Last Updated: December 31, 2025
This Privacy Policy explains our practices regarding the collection, use, and disclosure of information that we receive through our Services. We use certain capitalized terms in this Privacy Policy that are defined in our Terms of Service, so please make sure that you have read and understand our Terms of Service. This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.
Any information that is collected via our Services is covered by the Privacy Policy in effect at the time such information is collected. We may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we'll notify you of those changes by posting them on the Services or by sending you an email or other notification, and we'll update the "Last Updated Date" above to indicate when those changes will become effective.
Our primary goals in collecting information are to provide and improve our Services, to administer your use of the Services (including your account, if you are an account holder), and to enable you to enjoy and easily navigate our Services.
If you create an account, we'll collect certain information, as applicable to the Services, which can be used to identify you, such as your name, details of physical appearance (height, weight, size), date of birth, clothing items, email address, postal address, and phone number ("PII"). If you create an account using your login credentials from one of your SNS Accounts, we'll be able to access and collect your name and email address and other PII subject to your privacy settings on the SNS Account that you use. If you create an account through the Site or one of your SNS Accounts, we may also collect other information that is not considered PII because it cannot be used, by itself, to identify you.
When you use our "Digital Twin" feature, you may optionally upload photos of your face and/or body. This section describes how we collect, use, store, and protect this sensitive information.
What Face and Body Data We Collect: With your explicit consent, we collect: (a) facial photographs that you upload to create your Digital Twin profile; (b) full-body photographs that you upload to improve Virtual Try On accuracy; (c) AI-generated descriptions of your appearance characteristics (such as skin tone, hair color, and hair style) derived from your uploaded photos. You are not required to upload face or body photos to use the core features of Fitted. The Digital Twin feature is entirely optional.
How We Use Face and Body Data: Face and body photos you provide are used solely to: (a) power the Virtual Try On feature, which generates AI images showing how clothing items would look on you; (b) analyze your appearance characteristics (skin tone, hair color, hair style) to improve the accuracy and quality of Virtual Try On results; (c) display your uploaded photos within your Digital Twin profile in the app. We do NOT use your face or body photos for: facial recognition or identification purposes; advertising or marketing; sale to third parties; or training general AI models.
Third-Party Processing of Face and Body Data: To provide the Virtual Try On and appearance analysis features, your face and body photos may be processed by third-party AI services (such as Google Gemini for appearance analysis). These service providers: (a) process your photos solely to provide Fitted's core functionality on our behalf; (b) are bound by confidentiality obligations; (c) do not retain your photos after processing is complete; (d) are contractually prohibited from using your photos for any purpose other than providing services to Fitted.
Storage and Security of Face and Body Data: Your face and body photos are: (a) stored securely in our cloud storage infrastructure (Supabase) with encryption at rest; (b) transmitted using TLS/HTTPS encryption; (c) accessible only to you and Fitted's essential service providers; (d) not shared with other Fitted users unless you explicitly choose to make your profile public.
Retention and Deletion of Face and Body Data: Your face and body photos are retained until: (a) you manually delete your Digital Twin photos through Settings → Digital Twin → Delete Photos; (b) you delete your Fitted account entirely. Upon deletion, your face and body photos will be permanently removed from our systems within 30 days. To request immediate deletion of your face and body data, email hello@fittedcloset.com with the subject "Delete Face Data".
Like many website owners and operators, our Site uses automated data collection tools such as Cookies and Web Beacons to collect certain data.
When you enable our Gmail sync feature, we access your email messages to identify and import clothing items from purchase receipts into your virtual closet. This section describes how we handle data obtained through Google APIs.
With your explicit permission, we access your Gmail messages to scan for purchase receipts containing clothing items. Specifically, we access: (a) email message content (body text and attachments) to identify purchase confirmations from retailers; (b) email metadata (sender, date, subject line) to verify receipt authenticity and purchase timing. We extract only the following information from identified receipts: item descriptions, prices, brand or retailer names, purchase dates, and product images. We do not store complete email messages or access emails unrelated to clothing purchases.
Data extracted from your Gmail is used solely to: (a) populate your virtual closet with clothing items you have purchased; (b) display purchase history and item details within the Fitted app; (c) provide personalized styling recommendations based on your wardrobe. We do not use Gmail data for any purpose other than providing the core functionality of the Fitted app.
Fitted's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
In accordance with Google's Limited Use requirements, data obtained from your Gmail is subject to the following restrictions. We do NOT:
(a) sell or transfer Gmail-derived data to third parties for any purpose, including advertising or data brokerage; (b) use Gmail-derived data for serving advertisements, including retargeting, personalized, or interest-based advertising; (c) share Gmail-derived data with advertising platforms, data brokers, or information resellers; (d) use Gmail-derived data to train artificial intelligence or machine learning models, except for user-specific personalization features within your own account; (e) allow human review of your email content, except (i) with your affirmative agreement for specific messages, (ii) where necessary for security purposes such as investigating abuse, (iii) to comply with applicable law, or (iv) for the app's internal operations where the data has been aggregated and anonymized.
Gmail-derived data may only be transferred to service providers who: (a) process data solely to provide Fitted's core functionality on our behalf; (b) are bound by confidentiality obligations; (c) are contractually prohibited from using the data for any purpose other than providing services to Fitted.
Clothing item information extracted from your emails is retained in your Fitted account until you delete the item or delete your account. We do not retain copies of your original email messages—only the extracted product information necessary to display items in your virtual closet.
Account information and other PII you provide is retained for as long as your account remains active. Usage data and analytics may be retained in aggregated, anonymized form for product improvement purposes.
You may delete your data as follows: (a) Individual clothing items imported via Gmail sync can be deleted at any time through the app by selecting the item and choosing "Delete"; (b) To disconnect Gmail sync and stop future email scanning, go to Settings → Connected Accounts → Gmail and select "Disconnect"; (c) To delete all Gmail-derived data while keeping your account, email hello@fittedcloset.com with the subject "Delete Gmail Data"; (d) To delete your entire account and all associated data, go to Settings → Account → Delete Account, or email hello@fittedcloset.com with the subject "Delete My Account".
Upon disconnection of Gmail sync, deletion of Gmail-derived data, or deletion of your account, all applicable data will be permanently deleted from our systems within 30 days, except where retention is required by law.
We will not share any PII that we have collected from or regarding you except as described below.
We may engage third-party service providers to work with us to administer and provide the Services. These third-party service providers have access to your PII only for the purpose of performing services on our behalf and are contractually prohibited from using your information for any other purpose.
We use analytics services to gather information about how Users engage with our Site and Services. However, data obtained from Gmail APIs is never shared with analytics providers or used for advertising purposes. Analytics services only receive non-Gmail account activity data.
Notwithstanding any other provision in this Privacy Policy, data obtained from Gmail APIs is never shared with third parties except service providers who are processing data solely on our behalf to provide Fitted's core functionality, and who are bound by confidentiality and use restrictions at least as protective as those described in this Privacy Policy.
In compliance with the California Consumer Privacy Act (CCPA), the California Online Privacy Protection Act, and the General Data Protection Regulation (GDPR), we offer you choices regarding the collection, use, and sharing of your PII and we'll respect the choices you make. Please note that if you decide not to provide us with the PII that we request, you may not be able to access all of the features of the Services.
Our Site does not have the capability to respond to "Do Not Track" signals received from various web browsers.
We take commercially reasonable administrative, physical and electronic measures designed to protect the information that we collect from or about you (including your PII) from unauthorized access, use or disclosure.
Data obtained through Gmail APIs is protected with industry-standard security measures including: (a) encryption of all data in transit using TLS/HTTPS; (b) encryption of all Gmail-derived data at rest using AES-256 encryption; (c) secure storage of OAuth tokens and authentication credentials with encryption at rest; (d) access controls limiting employee access to user data to only those with a legitimate business need; (e) regular security assessments in compliance with Google's Cloud Application Security Assessment (CASA) requirements.
Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any of your PII or other data.
Our Services may contain links to websites and services that are owned or operated by third parties. Any information that you provide on or to a Third-party Service or that is collected by a Third-party Service is provided directly to the owner or operator of the Third-party Service and is subject to the owner's or operator's privacy policy. We are not responsible for the content, privacy or security practices and policies of any Third-party Service.
Your PII may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you're located outside the United States and choose to provide your PII to us, we may transfer your PII to the United States and other jurisdictions as necessary for the processing of your data.
Our Services are not directed to children under 13 and we do not knowingly collect PII from children under 13. If we learn that we have collected PII of a child under 13 we will take steps to delete such information from our files as soon as possible.
In accordance with California law, California residents may request and obtain from us, once a year, free of charge, a list of third parties, if any, to which we disclosed their PII for direct marketing purposes during the preceding calendar year and the categories of PII shared with those third parties. If you are a California resident and wish to obtain that information, please submit your request by sending us an email at hello@fittedcloset.com with "California Privacy Rights" in the subject line or by writing to us at 2261 Market St #4454, San Francisco, CA 94114.
You may revoke Fitted's access to your Gmail account at any time by visiting your Google Account permissions page at https://myaccount.google.com/permissions and removing Fitted from the list of connected apps, or by disconnecting Gmail within the Fitted app settings. Upon revocation, we will stop accessing your Gmail and will delete Gmail-derived data in accordance with Section 4 of this Privacy Policy.
Please contact us at hello@fittedcloset.com if you have any questions about our Privacy Policy.
Chute Laundry Inc. (dba Fitted)
2261 Market St #4454
San Francisco, CA 94114
United States