Trayve Privacy Policy

2.1 Personal Information You Provide

When you create an account and use our Service, we collect:

• Account Information: Name, email address, password
• Contact Information: Phone number (if provided)
• Communication Data: Messages sent through our contact page or support emails
• Subscription Information: Your chosen subscription tier (Free, Starter, Business, or Enterprise)

2.2 Payment Information

Payment processing is handled by our third-party payment processor, DodoPayments (https://dodopayments.com/). We do not directly store your credit card or payment information. DodoPayments collects and processes payment details according to their privacy policy and security standards.

2.3 Content You Upload

• Clothing Images: Photos of clothing items you upload for virtual try-on generation
• Generated Content: AI-generated fashion images created through our platform using your uploaded content and our pre-generated models

2.4 Automatically Collected Information

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, features used, time spent on the Service, interaction patterns
• Technical Data: Error logs, performance metrics, API usage statistics
• Analytics Data: Collected through PostHog for understanding user behavior and improving our Service

3.1 Service Provision

• Process your uploaded clothing images through our AI models (Fal.ai and Replicate)
• Generate virtual fashion try-on results using pre-generated models and poses
• Maintain your account and provide customer support
• Enable access to features based on your subscription tier
• Store your generated images permanently for your access

3.2 Service Improvement and Analytics

• Analyze usage patterns through PostHog analytics to improve our Service
• Monitor system performance and identify technical issues
• Develop new features and enhance existing functionality
• Generate anonymized, aggregated statistics about Service usage

3.3 Communication

• Send account-related notifications and service updates
• Respond to your inquiries and provide customer support
• Send important notices about changes to our Terms of Service or Privacy Policy

3.4 Legal and Security

• Comply with applicable laws and regulations
• Protect against fraud, abuse, and security threats
• Enforce our Terms of Service
• Respond to legal requests and court orders

5.1 Third-Party Service Providers

We share information with trusted service providers who help us operate our Service:

• Fal.ai and Replicate: AI image processing and generation services
• Supabase: Database and cloud storage services
• Vercel: Website hosting and deployment
• PostHog: Analytics and user behavior tracking
• Clerk: User authentication and account management
• DodoPayments: Payment processing (they handle payment information directly)

These providers access your information only as necessary to perform their services and are bound by confidentiality obligations.

5.2 Legal Requirements

We may disclose information when required by law, regulation, legal process, or governmental request, or to protect our rights, users, or public safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring party.

5.4 Consent

We may share information with your explicit consent for other purposes not covered in this policy.

6.1 Content Retention

• Uploaded Images: Stored permanently until you delete them or close your account
• Generated Images: Available to you permanently until you delete them or close your account
• Account Information: Retained while your account is active and for a reasonable period after closure for legal and business purposes

6.2 Data Storage Location

Your information is stored on cloud servers provided by our service providers. Data may be processed and stored in various countries where our service providers operate, including but not limited to India, the United States, and the European Union.

6.3 Data Security

We implement appropriate technical and organizational measures to protect your information, including:

• Encryption of data in transit and at rest
• Secure server infrastructure and access controls
• Regular security assessments and updates
• Restricted access to personal information on a need-to-know basis

7.1 General Rights

• Access: Request information about the personal data we hold about you
• Correction: Update or correct inaccurate personal information
• Deletion: Request deletion of your personal information and account
• Objection: Object to certain processing activities
• Restriction: Request restriction of processing in certain circumstances

7.2 Account Management

• Account Deletion: You can delete your account at any time, which will remove your personal information and content from our active systems
• Content Management: You can delete individual images or generated content from your account
• Subscription Management: You can upgrade, downgrade, or cancel your subscription at any time

7.3 California Residents (CCPA/CPRA Rights)

If you are a California resident, you have additional rights:

• Right to Know: Request detailed information about how we collect, use, and share your personal information
• Right to Delete: Request deletion of your personal information (subject to certain exceptions)
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: We do not sell personal information, so no opt-out is necessary
• Non-Discrimination: We will not discriminate against you for exercising your privacy rights

7.4 European Residents (GDPR Rights)

If you are in the European Economic Area, United Kingdom, or Switzerland, you have rights under GDPR:

• Right to Access: Obtain confirmation of processing and access to your personal data
• Right to Rectification: Correct inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Limit how we process your personal data
• Right to Data Portability: Receive your personal data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for consent-based processing
• Right to Lodge Complaints: File complaints with supervisory authorities

7.5 Exercising Your Rights

To exercise any of these rights, contact us at:

We will respond to your request within 30 days (or as required by applicable law).

8.1 Global Operations

As we serve users worldwide and use international service providers, your information may be transferred to and processed in countries other than India, including the United States and European Union countries.

8.2 Transfer Safeguards

When transferring personal information internationally, we ensure appropriate safeguards are in place, including:

• Using service providers that comply with international privacy frameworks
• Implementing appropriate contractual protections
• Following applicable data transfer regulations (GDPR adequacy decisions, etc.)

9.1 Cookie Usage

We use cookies and similar technologies to:

• Remember your login status and preferences
• Analyze Service usage and performance through PostHog
• Provide personalized experiences
• Ensure security and prevent fraud
• Enable core functionality of the Service

9.2 Types of Cookies

• Essential Cookies: Required for basic Service functionality
• Analytics Cookies: Help us understand how users interact with our Service
• Authentication Cookies: Manage your login status through Clerk
• Preference Cookies: Remember your settings and choices

9.3 Cookie Control

You can control cookies through your browser settings. However, disabling certain cookies may affect Service functionality. For analytics cookies, you can opt out through PostHog's privacy controls.

10.1 General Access

Our Service is available to users of all ages. However, we encourage parental supervision for users under 13 years of age.

10.2 Parental Rights

Parents and guardians have the right to:

• Review any personal information we have collected from their child
• Request deletion of their child's personal information
• Refuse to allow further collection of their child's information

10.3 Contact for Child Privacy Issues

For any concerns about children's privacy, contact us at contact@trayve.app.

11.1 Security Measures

While we implement strong security measures, no method of transmission over the internet or electronic storage is 100% secure. We use industry-standard practices including:

• SSL/TLS encryption for data transmission
• Encrypted storage of sensitive information
• Regular security updates and monitoring
• Access controls and authentication requirements

11.2 Data Breach Response

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law.

12.1 Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notifications to registered users
• Displaying prominent notices on the Service

12.2 Continued Use

Your continued use of the Service after the effective date of any changes constitutes acceptance of the updated Privacy Policy.

Version A (Court Jurisdiction)

Any disputes arising from this Privacy Policy or our privacy practices will be resolved in the courts of Maharashtra, India, under Indian law.

Version B (Arbitration)

Any disputes arising from this Privacy Policy or our privacy practices will be resolved through binding arbitration under the Arbitration and Conciliation Act, 2015, in Pune, Maharashtra, India, under Indian law.