Privacy Policy
WearWin (the "App") is operated by WearWin ("we", "us", "our"). We're a Finnish solo developer, and we take privacy seriously: the App is designed to need as little data as possible to deliver its cost-per-wear tracking. This page explains what we collect, who we share it with, how long we keep it, and how you can delete it.
1. Data we collect
-
Account identifiers. When you sign in with Apple, we receive Apple's
opaque user identifier (
sub) and — only if you choose to share it — your email address (which may be Apple's relay address). We store these as the canonical identifier for your account. - Display name (optional). The name Apple shares on first sign-in. You can leave it empty.
- Look photos and detections. Photos you snap inside the App, the AI-generated catalog product images derived from them, and the per-item detection metadata (category, colours, descriptions, text embeddings). Stored in private AWS S3 buckets under your user id.
- Wears and statistics. Timestamps for each wear you log, plus the derived cost-per-wear figures used by the App's home screen.
- Subscription state. The current status of your WearWin Plus subscription (free / trialing / active / lapsed / cancelled), received from Apple via RevenueCat.
- Crash and performance telemetry. Anonymised crash stacks and performance traces captured by Sentry. Not linked to your email or display name.
2. Third-party processors
We use the third-party services listed below to deliver the App. Each one acts as a data processor on our behalf; we share only the minimum data each one requires.
| Processor | Purpose | Data shared |
|---|---|---|
| Apple Inc. | Sign in with Apple, StoreKit billing, app delivery. | Apple user id (sub), optional email, subscription receipts. |
| RevenueCat | Subscription orchestration, webhook delivery, entitlement state. | Apple subscription receipt data, our user id (UUID). |
| Sentry | Crash + performance telemetry from the iOS client and the API. | Anonymised stack traces, device model, OS version, app version. |
| Google (Gemini) | Server-side vision detection on look photos (categories, bounding boxes, item descriptions), text embeddings of those descriptions for similarity search, and generation of catalog-style product images for confirmed items. | Look photo bytes during detection and catalog generation, garment descriptions for embeddings (not retained by Google per their API). |
| AWS (us-east-1) | Object storage (S3), media delivery (CloudFront), API hosting (Lambda). | All photos and detection records you create in the App. |
| Neon | Managed PostgreSQL database for account + wardrobe metadata. | Account row, items, looks, wears, wins. |
3. Where your data lives
Photos, embeddings, and account metadata are stored in AWS data centres in us-east-1 (Northern Virginia). We rely on the EU-US Data Privacy Framework and AWS's standard contractual clauses for transfers from the EU to the US.
4. Retention
We keep your data for as long as your account is active. Audit-only financial events (subscription transitions from RevenueCat) are retained for 7 years after deletion of your account for tax-compliance reasons; everything else is deleted within 30 days of an account-deletion request.
5. Your rights
- Access and export. Email support@wearwin.app with the subject "Data export" and we'll reply within 30 days with the data we hold about you.
- Deletion. Open the App, go to Account > Delete account, and confirm. Deletion wipes your wardrobe, looks, photos, and account row across all systems. Active subscriptions stay with Apple; cancel them in Settings > Apple ID > Subscriptions on your iPhone.
- Apple ID revocation. You can revoke our access at any time from Settings > Apple ID > Sign in with Apple > WearWin > Stop using Apple ID. Apple notifies us automatically and we delete your account within seven days.
- Complaints. Finnish users can complain to the Office of the Data Protection Ombudsman (tietosuoja.fi); EU users to their national DPA.
6. Children
WearWin is not directed at children under 13. We don't knowingly collect data from anyone under 13; if you believe a child has signed up, email us and we'll delete the account.
7. Changes
We may update this policy. Material changes will be announced in-app or via the email address on file at least 14 days before they take effect.
8. Contact
Data controller: WearWin, Finland.
Contact: support@wearwin.app.