Privacy Policy for Virtual Try-On Extension

Overview

This Privacy Policy describes how the Virtual Try-On Extension ("Extension," "we," "our," or "us") collects, uses, and protects your information when you use our Chrome extension for AI-powered virtual try-on functionality. We are committed to protecting your privacy and handling your personal information responsibly and transparently.

Information We Collect

1. Personal Information Through Authentication

When you use Google OAuth to authenticate with our Extension, we collect:

• Name: Your display name from your Google account
• Email Address: Your Google account email address
• Profile Picture: Your Google profile photo (if available)
• Google User ID: Unique identifier for your Google account

Purpose: This information is used for:

• User authentication and account management
• Personalizing your Extension experience
• Associating your uploaded photos and generated images with your account
• Providing customer support when requested

2. Content Data from E-commerce Websites

Our Extension accesses the following information from e-commerce websites you visit while using the Extension:

• Product Images: Clothing item photos from supported shopping sites
• Product Information: Names, descriptions, and prices of clothing items
• Product URLs: Links to product pages
• Website Data: Limited webpage content necessary for product detection

Purpose: This information is used to:

• Enable virtual try-on functionality
• Detect and extract product information automatically
• Generate AI-powered virtual try-on images
• Provide product context for your virtual try-on experience

Legal Basis: This data collection is based on your consent when you actively use the Extension's features on these websites.

3. User-Generated Content

You may choose to upload or provide:

• Personal Photos: Photos of yourself for virtual try-on purposes (no upload limit)
• Generated Images: AI-created virtual try-on results

Purpose: This content is used to:

• Create personalized virtual try-on experiences
• Generate AI-powered try-on images using third-party services
• Store your results locally on your device

How We Use Your Information

Primary Uses

1. Virtual Try-On Generation: We process your photos with product images through third-party AI services to create virtual try-on results
2. Account Management: We maintain your user account and authentication status
3. Extension Functionality: We enable core features including product detection, image processing, and result storage
4. Customer Support: We use your information to provide technical support and respond to inquiries
5. Upgrade Processing: We process upgrade requests submitted through Google Forms to provide additional free generations
6. Service Improvement: We may use aggregated feedback from upgrade requests to improve the Extension

AI Processing

• Your photos and product images are temporarily sent to our AI processing services (Google Gemini API and Replicate API) for virtual try-on generation
• These services process the images to create try-on results and return them to your browser
• No permanent storage: Your personal photos are not permanently stored on our servers or third-party AI services
• Generated images are returned to your device and stored locally in your browser
• No cross-device sync: Your data is not synchronized across devices as we do not store personal content on servers

Limited Analytics

We collect minimal technical data limited to:

• API endpoint usage counts for rate limiting purposes
• Basic error logs for troubleshooting technical issues
• Aggregated feedback from upgrade request forms (without personal identification)

Data Storage and Security

Local Storage Only

• Your Photos: Stored locally in your browser's Chrome storage only
• Generated Images: Stored locally on your device using Chrome's storage APIs
• Authentication Tokens: Securely stored using Chrome's secure storage mechanisms
• No Server Storage: We do not store your personal photos or generated images on our servers

Upgrade Request Data Storage

• Google Forms Data: Information submitted through upgrade request forms is stored in Google Forms and may be transferred to our secure systems for processing
• Processing Storage: Upgrade request data is stored securely and used only for processing requests and service improvement
• Limited Retention: Upgrade request data is retained only as long as necessary to process requests and improve services

Temporary Processing

• AI Processing: Your images are temporarily processed by AI services for virtual try-on generation only
• Authentication Data: Minimal authentication information is processed through our secure backend services
• Immediate Deletion: All temporary processing data is deleted immediately after use
• Secure Transmission: All data transmission uses HTTPS encryption and secure protocols

Data Security Measures

We implement appropriate technical and organizational security measures including:

• Encryption of data in transit using HTTPS/TLS protocols
• Secure authentication using Google OAuth 2.0
• Immediate deletion of temporary processing data
• Access controls and monitoring of our systems
• No permanent data storage on servers
• Secure handling of upgrade request data

Data Retention

• Local Data: Stored on your device until you manually delete it or uninstall the Extension
• Server Data: No permanent storage of personal content; all processing data is deleted immediately after use
• Account Data: Basic authentication tokens are maintained only for active sessions
• API Logs: Minimal rate limiting data may be retained for up to 30 days for technical purposes
• Upgrade Request Data: Retained for up to 12 months for processing requests and service improvement, then securely deleted

Third-Party Services and Data Sharing

We use the following third-party services that may process your data:

Authentication Services

Google OAuth 2.0

• Purpose: User authentication and account management
• Data Shared: Basic profile information (name, email, profile picture)
• Privacy Policy: Google Privacy Policy
• Data Processing: Google processes authentication data according to their privacy policy

AI Processing Services

Google Gemini API

• Purpose: AI image generation and virtual try-on processing
• Data Shared: Product images and user photos (temporarily during processing)
• Data Retention: No permanent storage; data deleted immediately after processing
• Privacy Policy: Google AI Privacy Policy

Replicate API

• Purpose: Background removal and image preprocessing
• Data Shared: User photos for background removal (temporarily)
• Data Retention: No permanent storage; data deleted immediately after processing
• Privacy Policy: Replicate Privacy Policy

Form Services

Backend Infrastructure

Vercel

• Purpose: Hosting our backend API and authentication services
• Data Shared: Authentication tokens and API rate limiting data
• Privacy Policy: Vercel Privacy Policy

Data Sharing Principles

We MAY share your information only in the following circumstances:

• Legal Requirements: When required by law, court order, or government regulation
• Security: To protect against fraud, abuse, or security threats
• Business Transfer: In the event of a merger, acquisition, or sale of assets (with user notification)
• User Consent: When you explicitly consent to specific data sharing
• Service Providers: With trusted service providers (like Google Forms) who assist in providing our services

Your Rights and Choices

Data Access and Control

You have the right to:

• Access: View all data we have collected about you (primarily stored locally on your device)
• Correction: Request correction of inaccurate personal information
• Deletion: Request deletion of your account and associated authentication data
• Portability: Export your locally stored data
• Restriction: Limit how we process your personal data
• Upgrade Request Data: Request access to or deletion of information submitted through upgrade request forms

How to Exercise Your Rights

• Delete Photos: Remove your uploaded photos anytime through the Extension interface
• Clear Data: Use Chrome's browser settings to clear all Extension data
• Delete Account: Contact us at technium73@gmail.com to request account deletion
• Export Data: Use Chrome's developer tools or Extension interface to access your local data
• Browser Settings: Use Chrome's settings to clear Extension data completely
• Upgrade Request Data: Contact us to access, correct, or delete information submitted through upgrade request forms

Opt-Out Rights

You can opt out of:

• Data Collection: By not using the Extension's features that require data processing
• Account Creation: By uninstalling the Extension
• API Processing: By not uploading photos for virtual try-on
• Upgrade Requests: By not filling out the upgrade request form when prompted (you can continue using the Extension within free limits)

International Data Transfers

Data Transfer Safeguards:

• All data transmission uses secure HTTPS encryption
• We ensure appropriate safeguards are in place for international transfers
• We comply with applicable data protection laws including Indian data protection regulations
• Transfer mechanisms include Standard Contractual Clauses where required by the service providers
• All AI processing is temporary with immediate deletion after use
• Upgrade request data is handled according to Google's privacy and security standards

Children's Privacy

Our Extension is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use this Extension or provide any personal information. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

State-Specific Privacy Rights

For Indian Users

Under applicable Indian data protection laws, you have rights including:

• Right to Access: Know what personal data we collect and how it's used
• Right to Correction: Request correction of inaccurate personal information
• Right to Deletion: Request deletion of your personal data
• Right to Portability: Receive your personal data in a structured format
• Right to Restrict Processing: Limit how we process your personal data
• Right to Consent Withdrawal: Withdraw consent for processing upgrade request data

California Residents (CCPA/CPRA)

Under the California Consumer Privacy Act, California residents have additional rights:

• Right to Know: What personal information is collected and how it's used
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: You will not be discriminated against for exercising your rights

Other Jurisdictions

Residents of other jurisdictions may have additional privacy rights under applicable local laws. We will comply with all applicable privacy regulations and provide required notices and rights.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make changes:

• We will post the updated Privacy Policy on this page
• We will update the "Last Updated" date at the top of this policy
• For material changes, we will notify users through the Extension interface or email
• We will maintain previous versions for reference

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Compliance with Chrome Web Store Policies

This Privacy Policy and our data practices comply with:

• Chrome Web Store Developer Program Policies
• Google's Limited Use Policy for user data
• Indian data protection laws and regulations
• Applicable international data protection laws

Effective Date and Acknowledgment

This Privacy Policy is effective as of the "Last Updated" date shown above. By using our Extension after this date, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

---