Privacy Policy

Effective 29 April 2026 · Last updated 29 April 2026

1. Introduction

Algodón ("we," "our," "us") operates the Algodón mobile application and web platform at algodon.app (the "Service"). This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our Service.

We are committed to protecting your privacy and complying with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

Information You Provide

• Account information: Name, email address, password (encrypted), and optional profile details (age range, style preferences).
• Wardrobe data: Photos of clothing items you upload, metadata you add (brand, colour, category, size, purchase price, date).
• Outfit data: Outfit combinations you create, calendar entries, and outfit ratings.
• Communications: Messages you send to our support team or feedback you submit.

Information Collected Automatically

• Usage data: Features used, session duration, screens viewed, outfit suggestions acted upon.
• Device information: Device type, operating system, app version, unique device identifiers.
• Location data: Approximate location (city-level) for weather-based outfit suggestions, only when you grant permission.
• Analytics: Aggregated, anonymised data about wardrobe composition and usage patterns.

Information From Third Parties

• Sign-in providers: If you sign in via Google or Apple, we receive your name and email as authorised by you.

3. How We Use Your Information

We use your information to:

• Provide and improve the Service, including AI-powered outfit suggestions and wardrobe analytics.
• Train and improve our AI models using anonymised, aggregated wardrobe data (never individual photos without consent).
• Send you outfit suggestions, weather-based recommendations, and Service notifications.
• Communicate product updates, new features, and optional marketing (you can opt out at any time).
• Analyse usage trends to improve product features and user experience.
• Comply with legal obligations and enforce our Terms of Service.

4. Legal Basis for Processing (UK GDPR)

We process your data under the following legal bases:

• Contract: To provide the Service you signed up for.
• Legitimate interest: To improve the Service, prevent fraud, and send relevant communications.
• Consent: For optional marketing emails, location data, and use of photos in marketing materials (only with explicit opt-in).

5. Data Sharing

We do not sell your personal data. We may share data with:

• Service providers: Cloud hosting (e.g., Supabase, AWS), analytics tools, email delivery services — under strict data processing agreements.
• AI processing: Photos may be processed by third-party AI services for auto-tagging; images are processed and not retained by these providers.
• Legal requirements: If required by law, regulation, or legal process.
• Business transfers: In the event of a merger, acquisition, or asset sale.

6. Data Retention

• Active accounts: We retain your data for as long as your account is active.
• Deleted accounts: Upon account deletion, we remove personal data within 30 days. Anonymised, aggregated analytics data may be retained.
• Photos: Wardrobe photos are stored securely and deleted when you remove the item or delete your account.

7. Your Rights

Under UK GDPR, you have the right to:

• Access your personal data.
• Rectify inaccurate data.
• Delete your data ("right to be forgotten").
• Restrict processing in certain circumstances.
• Data portability — receive your data in a structured, machine-readable format.
• Object to processing based on legitimate interest.
• Withdraw consent at any time for consent-based processing.

To exercise these rights, contact us at privacy@algodon.app.

8. Data Security

We implement industry-standard security measures including:

• Encryption in transit (TLS 1.3) and at rest (AES-256).
• Secure authentication with hashed passwords.
• Regular security assessments and monitoring.
• Access controls limiting employee access to personal data.

9. International Transfers

Your data may be processed in the UK, EU, and/or the United States. Where data is transferred outside the UK, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

10. Children's Privacy

Algodón is not intended for users under the age of 16. We do not knowingly collect data from children. If we learn that we have collected data from a child under 16, we will delete it promptly.

11. Cookies & Tracking

On algodon.app, we use:

• Essential cookies for authentication and session management.
• Analytics cookies (e.g., Google Analytics) for understanding usage — you can opt out via our cookie banner.
• We do not use advertising cookies or trackers.

12. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via the app or email. Continued use of the Service after changes constitutes acceptance.

13. Contact Us

Algodón
Email: privacy@algodon.app
Website: algodon.app

If you are unsatisfied with our response to a privacy concern, you may contact the Information Commissioner's Office (ICO) at ico.org.uk.