Privacy Policy

Last updated: May 5, 2026 · Version 1.0

Português English

This Policy explains how Roupy collects, uses, shares, and protects your personal data when you use our app. It's written to be clear — without unnecessary legalese. If you have questions, reach us at roupyapp@gmail.com.

1. Who we are

Roupy is an AI-powered virtual clothing try-on app. You upload a reference photo of yourself once and the app generates looks of you wearing any garment you want to try.

For the purposes of this Policy, we are the data controller. Contact: roupyapp@gmail.com.

2. Data we collect

2.1 Account data

  • Email and name you provide when creating your account.
  • Password — stored as a hash, never in plaintext (managed by Supabase Auth).

2.2 Reference photo

  • The full-body photo you upload so the app knows how to generate looks of you.
  • Stored encrypted in private storage, accessible only to your account.
  • You can replace or delete it at any time directly in the app.

2.3 Garment photos and generated looks

  • Every clothing photo you upload to try on.
  • The looks generated by the AI, linked to your account.
  • These files are kept in private storage, accessible only via short-lived signed URLs.

2.4 Usage and analytics data

  • App events: screens visited, actions taken, generation failures — collected via PostHog.
  • Technical identifiers (anonymous installation ID, device model, OS version).
  • We don't use cross-app tracking cookies and don't collect your Apple IDFA.

2.5 Crash reports

  • When the app crashes, we send a technical report via Sentry: stack trace, app version, device model. No photos, no text you typed.

2.6 Subscription and payment data

  • Payments are processed by Apple (App Store) and managed by RevenueCat.
  • We do not store credit card numbers or financial data — we only receive subscription status (active, cancelled, expired) and the transaction ID.

3. How we use your data

  • Operate the service: generate looks, maintain your account, sync across devices.
  • Billing: validate subscription status, apply plan limits, track top-up credits.
  • Support: answer questions and resolve issues.
  • Improvements: understand which features work, fix bugs, optimize performance — using aggregated/anonymous data whenever possible.
  • Legal compliance: respond to court orders or regulatory obligations.

We never sell your data. We never use your photos to train AI models — neither ours nor our vendors'.

We process data under one or more of these bases (per Brazilian LGPD art. 7 and EU GDPR art. 6):

  • Contract performance: to create your account, generate looks, process payment.
  • Consent: to upload your reference photo, access camera and gallery.
  • Legitimate interest: for aggregated analytics and crash reports — always balanced against your right to privacy.
  • Legal obligation: to comply with authorities when required.

5. Sharing with third parties

We share data strictly with processors that help us deliver the service, under contract and protection clauses:

ProcessorFunctionData accessed
Supabase Database, authentication, image storage Account, photos, looks, history
Google (Gemini API) Image processing to generate looks Reference photo + garment photo (under no-training policy for paid API)
RevenueCat Subscription and receipt management User ID, transaction ID, subscription status
Apple App store and billing Payment and receipt data (we have no card access)
PostHog Product analytics Anonymous usage events
Sentry Crash monitoring Stack traces and technical metadata

6. International transfers

Some of our processors (Supabase, Google, RevenueCat, PostHog, Sentry) are based in the United States or the European Union. Your data may be processed in those countries. We rely on contractual safeguards (standard contractual clauses) to ensure protection equivalent to that under LGPD/GDPR.

7. Retention and deletion

  • We keep your data while your account is active.
  • When you delete your account, personal data is removed within 30 days, except:
    • Transaction records (kept up to 5 years to comply with tax and accounting obligations).
    • Anonymized data used for statistical analysis.
    • Data we must keep due to a court order or legal obligation.
  • You can request earlier deletion at any time — see "Your rights" below.

8. Your rights

Under LGPD, GDPR, and equivalent laws, you have the right to:

  • Confirm whether we process your data;
  • Access the data we hold about you;
  • Correct incomplete, inaccurate, or outdated data;
  • Anonymize, block, or delete unnecessary or non-compliant data;
  • Port your data to another provider;
  • Erase data processed under your consent;
  • Receive information about who we share with;
  • Withdraw consent at any time;
  • Object to processing based on legitimate interest.

To exercise any right, email roupyapp@gmail.com. We respond within 15 days.

9. Security

  • Encryption in transit (TLS 1.2+) on all connections.
  • Encryption at rest at storage providers.
  • Image storage is private by default; viewing via short-lived signed URLs.
  • Access control via row-level security in the database — you only see your own data.
  • Passwords hashed with strong algorithms; never stored in plaintext.

No system is 100% immune. If an incident materially affects your data, we'll notify you and the relevant authority as required by law.

10. Children

Roupy is not directed to children under 13. We don't knowingly collect data from children. If you're a parent/guardian and identified that a child created an account, contact us at roupyapp@gmail.com and we'll delete the account.

11. Changes to this policy

We may update this Policy from time to time. Material changes (affecting rights or processing of sensitive data) are communicated at least 30 days in advance via email and inside the app. The last update date appears at the top of this page.

12. Contact