geometry, landmark data, color values, or derived attributes from this analysis are transmitted to GENTIQ, Google, or any other third party. This data stays on the device and is deleted when the user removes their photo, deletes their account, or uninstalls the app.

With your explicit permission (iOS location prompt), we access your approximate location solely to retrieve local weather data for weather-appropriate outfit recommendations. We do not track, store, or share your precise location. You can revoke this permission at any time in your device settings.

We (and, where noted, Meta Platforms Inc. via the Facebook SDK) process the following categories of technical and usage data:

• Device model, operating system version, app version, language, timezone
• Approximate network / carrier information (e.g., country, connection type)
• Usage analytics: screens visited, feature engagement, crash reports
• Subscription status and transaction identifiers (via Apple StoreKit)
• Device identifiers: the iOS Identifier for Vendor (IDFV), which is scoped to GENTIQ and resets when you uninstall the app, and — only if you grant App Tracking permission — the Identifier for Advertisers (IDFA).
• Ad-attribution events: app launches, sign-up, trial start, and subscription start, sent to Meta Platforms Inc. so that we can measure the performance of our own advertising campaigns and attribute installs to the ads that generated them.

If you decline the App Tracking Transparency prompt, only the IDFV (not the IDFA) is used, and no cross-app tracking occurs.

• We do not collect biometric identifiers or use facial recognition for identification
• We do not collect contacts, call logs, or browsing history
• We do not collect financial data (payments are handled entirely by Apple)
• We do not build behavioural advertising profiles of our users, and we do not sell personal data to advertisers or data brokers
• Outside the limited ad-measurement events sent to Meta (Section 3.6 and Section 6), we do not track you across other apps or websites

Account creation and authentication

Performance of contract (Art. 6(1)(b))

Necessary to provide the GENTIQ service you signed up for.

Wardrobe storage and outfit generation

Performance of contract (Art. 6(1)(b))

Core functionality of the app you agreed to use.

Virtual try-on rendering

Consent (Art. 6(1)(a))

You actively choose to upload a photo for this feature. You can withdraw consent at any time.

Location-based weather recommendations

Consent (Art. 6(1)(a))

iOS permission prompt. Revocable at any time via device settings.

Anonymous usage analytics

Legitimate interest (Art. 6(1)(f))

Improving app stability and user experience. Minimal data, no profiling.

Ad-campaign measurement via Meta / Facebook SDK (IDFV + event data, before or without ATT consent)

Legitimate interest (Art. 6(1)(f))

Measuring the effectiveness of our own advertising and attributing app installs. No cross-app tracking occurs at this stage. You may object at any time by disabling tracking in iOS Settings → GENTIQ.

Advertising identifier (IDFA) processing by Meta / Facebook SDK

Consent (Art. 6(1)(a))

Only after you grant App Tracking permission via the iOS ATT prompt. Fully revocable at any time in iOS Settings.

Affiliate / partner-link click attribution (pseudonymous clickref + product ID + timestamp)

Legitimate interest (Art. 6(1)(f))

Necessary for commission reconciliation with Awin / Partnerize so that GENTIQ can be compensated for successful referrals. No personal identifiers are transmitted; the ranking of recommended products is independent of commission rates. You may object at any time by not tapping links marked as 'Werbung' / 'Advertisement'.

Subscription management

Performance of contract (Art. 6(1)(b))

Necessary to manage your premium subscription status.

Email communications (transactional)

Performance of contract (Art. 6(1)(b))

OTP verification, password resets, and account security notifications.

Supabase (US)

Authentication, database, file storage

Data: Account data, wardrobe items, photos

EU (eu-west-1)

OpenAI (US)

AI outfit generation, item analysis, and style reference processing

Data: Wardrobe item descriptions, occasion preferences, style reference photos (when you use style reference features)

US

Google Gemini (US)

Face photo analysis for virtual try-on and personalized recommendations

Data: Face/selfie photos (processed transiently for rendering)

US

Apple StoreKit

Subscription payments

Data: Transaction IDs (no financial details shared with us)

US / Global

Resend (US)

Transactional email delivery

Data: Email address, email content

US

Meta Platforms, Inc. (US)

Ad-campaign measurement and install attribution via the Facebook SDK

Data: Anonymised event data (app launch, sign-up, trial start, subscription start), IDFV, IDFA (only with ATT consent), device model, OS version, language, timezone, approximate network info

US

Awin Ltd (UK)

Affiliate-network attribution and commission reconciliation for outbound product links

Data: Pseudonymous click reference (clickref), product ID, timestamp. No name, email, or device identifier is sent. Cookie / IP tracking, if any, is set by the retailer on their own domain via SFSafariViewController, not by GENTIQ.

UK (adequacy decision)

Partnerize (UK)

Affiliate-network attribution and commission reconciliation (where a retailer uses Partnerize)

Data: Pseudonymous click reference, product ID, timestamp. Same scope as Awin.

UK (adequacy decision)

Account data

Retention: Duration of account + 30 days

Trigger: Account deletion request

Wardrobe photos and metadata

Retention: Duration of account

Trigger: Item deletion or account deletion

Generated outfits and saved looks

Retention: Duration of account

Trigger: Manual deletion or account deletion

Face photos (stored on-device only)

Retention: Until user deletes photo, deletes account, or uninstalls app

Trigger: User action or account deletion

Virtual try-on (Gemini processing)

Retention: Not stored on our servers; not retained by Google beyond active session (seconds)

Trigger: Immediately after rendering

On-device color analysis (skin/hair/eye)

Retention: Stored locally in iOS secure keychain until removed by user

Trigger: User deletes photo or account

Usage analytics

Retention: 12 months (rolling)

Trigger: Automatic expiration

Meta / Facebook SDK ad-measurement events

Retention: Governed by Meta’s Data Policy; per Meta’s published policy, typically up to ~2 years. We do not control Meta’s retention schedule.

Trigger: Meta's own retention policy, or revocation of ATT consent via iOS Settings

Affiliate click logs (clickref, product ID, timestamp)

Retention: 24 months

Trigger: Automatic deletion after the commission reconciliation and accounting window closes

Subscription records

Retention: As required by tax/accounting law (up to 7 years)

Trigger: Legal obligation

Under the GDPR, you have the following rights:

• Right of access (Art. 15): Request a copy of all personal data we hold about you.
• Right to rectification (Art. 16): Correct inaccurate or incomplete data.
• Right to erasure (Art. 17): Request deletion of your personal data (“right to be forgotten”).
• Right to restrict processing (Art. 18): Limit how we use your data in certain circumstances.
• Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
• Right to object (Art. 21): Object to processing based on legitimate interest.
• Right to withdraw consent (Art. 7(3)): Withdraw consent at any time where processing is based on consent.
• Right to lodge a complaint: File a complaint with your local data protection authority (e.g., the Austrian Data Protection Authority, Österreichische Datenschutzbehörde).

If you are a California resident, you have additional rights:

• Right to know: What personal information we collect, use, and disclose.
• Right to delete: Request deletion of your personal information.
• Right to opt-out of sale: We do not sell your personal information. We have never sold personal information.
• Right to non-discrimination: We will not discriminate against you for exercising your rights.
• Right to correct: Request correction of inaccurate personal information.

To exercise any of these rights, contact us at privacy@gentiqclo.com. You may also delete your account directly in the app via You → Settings → Delete Account.

We will respond to all requests within 30 days (or 45 days for CCPA requests, with notice if an extension is needed). We may ask you to verify your identity before processing your request.

You can stop GENTIQ from sharing the IDFA with Meta at any time by disabling tracking for GENTIQ in iOS Settings → GENTIQ → Privacy → Allow Tracking, or by turning off Settings → Privacy & Security → Tracking → Allow Apps to Request to Track system-wide. After opt-out, GENTIQ will continue to send only minimal, non-IDFA ad-attribution events to Meta under the legitimate-interest basis described in Section 4; to object to that processing as well, contact us at privacy@gentiqclo.com and we will disable the Facebook SDK for your account.

• GENTIQ opens the retailer’s product page inside SFSafariViewController (an in-app Safari window). The session runs in Safari’s own sandboxed cookie jar, separate from the retailer’s main browser session on your device.
• The URL we open contains a pseudonymous click reference (“clickref”) identifying GENTIQ as the referrer. No personal identifier about you — no name, email, Apple ID, IDFA, or IDFV — is embedded in that URL.
• Any cookies, IP logging, or on-site tracking that takes place on the retailer’s page is performed by the retailer and/or the affiliate network on their domain, inside the SFSafariViewController — not by GENTIQ. The retailer’s own privacy policy governs that processing.
• GENTIQ stores a minimal click-log entry on its own servers: the clickref, the product ID, and a timestamp. This is used to reconcile commissions with the affiliate network. It is not linked to personal identifiers and is retained for 24 months (see Section 8).

• Awin Ltd (United Kingdom) — primary affiliate network for most retailers.
• Partnerize (United Kingdom) — used where a retailer runs its program on Partnerize.
• Additional networks may be added over time; any such addition will be reflected in the provider list in Section 6 and in this section.

The United Kingdom benefits from a European Commission adequacy decision; transfers to Awin / Partnerize are therefore treated as transfers within the EEA.

We process click-attribution data on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in receiving accurate commission payments for referrals we generate. The processing is limited to the pseudonymous clickref, product ID, and timestamp — no behavioural profile is built, and no personal identifier is shared with the affiliate network.

In line with the EU Digital Services Act and Austrian / German unfair-competition law, every link for which GENTIQ could receive a commission is clearly labelled as advertising (“Werbung” / “Advertisement” / “Sponsored”) at the point of tap. The commercial relationship between GENTIQ and the respective retailer or network is disclosed in this Privacy Policy and in our Terms of Service.

You can avoid affiliate tracking entirely by not tapping links marked as advertising. A separate in-app opt-out toggle is not required, because GENTIQ itself does not set personal tracking cookies and does not transmit identifiers to the affiliate network — the entire third-party tracking flow only starts once you have voluntarily opened the retailer’s page.

If you wish to delete the minimal click-log entries GENTIQ stores on its own servers, contact us at privacy@gentiqclo.com and we will erase the records associated with your account, subject to any legal obligation to retain accounting-relevant data.