Envision Privacy Policy

1. Introduction

Envision ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify app ("Envision" or the "App").

2. Information We Collect

2.1 Merchant Information

When you install Envision, we collect:

• Shop domain and basic store information
• Product data for products you enable for virtual try-on
• Usage statistics (number of try-ons, products enabled, etc.)
• Billing and subscription information
• App configuration and customization settings

2.2 Customer Information

Important: We do NOT permanently store customer photos on our servers. Here is exactly how customer photos are handled:

Server-Side Processing

• Customer photos are processed in-memory only on our servers
• Photos are immediately discarded after the try-on image is generated
• We do not store customer photos in our database or file storage

Browser-Side Caching (Local Storage)

To improve the shopping experience, customer photos may be temporarily cached in the customer's own browser using localStorage:

• Photos are stored locally on the customer's device for up to 24 hours
• This allows customers to try on multiple products without re-uploading their photo
• This data is never sent to our servers for storage—it remains on the customer's device
• Customers can clear this data at any time by clearing their browser's local storage
• The cached photo automatically expires and is deleted after 24 hours

Session Tracking

We use anonymous session identifiers to track try-on activity for conversion attribution. These identifiers:

• Do not contain any personally identifiable information
• Are used solely to attribute purchases to virtual try-on usage
• Help merchants understand the effectiveness of the try-on feature

Security and abuse prevention

To protect the service and enforce usage limits, we may also process technical identifiers such as IP address and request metadata. We use this information for rate limiting, fraud prevention, and operational security. We do not use it for advertising or marketing.

We do not collect or store customer names, emails, phone numbers, or Shopify customer account details.

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain the Envision service
• Process virtual try-on requests
• Track usage for billing purposes
• Improve our service and fix technical issues
• Comply with legal obligations
• Send you service-related communications

4. Data Storage and Security

We use industry-standard security measures to protect your data:

• All data is encrypted in transit using HTTPS/TLS
• Database access is restricted and secured
• Customer photos are never stored (processed in-memory only)
• Regular security audits and updates

Your data is stored on secure servers provided by:

• Supabase - PostgreSQL database and file storage (reference images only)
• Fly.io - Application hosting with global edge network

5. Third-Party Services

We use the following third-party services to operate Envision:

5.1 Google Gemini AI (Image Generation)

Customer photos and product reference images are sent to Google's Gemini AI servicevia HTTPS for virtual try-on image generation. Important details:

• Images are transmitted securely over encrypted connections (HTTPS/TLS)
• Processing occurs on Google's infrastructure and is subject to Google's Privacy Policy and Gemini API Terms of Service
• Images are not stored by us after processing completes

5.2 Shopify

For app authentication, billing, and store data access. Subject to Shopify's Privacy Policy.

5.3 Supabase

For database hosting and file storage (merchant reference images only, not customer photos). Subject to Supabase's Privacy Policy.

5.4 Fly.io

For application hosting with global edge network. Subject to Fly.io's Privacy Policy.

We do not sell, rent, or share your data with third parties for marketing purposes.

6. Data Retention

• Merchant Data: Retained while your app is installed. Deleted after app uninstallation through Shopify uninstall/redaction webhooks.
• Customer Photos: Never stored - processed and immediately discarded.
• Usage Statistics: Retained for billing and analytics purposes. Anonymized data may be retained longer for service improvement.

7. Your Rights (GDPR/CCPA Compliance)

7.1 For Merchants

You have the right to:

• Access: Request a copy of all data we have about your store
• Deletion: Request deletion of your data (also happens automatically on app uninstall)
• Correction: Request correction of inaccurate data
• Portability: Request your data in a machine-readable format

7.2 For Customers

Since we do not permanently store customer photos or personally identifiable customer information on our servers, most GDPR/CCPA data subject requests do not apply. However:

• Browser localStorage: You can clear your locally-cached photo at any time by clearing your browser's local storage or waiting for the automatic 24-hour expiration
• Session data: Anonymous session identifiers used for conversion tracking are deleted when the merchant uninstalls the app

To exercise data rights, contact us at: support@envision-tryon.com

Note: We automatically handle data deletion requests through Shopify's GDPR webhooks (customers/data_request, customers/redact, shop/redact) when merchants or customers request data deletion through Shopify.

8. Children's Privacy

Our service is not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: support@envision-tryon.com
• App Support: Available through the Shopify App Store listing