Privacy

Privacy Policy

Last updated: June 6, 2026

You can permanently delete your results — anytime

You are always in control of what you create here. Open your Gallery, click the trash icon on any swap, and confirm — we immediately and permanently delete that result’s image files (your uploaded photo, the outfit images, and the generated result) from our servers. The deletion is irreversible. You can also delete your entire account and all associated data at any time (see Your rights below).

What we collect

When you sign up we store your email, display name, and the authentication token issued by the sign-in provider (Google OAuth or email + password). When you upload photos we store the two source images you provide (person and outfit) and the generated result image. We log the IP address and approximate locale of each request for fraud and abuse prevention.

How we use it

Uploaded photos are sent to a third-party AI image-generation provider for the single purpose of producing your clothes-swap result. The resulting image is written back to our storage (Cloudflare R2) so you can come back to it. We do not use your uploads or generations to train any model — yours or anyone else’s.

Retention

Source uploads (the two photos you submit) are kept long enough to fulfill the generation and are eligible for automatic deletion after 24 hours via a storage lifecycle rule. Generated result images stay in your gallery until you delete them — the trash icon on any result removes its image files from our servers immediately and permanently — or until you close your account.

You can request deletion of your account and all associated data by emailing the address at the bottom of this page.

Sharing

We do not sell your data. We share data with the following processors solely to operate the service:

  • Cloudflare — hosting, network, R2 storage, Hyperdrive caching.
  • Supabase — managed PostgreSQL database for accounts and generations.
  • AI image-generation provider — a third-party processor that receives your two source photos and the generation prompt to produce your result.
  • Content-safety provider — a third-party processor that runs automated moderation of your uploaded photos before generation.
  • Google — only if you choose to sign in via Google OAuth.
  • Crisp — live chat / feedback widget shown on our public pages. When it loads it may set a technical cookie and process basic session metadata (such as IP address and the page you are on) to run the chat — not only when you message us. If you start a conversation, the message and any contact details you provide (e.g. email) are processed by Crisp.

Your rights

You can access, export, or delete your data at any time. Email us at the address below and we will respond within a reasonable window.

Security

Traffic is encrypted in transit (HTTPS). Storage at rest is encrypted by the respective providers (Cloudflare R2, Supabase PostgreSQL). Passwords are hashed; we never store plaintext credentials. No system is invulnerable — if you believe an incident has occurred, please email us so we can investigate.

Changes

We may update this policy as the service evolves. The “Last updated” date at the top reflects the most recent change. For material changes we will notify signed-in users by email.

Contact

Questions, requests, or concerns: support@aiclothswap.com.