Fit It On - App Privacy Policy

Introduction

Our commitment to privacy and data protection is demonstrated in this Privacy Statement. This document outlines how we handle personal information, which includes any information that identifies you, such as your name and email address. Any other information is considered non-personal unless it’s combined with personal information.

Data We Collect

Merchant Data:

• Store domain and identifier
• Plan and billing information (via Shopify Billing API)
• API usage metrics and request logs
• App configuration settings

Customer Data:

• Customer ID (store customer identifier)
• Email address (for try-on gallery access)
• First and last name (for personalization)
• Photos uploaded for virtual try-on
• Try-on activity (product tried, timestamps)
• Add-to-cart events (when adding items from try-on results)
• Purchase tracking (products purchased after try-on, for conversion analytics)
• Download activity (when saving try-on results)

What We Don't Collect:

• Payment or credit card information
• Customer addresses or phone numbers
• Order history (we only track if a tried-on product was purchased for conversion analytics)
• Any data beyond what's needed for try-on functionality and analytics

How We Use Data

• Virtual Try-On: Processing photos to generate try-on results with your products
• Customer Gallery: Allowing customers to save and manage their try-on history
• Merchant Analytics: Providing usage statistics and performance metrics in your dashboard
• Conversion Tracking: Tracking the customer journey from try-on to purchase for merchant analytics
• Service Operation: Troubleshooting, security monitoring, and abuse prevention

We DO NOT: Sell customer data to third parties, use customer data for advertising, use photos for AI model training, or share data with anyone except as needed to provide the service.

Data Sharing

We share data only with service providers essential to operating the app:

• Cloud Hosting: Encrypted storage and processing infrastructure
• AI Processing: Virtual try-on image generation (photos are processed and not retained by AI providers)

All providers are contractually bound to protect data and prohibited from using it for other purposes.

Data Security

We implement the following security measures:

• TLS/SSL encryption for all data in transit
• AES-256 encryption for data at rest
• Role-based access controls with least-privilege principles
• Regular security audits and monitoring
• Separate production and development environments
• Incident response plan with merchant notification procedures

Data Retention and Deletion

While App is Installed: Data is retained as needed to provide the service. Customers can delete their photos anytime from their try-on gallery.

After Uninstall: Future data collection stops immediately. All store and customer data is deleted within 180 days. Merchants can request immediate deletion by contacting us.

Shopify Webhooks: We honor all Shopify data protection webhooks including:

• customers/redact - Customer data deletion
• shop/redact - Full store data deletion
• customers/data_request - Customer data export

Merchant Responsibilities

As a merchant using the Fit It On app, you are responsible for:

• Obtaining necessary consents from customers before they use the try-on feature
• Including appropriate disclosures in your store's privacy policy
• Not sending sensitive personal data (health, financial, etc.) in custom metadata fields

Your Rights

Both merchants and customers have the right to access, correct, delete, and object to processing of their personal data, as well as data portability.

These rights apply under GDPR (EU/UK), CCPA (California), and other applicable privacy laws.