Privacy Policy
Last updated: 12 March 2026
1. Who We Are
Dress Score (“we”, “us”, or “our”) is owned and operated by Dzmitry Bukuyazau (Poland).
Contact: [email protected].
2. Information We Collect
Depending on how you interact with the iOS application (“App”), we collect:
- User-provided Images — photos you upload for outfit analysis.
- Account Information — email address and/or Apple ID when you optionally create an account.
- Profile Data — style preferences and physical attributes you provide to personalise analysis (stored locally on your device and, when signed in, on our servers).
- Session Replay Data — wire-frame screen renderings and touch/gesture events captured by PostHog Session Replay (password and payment fields are auto-masked on-device).
- Usage Analytics Events — screen views, button taps, device model, OS version, locale, IP-derived coarse location.
- Transaction Receipts — subscription status for in-app purchases (Apple) and web purchases (Stripe).
3. How We Use Your Information
- Analyse outfits via OpenAI’s API and return personalised feedback.
- Authenticate your account and maintain your session.
- Manage subscriptions and link purchases across platforms (Apple in-app & Stripe web checkout).
- Operate, maintain and improve the App’s performance, UX and security.
- Debug issues (including via Session Replay) and protect against fraud.
- Comply with legal obligations and enforce our Terms of Service.
4. Third-Party Processors
We share data only with the processors below under GDPR-compliant agreements:
| Processor | Data Categories | Purpose | Region |
|---|
| PostHog Inc. | Usage analytics events & session replay data | Product analytics, behaviour insights & debugging | EU (Frankfurt) / US |
| OpenAI LLC | User-provided images | Generate outfit analysis | US |
| Cloudflare Inc. | All API traffic, stored analysis results, account data | Primary application hosting (Workers, D1, R2) | Global edge / US |
| Stripe Inc. | Email address, payment details | Web subscription billing | US |
| Apple Inc. | Transaction receipts, subscription status | In-app purchase billing | US |
| Resend Inc. | Email address | Transactional emails (magic link sign-in) | US |
5. International Data Transfers
When personal data leaves the EEA, transfers rely on the EU-US Data Privacy Framework or Standard Contractual Clauses. PostHog participates in the Framework and offers EU hosting.
6. Data Retention
- Uploaded images — deleted from our servers immediately after analysis is returned.
- Account data (email, profile) — retained until you delete your account. On deletion, your email and Apple ID are permanently erased from our systems within seconds; anonymised account records (for subscription/legal compliance) are purged after 90 days.
- Session Replay events — 12 months.
- Raw analytics events — 12 months (aggregated statistics retained indefinitely).
- Subscription records — retained for up to 7 years to satisfy financial and legal obligations, regardless of account deletion.
7. Account Deletion
You may permanently delete your account at any time from within the App: Settings → Account → Delete Account. Upon deletion:
- Your email address and Apple ID are immediately erased from our servers.
- Any active Stripe subscription is cancelled immediately.
- Apple in-app subscriptions must be cancelled separately via iOS Settings → Apple ID → Subscriptions; Apple manages their own billing independently.
- Anonymised records (no PII) may be retained for up to 90 days for technical integrity, then permanently deleted.
Account deletion is irreversible. You cannot recover analysis history or profile data after deletion.
8. Your Rights
You can access, correct, erase, or port your data, object to processing, or lodge a complaint with a supervisory authority. Use the in-app deletion feature (Section 7) or email [email protected].
9. Security Measures
TLS 1.3 in transit, AES-256 at rest, role-based access control, JWT authentication with 7-day expiry.
10. Children’s Privacy
The App is not directed to children under 13 and we do not knowingly collect data from them.
11. Changes to This Policy
Material changes will be announced in-App and via email at least 14 days before taking effect.
12. Contact Us
Email: [email protected]