This Privacy Policy explains how Drobe ("we", "us", "our") collects, uses, discloses, and protects your personal information when you use our mobile application, website at drobe.app, and related services (collectively, the "Service"). By accessing or using the Service, you agree to the collection and use of information in accordance with this policy.
We take your privacy seriously. This policy is written in plain English so you can actually understand it.
1. Information we collect.
1.1 Information you provide directly
| Data Type | Details |
|---|---|
| Account info | Full name, email address, and password when you create an account. If you sign in via Apple or Google, we receive the name and email associated with that account. |
| Profile data | Optional preferences such as your style preferences, body type, size information, and lifestyle tags you choose to provide. |
| Closet photos | Photos of clothing items you upload to build your digital wardrobe. These may contain EXIF metadata (camera model, date taken). |
| Payment info | Subscription purchases are processed by Apple (App Store) or Stripe. We do not store your credit card number. We receive a transaction ID and subscription status from these providers. |
| Communications | Messages, feedback, or support requests you send to us via email or in-app. |
1.2 Information collected automatically
| Data Type | Details |
|---|---|
| Usage data | How you interact with Drobe — features used, outfits viewed, items added, time spent, screens visited, and actions taken. |
| Device info | Device model, operating system and version, app version, unique device identifiers, language, and time zone. |
| Coarse location | Approximate location (city-level) derived from your IP address, used solely for weather-based outfit recommendations. We do not access GPS or precise location. |
| Log data | IP address, browser type, referring/exit pages, timestamps, and crash reports. |
| Cookies | On our website (drobe.app), we use cookies and similar technologies for analytics and functionality. See our Cookie Policy for full details. |
1.3 AI-generated metadata
When you upload a clothing photo, our AI analyses the image to generate descriptive metadata — colour, pattern, category, fit, season, and occasion tags. This metadata is stored alongside your item and is used to power outfit recommendations. Image processing occurs on-device where possible; server-side processing uses encrypted transmission and images are deleted from our servers within 30 days of processing.
1.4 Information we do NOT collect
We do not collect: your contacts or address book, precise GPS location, data from other apps on your device, biometric data, or health data. We do not access your camera roll — you explicitly choose each photo you upload.
2. How we use your information.
We use your information for the following purposes:
| Purpose | Details |
|---|---|
| Provide the Service | Create and manage your account, store your digital wardrobe, generate daily outfit recommendations, and sync your closet across devices. |
| Personalise your experience | Learn your style preferences over time so The Eye (our AI stylist) gets smarter and more tailored to you. |
| Analytics | Understand how Drobe is used so we can improve features, fix bugs, and develop new functionality. We use Firebase Analytics, Google Analytics, and Microsoft Clarity for this purpose. |
| Communications | Send you transactional emails (account verification, password resets, subscription receipts), and — only with your consent — marketing emails about new features or style tips. You can unsubscribe from marketing emails at any time. |
| Safety and security | Detect fraud, prevent abuse, and enforce our Terms of Service. |
| Legal compliance | Comply with applicable laws, legal processes, or enforceable governmental requests. |
3. Who we share your information with.
We do not sell your personal data. We never have, and we never will. We share information only in the following limited circumstances:
| Recipient | Purpose | Data Shared |
|---|---|---|
| Firebase (Google) | Authentication, cloud database, analytics, crash reporting | Email, usage events, device info, crash logs |
| Google Analytics | Website and app analytics | Anonymised usage data, device info, IP address (anonymised) |
| Microsoft Clarity | Website heatmaps and session recordings | Anonymised interaction data on drobe.app |
| Stripe | Payment processing for subscriptions | Email, transaction data (we never see your full card number) |
| Apple (App Store) | In-app purchases and subscription management | Transaction and subscription status |
| Cloud hosting | Data storage and server infrastructure | All data is stored encrypted at rest on our cloud infrastructure |
| Email provider | Transactional and marketing emails | Email address, name |
We may also share information if required by law, to protect our legal rights, to prevent fraud, or in connection with a merger, acquisition, or sale of assets (in which case you will be notified).
We require all third-party service providers to respect the security of your personal data and to process it in accordance with applicable law. We do not permit them to use your data for their own purposes.
4. Legal bases for processing (GDPR).
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data on the following legal bases:
- Contract: Processing necessary to provide you the Service you signed up for (account management, wardrobe storage, outfit recommendations).
- Legitimate interests: Analytics and service improvement, fraud prevention, and security — where these interests are not overridden by your rights.
- Consent: Marketing communications, non-essential cookies, and any optional data collection. You can withdraw consent at any time.
- Legal obligation: Where we must process data to comply with applicable law.
5. Your rights.
Depending on your jurisdiction, you have the following rights regarding your personal data:
5.1 For all users
- Access: Request a copy of the personal data we hold about you.
- Correction: Request that we correct inaccurate or incomplete data.
- Deletion: Request that we delete your personal data. In Drobe, you can do this in one tap via Settings → Your Data → Delete My Account. This permanently removes your account, wardrobe, and all associated data within 30 days.
- Export: Download a copy of your data in a portable format via Settings → Your Data → Export My Data.
- Opt out of marketing: Unsubscribe from marketing emails using the link in any email, or toggle it off in Settings → Notifications.
5.2 Additional rights under GDPR (EEA/UK users)
- Restriction: Request that we restrict processing of your data in certain circumstances.
- Portability: Receive your data in a structured, commonly used, machine-readable format.
- Object: Object to processing based on legitimate interests, including profiling.
- Withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
- Lodge a complaint: You have the right to lodge a complaint with your local data protection authority.
5.3 Additional rights under CCPA (California residents)
- Right to know: You may request the categories and specific pieces of personal information we have collected about you.
- Right to delete: You may request deletion of your personal information.
- Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
- Right to opt out of sale: We do not sell personal information, so this right is automatically satisfied.
- Shine the Light: California residents may request information about disclosures of personal information to third parties for direct marketing. We do not make such disclosures.
To exercise any of these rights, use the in-app controls under Settings → Your Data, or email us at privacy@drobe.app. We will respond within 30 days (or sooner where required by law).
6. Data retention.
We retain your personal data only for as long as necessary to fulfil the purposes described in this policy:
- Active accounts: Your data is retained for as long as your account remains active.
- Deleted accounts: When you delete your account, we permanently erase your personal data within 30 days. Anonymised, aggregated data (which cannot identify you) may be retained indefinitely for analytics.
- Server-side image processing: Clothing photos sent to our servers for AI analysis are deleted within 30 days of processing.
- Log data: Server logs are retained for up to 90 days for security and debugging.
- Legal obligations: We may retain certain data longer if required by law (e.g., financial transaction records).
7. Data security.
We implement industry-standard security measures to protect your data:
- All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
- Authentication tokens are securely stored and rotated regularly.
- Access to user data is restricted to authorised personnel with a specific operational need, protected by multi-factor authentication.
- We conduct regular security assessments and vulnerability testing.
- Clothing photos are processed on-device where possible; server-side processing uses isolated, encrypted pipelines.
No method of transmission or storage is 100% secure. If you become aware of a security vulnerability, please report it to security@drobe.app.
8. International data transfers.
Your data may be transferred to and processed in countries outside your country of residence, including the United States, where our cloud infrastructure providers operate. When we transfer data outside the EEA/UK, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Adequacy decisions where applicable.
- Other legally recognised transfer mechanisms.
9. Children's privacy.
Drobe is designed for users aged 16 and older. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at privacy@drobe.app and we will promptly delete it.
10. Cookies and tracking.
Our website (drobe.app) uses cookies and similar technologies for analytics and essential functionality. Our mobile app uses Firebase and similar SDKs for analytics and crash reporting.
For full details on the cookies we use and how to manage your preferences, please see our Cookie Policy.
11. Third-party links.
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy policies before providing any personal information.
12. Changes to this policy.
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by:
- Sending an email to the address associated with your account at least 14 days before the changes take effect.
- Displaying a prominent notice within the app.
- Updating the "Last updated" date at the top of this page.
Your continued use of the Service after the effective date constitutes acceptance of the updated policy.
13. Contact us.
If you have questions, concerns, or requests about this Privacy Policy or your personal data, contact us:
- Email: privacy@drobe.app
- General: hello@drobe.app
If you are in the EEA and are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.