FACESHIONBack to Demo

Privacy Policy

Last updated: May 23, 2026

1. Who We Are

Faceshion (“we”, “us”) operates an AI virtual try-on platform. This Privacy Policy explains what personal data we collect, how we use it, and the rights you have under data-protection laws including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Contact: privacy@faceshion.app

2. Data We Collect

From shoppers (end users of merchant sites):

  • Photos or selfies you upload to perform a try-on (processed transiently, see §4).
  • Body-measurement inputs you optionally provide.
  • Technical data: IP address, browser, device type, language, referrer, timestamps.
  • Anonymous interaction events (e.g., page views, button clicks) used to improve the product.

From merchants:

  • Account info: name, business name, billing email, website URL.
  • Payment info processed by our payment partners (we do not store card numbers).
  • Product catalogue data and brand assets you upload.
  • Usage data such as try-on counts, embed activity, and support correspondence.

3. How We Use Data

  • To run the AI try-on and return results to the shopper.
  • To provide, maintain, and improve the merchant dashboard and analytics.
  • To bill and manage subscriptions.
  • To prevent fraud, abuse, and security incidents.
  • To send essential service emails. Marketing emails only with your consent.
  • To comply with legal obligations.

4. AI Try-On Image Handling

Shopper photos uploaded for a try-on are transmitted over TLS to our AI processing partners and used solely to generate the virtual try-on output. Photos are not used to train AI models. Source photos are deleted from active storage within 24 hours unless the shopper explicitly chooses to save the result to their personal gallery on Faceshion.

5. Legal Bases (GDPR)

  • Contract: processing necessary to deliver the Service you requested.
  • Consent: for image uploads and optional features such as marketing emails.
  • Legitimate interest: for security, fraud prevention, and product analytics.
  • Legal obligation: for tax, accounting, and regulatory requirements.

6. Sub-processors

We engage trusted third parties under data-processing agreements:

  • Cloud hosting and database (Supabase / Cloudflare).
  • AI inference providers (Google, OpenAI) for image generation.
  • Payment processing & Merchant of Record: Lemon Squeezy (Lemon Squeezy, LLC) handles checkout, billing, invoicing, and tax remittance. See their Privacy Policy. Stripe may be used as an additional processor for select regions.
  • Email delivery and customer support tooling.

7. International Transfers

Personal data may be processed outside your country of residence, including in the United States and the European Union. We rely on Standard Contractual Clauses or equivalent safeguards approved by the European Commission.

8. Data Retention

  • Source try-on photos: up to 24 hours after processing.
  • Saved try-on results: until you delete them or close your account.
  • Merchant account data: for the lifetime of the account plus 7 years for billing/tax records.
  • Server logs: up to 90 days.

9. Your Rights

Subject to your local laws, you have the right to:

  • Access the personal data we hold about you.
  • Request correction or deletion.
  • Object to or restrict certain processing.
  • Receive a portable copy of your data.
  • Withdraw consent at any time (without affecting prior processing).
  • Lodge a complaint with your local supervisory authority.

To exercise these rights, email privacy@faceshion.app. We respond within 30 days.

10. CCPA Notice (California Residents)

We do not sell personal information. California residents may request disclosure of the categories of data collected and request deletion. We will not discriminate against you for exercising these rights.

11. Cookies & Tracking

We use strictly necessary cookies for authentication and a small set of first-party analytics events to understand how visitors use the demo page. We do not use third-party advertising trackers. You can clear cookies at any time from your browser.

12. Security

We use TLS encryption in transit, encrypted storage at rest, role-based access control, and regular security reviews. No system is 100% secure; please report vulnerabilities to security@faceshion.app.

13. Children

The Service is not intended for children under 13 (or under 16 in the EU/UK). We do not knowingly collect data from children.

14. Updates

We may update this Privacy Policy. The “Last updated” date above reflects the most recent revision. Material changes will be highlighted in the merchant dashboard.

Terms of ServiceDemoHome