Privacy Policy

Welcome to Only2U Fashion Private Limited ("Only2U", "we", "our", or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, phone number, password
• Profile Information: Profile photo, body measurements, skin tone, size preferences
• Address Information: Shipping addresses for order delivery
• Payment Information: Payment details processed through Razorpay (we do not store credit card numbers)
• User-Generated Content: Reviews, ratings, comments, photos, and videos you upload
• Communication: Messages, customer support inquiries

1.2 Information Automatically Collected

• Device Information: Device type, operating system, unique device identifiers
• Usage Data: App features used, products viewed, search queries, interaction patterns
• Location Data: With your permission, for delivery and vendor suggestions
• Log Data: IP address, access times, pages viewed, app crashes

1.3 Information from Third Parties

• AI Services: Akool API for face swap and virtual try-on features
• Payment Processors: Razorpay for payment processing
• Analytics: Usage analytics and app performance data

2. How We Use Your Information

We use the collected information for the following purposes:

• Provide Services: Create and manage your account, process orders, deliver products
• Personalization: Virtual try-on, personalized product recommendations, size suggestions
• AI Features: Face swap, skin tone matching, body measurements analysis
• Communication: Order updates, promotional offers, customer support
• Improvement: Analyze usage patterns, improve app functionality, fix bugs
• Security: Detect and prevent fraud, protect against unauthorized access
• Legal Compliance: Comply with legal obligations and enforce our terms
• Rewards: Manage coin balance, referral rewards, and loyalty programs

3. How We Share Your Information

3.1 With Your Consent

We share information when you explicitly consent, such as when sharing products on social media.

3.2 Service Providers

• Akool API: For AI-powered face swap and virtual try-on features
• PIAPI Virtual Try-On: For virtual garment try-on services
• Razorpay: For secure payment processing
• Cloudinary: For media storage and optimization
• Supabase: For database and authentication services
• Google Places: For address autocomplete

3.3 Vendors and Resellers

Product vendors and resellers may receive information necessary to fulfill orders, including your name, shipping address, and order details.

3.4 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

3.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4. AI and Face Recognition Features

Our app uses AI-powered features including face swap and virtual try-on. When you use these features:

• Your profile photo is processed by Akool API for face detection and swapping
• Face data is used only for the specific feature you requested
• We do not store biometric templates or facial recognition data
• Processed images/videos are stored in your collections only if you save them
• You can delete AI-generated content at any time
• Face swap requires user consent and coin balance deduction

5. Data Storage and Security

5.1 Data Storage

• User data is stored securely in Supabase (PostgreSQL database)
• Media files (images/videos) are stored in Cloudinary
• Data is encrypted in transit using SSL/TLS
• Data at rest is encrypted using industry-standard encryption

5.2 Security Measures

• Secure authentication using Supabase Auth
• Row-level security (RLS) policies on database
• API key encryption and secure storage
• Regular security audits and updates
• HTTPS-only connections

6. Your Privacy Rights

6.1 Access and Control

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Opt-Out: Unsubscribe from promotional communications
• Data Portability: Request your data in a portable format
• Restriction: Request restriction of certain data processing

6.2 Account Deletion

You can request account deletion at any time through the app settings or by visiting our Account Deletion Page. Upon deletion:

• Your account will be permanently deactivated
• Personal information will be deleted within 30 days
• Order history may be retained for legal/accounting purposes (anonymized)
• Public content (reviews) may be anonymized rather than deleted

7. Cookies and Tracking

Our app uses local storage and analytics to improve user experience. We may use:

• Session Data: To keep you logged in
• Preferences: To remember your settings
• Analytics: To understand app usage and improve features
• Performance: To optimize app speed and reliability

8. Children's Privacy

Our app is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately, and we will delete such information.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

10. Data Retention

We retain your information for as long as necessary to:

• Provide our services and fulfill transactions
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Improve our services and user experience

Account data is retained until you request deletion. Transaction records may be kept for up to 7 years for tax and accounting purposes.

11. Third-Party Links

Our app may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

12. Your Consent

By using our app, you consent to:

• Collection and use of information as described in this policy
• Processing of your data for AI features (when you use them)
• Communication for service-related and promotional purposes
• Use of cookies and similar technologies

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to say no to the sale of personal information
• Right to access your personal information
• Right to equal service and price

14. GDPR Rights (European Users)

If you are in the European Economic Area (EEA), you have rights under GDPR including:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy in the app
• Updating the "Last Updated" date
• Sending you an email notification for significant changes
• In-app notification

Your continued use of the app after changes constitutes acceptance of the updated policy.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

17. Specific Feature Privacy Details

17.1 Virtual Try-On & Face Swap

• Requires explicit user consent before use
• Profile photo is sent to Akool API for processing
• No biometric data is permanently stored
• Generated images/videos are stored only if you save them
• You can delete generated content at any time

17.2 Location Services

• Used only for delivery address suggestions
• Requires explicit permission
• Can be disabled in device settings
• Not tracked in background

17.3 Camera and Photo Library

• Used for profile photos and virtual try-on
• Requires explicit permission
• Photos are not accessed without your action
• Stored securely in Cloudinary

17.4 Notifications

• Order updates and promotional messages
• Can be disabled in app settings
• Push notification tokens stored securely

18. Data We Do NOT Collect

• Credit card numbers (handled by Razorpay)
• Biometric templates (face swap is temporary processing)
• Contacts or phone book data
• Background location tracking
• Microphone recordings (except during active use)
• Social media passwords

19. Your Choices

19.1 Account Settings

You can manage your privacy settings in the app:

• Update profile information
• Manage notification preferences
• Control location access
• Delete saved addresses
• Block users or vendors

19.2 Marketing Communications

You can opt-out of promotional emails and notifications at any time through app settings or by clicking "unsubscribe" in our emails.

20. Legal Basis for Processing (GDPR)

We process your data based on:

• Contract: To fulfill our services and your orders
• Consent: For AI features, marketing, and optional services
• Legitimate Interest: For analytics, fraud prevention, and service improvement
• Legal Obligation: To comply with applicable laws

21. Disclaimer

While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.