Privacy Policy

Last updated: June 7, 2026

This Privacy Policy describes how evoFaceFlow (a sole proprietorship of Bruhn Freeman; "we", "us", "our") collects, uses, and shares information when you use the TryOn Mirror mobile application and the evofaceflow.com website (collectively, the "Service"). By using the Service you agree to the practices described here.

At a glance.

• The Service uses third-party AI (xAI's Grok Imagine API) to generate try-on images from photos you upload. We obtain your explicit in-app consent before any photo is sent.

• We do not use your photos or AI-generated results to train any AI model — ours or anyone else's.

• We do not sell your data, do not show third-party ads, do not include analytics or tracking SDKs, and do not track you across other companies' apps or websites.

• You can delete all your photos, export your data, and permanently delete your account in-app from Settings → Privacy & Data.

• If you opt in to SMS, we send only transactional texts (account alerts & verification codes) and never sell or share your mobile number or opt-in information with third parties for marketing. Reply STOP to cancel any time.

1. Information We Collect

Information you provide

Account information. Email address, username, password (stored as a one-way bcrypt hash), and optional first name, last name, bio, city, and state.
Mobile phone number. Collected only if you opt in to our SMS program (see Section 16). Used solely to send transactional text messages (account notifications, security alerts, and one-time passcodes).
Body photos. Up to three photos you choose to upload: a close-up profile photo, a full-body front photo, and a medium (waist-up) photo.
Clothing photos. Photos of clothing items you photograph for try-on.
Try-on results. AI-generated images produced from your body photos and clothing photos.
Communications. Messages, comments, follows, likes, reports, and other content you create within the app.
AI processing consent. The timestamp of your most recent affirmative in-app consent to send body and clothing photos to our AI provider.

Information collected automatically

Usage data. Try-on counts, session activity, in-app navigation, and basic crash reports captured by the operating system.
Device data. Device model, operating system version, app version, and approximate IP-based location (country, region, city). We do not collect precise GPS location.
Login locations. The IP address and approximate location of each login and session-token refresh, used for security alerts. We retain only the most recent ten records per account.

Information from third parties

Apple. When you make an in-app purchase, Apple sends us a verified transaction identifier and product details. We never receive your full payment-card information.

2. iOS Permissions We Request

The Service requests the following iOS permissions. You can grant or revoke each one at any time in iOS Settings → TryOn Mirror.

Permission	Purpose	Optional?
Camera	To photograph clothing items for virtual try-on. Clothing photos are processed by AI to generate images of you wearing them.	Yes — without it, you can still upload clothing photos from your photo library.
Photo Library	To upload body and clothing photos. Body photos are processed by AI (xAI Grok) to generate try-on images. You can delete them at any time from Settings.	Required to use the try-on feature.

The Service does not request access to your contacts, calendar, microphone, motion sensors, health data, or precise location.

3. How We Use Your Information

Provide the core try-on feature, including processing your body photos through AI to generate try-on images.
Maintain your account, authenticate logins, and detect suspicious activity.
Process subscriptions and credit purchases via Apple In-App Purchase.
Send transactional emails such as account verification, password reset, and security alerts. We do not send marketing emails.
Operate community features (feed, follows, likes, comments).
Moderate content and respond to user-submitted reports and blocks.
Comply with legal obligations and enforce our Terms of Service.
Improve the Service through aggregated, non-identifying analytics. We do not sell your personal information.

4. Legal Bases for Processing (EEA / UK)

If you are in the European Economic Area or the United Kingdom, our legal bases under the GDPR / UK GDPR for processing your personal data are:

Performance of a contract (Art. 6(1)(b)) — for providing the Service, creating your account, and operating try-on, comments, follows, and likes.
Consent (Art. 6(1)(a)) — for transmitting body and clothing photos to our third-party AI provider (xAI). You give this consent through the in-app consent dialog described in Section 5, and you may withdraw it at any time in Settings → Privacy & Data.
Legitimate interests (Art. 6(1)(f)) — for security alerts and suspicious-login detection, anti-abuse measures, and aggregated product analytics. Our interest is preventing fraud, abuse, and account takeover; we have assessed that this does not override your privacy interests because the data used (IP, approximate location) is minimal and retention is short.
Legal obligation (Art. 6(1)(c)) — for retaining transaction records required by tax or consumer-protection law, and for responding to lawful requests from authorities.

We do not engage in automated decision-making (including profiling) that produces legal or similarly significant effects on you. AI try-on generation is initiated by you, is cosmetic, and has no legal effect.

5. AI Processing of Body Photos

When you initiate a try-on, the Service sends your body photo (full-body and/or medium) and the clothing photo you supplied to xAI, Inc. via the Grok Imagine API, a third-party AI image-generation service. The result is returned to us, stored on our infrastructure, and made available to you in the app.

The close-up / profile photo is never sent to AI services. It is used only as your profile picture inside the app.
Before any photo is transmitted to xAI, the app shows an explicit in-app consent dialog that names xAI, lists exactly what data will be sent, and requires you to tap "I Agree and Continue." Try-on requests are blocked server-side until that consent is on file.
You may revoke this consent at any time from Settings → Privacy & Data → Revoke AI Processing Consent. Revoking blocks future try-ons until you re-confirm; previously generated results are not affected.
You may also delete your body photos and any AI-generated derivatives at any time from Settings.
xAI's processing of these images is governed by xAI's own privacy policy, available at x.ai/legal/privacy-policy.

5.1 We do not use your photos to train AI

We do not use your body photos, clothing photos, or AI-generated results to train, fine-tune, evaluate, or develop any AI or machine-learning model — ours or anyone else's. The photos exist solely to generate the try-on result you requested and to be displayed back to you (and, only if you choose, to other users via the community feed).

5.2 Generative AI labeling and safety

Consistent with App Store Review Guideline 4.0 (Design — AI-Generated Content) and 5.1.8 (Privacy — Generative AI), every AI-generated image surfaced in the Service is clearly labeled with an "AI-generated" badge. We also provide in-app reporting and blocking tools so users can flag content for human review (see Section 14).

6. Face Data

Because the photos you upload (close-up profile, full-body, and waist-up) and the AI-generated try-on results all visually depict your face, this section describes how we treat that face data specifically.

What face data we collect

The only "face data" the Service collects is the photographic images themselves: the photos you choose to upload and the AI-generated try-on results derived from them. We do not perform face recognition, face detection, facial geometry mapping, biometric identification, or any other automated analysis of facial features. We do not extract or store face templates, embeddings, landmarks, or any biometric descriptors derived from your photos. We do not use ARKit Face APIs, the iOS Vision framework's face APIs, TrueDepth APIs, FaceID, or any other facial-analysis API.

How we use face data

The photos you upload are used for exactly three purposes, and nothing else:

Profile display. The close-up photo is shown as your profile picture inside the app. The full-body and waist-up photos are visible to you on your Profile screen so you can manage them.
AI try-on generation. The full-body and waist-up photos are sent to xAI's Grok Imagine API together with a clothing photo you provide. The AI generates a new image of you wearing that clothing. The close-up photo is never sent to the AI service.
Try-on history. AI-generated try-on results are saved to your account so you can view past try-ons, and—if you choose to make them public—display them on the in-app community feed under your username. Each result is also clearly labeled as AI-generated.

We do not use face data for marketing, advertising, behavioral profiling, training our own or anyone else's machine-learning models, targeting recommendations, or analytics. We do not sell face data.

Third parties that receive face data

Face data is shared only with the service providers strictly required to operate the Service:

xAI, Inc. (Grok Imagine API). Receives your full-body and/or waist-up photo together with a clothing photo each time you initiate a try-on. xAI uses these images solely to generate the requested try-on result; their handling is governed by xAI's own privacy policy at x.ai/legal/privacy-policy. The close-up profile photo is never sent to xAI.
Amazon Web Services (S3). Stores all uploaded photos and AI-generated results in a private S3 bucket with Block Public Access enabled. The Service does not make these objects publicly readable; the app retrieves them through short-lived presigned URLs.

No other third party receives face data. We do not share face data with advertising networks, analytics providers, social networks, or data brokers.

State biometric laws

For users in Illinois (Biometric Information Privacy Act, BIPA), Texas (Capture or Use of Biometric Identifier Act, CUBI), Washington (RCW 19.375), and any other jurisdiction with a biometric-information statute: as stated above, the Service does not collect, capture, purchase, receive through trade, or otherwise obtain any biometric identifier or biometric information as defined by those statutes. The Service stores photographic images only, and does not derive any biometric template, scan, geometry, or other biological/behavioral characteristic from them. To the extent any of those statutes might be interpreted to cover the photographic images themselves, by uploading photos to the Service you provide written, informed consent to their collection, storage, and disclosure to the AI provider and storage provider identified in this Policy, for the purposes described herein.

Where face data is stored

All face data is stored in our private Amazon Web Services S3 bucket in the United States. Access is gated by short-lived signed URLs generated server-side; there is no public bucket policy permitting unauthenticated reads.

How long face data is retained

Uploaded photos (close-up, full-body, waist-up) are retained until you delete them in Settings, replace them, or delete your account.
AI-generated try-on results are retained until you delete the individual result in the app or delete your account.
When you delete your account, your face data (all uploaded photos and all AI-generated results) is removed from our database and from our S3 storage within 30 days of the account-deletion request. Aggregated, non-identifying analytics may be retained.
There is no automatic expiration; nothing happens to your photos until you take an explicit action.

Your control over face data

From the in-app Settings > Privacy & Data screen, you can at any time: delete all body photos, export all your data including face data, revoke AI processing consent, or permanently delete your account (which deletes all face data).

7. How We Share Information

We share information only with the service providers required to operate the Service:

Provider	Purpose	Data shared
xAI, Inc. (Grok Imagine)	AI try-on image generation	Body photo (full-body or medium), clothing photo
Amazon Web Services (S3, SES)	Image storage and transactional email	All user content; account email
Apple, Inc.	In-app purchase processing and App Store Server Notifications	Apple Account identifier, transaction metadata
ip-api.com	IP-based geolocation for security alerts	IP address only

Each of these providers is contractually required (through their standard data processing addenda, business associate agreements, or equivalent commitments) to protect your information with safeguards substantially equivalent to those we use, to process your data only for the purpose for which we engaged them, and to comply with applicable privacy and data-protection law. We do not sell your personal information to third parties for advertising or other commercial purposes, and we do not "share" your personal information for cross-context behavioral advertising as defined by the California Consumer Privacy Act.

We also disclose information if we are legally required to do so by valid subpoena, court order, or other lawful demand, or to protect the rights, property, or safety of evoFaceFlow, our users, or the public.

8. App Tracking, Analytics, and Advertising

We do not engage in any of the following, on iOS or elsewhere:

Cross-app or cross-website tracking. We do not track your activity in other companies' apps or websites, and we do not request authorization under Apple's App Tracking Transparency framework because we have nothing to track.
Third-party advertising. The Service contains no third-party advertisements and no advertising SDKs.
Third-party analytics or attribution SDKs. No Google Analytics, no Firebase Analytics, no Crashlytics, no Sentry, no Amplitude, no Mixpanel, no Segment, no Branch, no AppsFlyer, no Adjust, no Facebook SDK, no TikTok SDK.
Advertising identifiers. We do not read or store the iOS Identifier for Advertisers (IDFA).
Cookies for tracking. The marketing website (evofaceflow.com) does not set tracking or advertising cookies. The app does not use cookies.

Crash diagnostics that the iOS operating system collects on your device and shares with Apple (and, if you opt-in, with developers via the standard App Store crash reports) are subject to Apple's privacy policy, not ours.

9. Data Retention

Account data is retained for as long as your account is active.
Body photos and AI-generated try-on results are retained until you delete them in Settings or delete your account.
Login location records are pruned to the last ten entries per account automatically.
Server logs containing IP addresses are retained for up to 30 days for security investigation, then deleted.
Apple purchase records are retained for as long as required by tax and consumer-protection law (typically 7 years).
After account deletion, we delete your account record, body photos, AI results, and personal data within 30 days. Aggregated, non-identifying analytics may be retained.

10. Your Privacy Rights

Rights available to all users

From in-app Settings, you can at any time:

Access the personal data we hold about you by tapping Export My Data (GDPR/CCPA). The export is delivered as a JSON file you can save or share.
Correct account information from your profile.
Delete your body photos, individual try-on results, or your entire account from Settings → Privacy & Data. Account deletion is permanent and removes all personal data within 30 days as described in Section 9.
Withdraw consent to AI processing at any time by tapping Revoke AI Processing Consent. Future try-ons will be blocked until you re-confirm consent.
Block other users to make their content invisible to you and yours invisible to them.

Additional rights for residents of the European Economic Area, the United Kingdom, and Switzerland

Under the GDPR / UK GDPR you also have the right to: access the personal data we hold about you (Art. 15); request rectification of inaccurate data (Art. 16); request erasure (Art. 17); request restriction of processing (Art. 18); object to processing based on legitimate interests (Art. 21); receive your data in a portable format (Art. 20); and withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal. To exercise any of these rights, contact privacy@evofaceflow.com. You also have the right to lodge a complaint with a supervisory authority in the EU/UK member state where you live or work.

Additional rights for California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you the following rights with respect to "personal information" as defined under California law:

Right to know what categories and specific pieces of personal information we have collected about you, the sources, the business or commercial purpose, and the categories of third parties we share it with.
Right to delete personal information we have collected from you, subject to certain legal exceptions.
Right to correct inaccurate personal information.
Right to opt-out of the sale or sharing of personal information. We do not sell your personal information and we do not "share" it for cross-context behavioral advertising, so there is no opt-out link to provide.
Right to limit the use and disclosure of sensitive personal information. We use sensitive personal information (the photos you upload) only for the limited purposes described in Section 5 (AI try-on generation, profile display, and try-on history) — uses that fall within the exceptions in Cal. Civ. Code § 1798.121(a) — so no further limitation right applies.
Right to non-discrimination for exercising any of these rights.

To exercise these rights, contact privacy@evofaceflow.com. We will verify your request using your account email and may ask for additional information to confirm your identity. Authorized agents may submit requests on your behalf with written authorization.

Categories of personal information we have collected in the past 12 months, mapped to Cal. Civ. Code § 1798.140(v):

Category	Collected?
Identifiers (email, username, IP address, device IDs)	Yes
Customer records (name, billing reference via Apple)	Yes
Protected classification characteristics	No
Commercial information (purchase history via Apple In-App Purchase)	Yes
Biometric information	No — photographic images only; no biometric template extraction (see Section 6)
Internet or network activity (app usage, session activity)	Yes
Geolocation data (approximate, IP-based)	Yes
Audio, electronic, visual, thermal, olfactory, or similar information (the photos you upload)	Yes — sensitive PI
Professional or employment information	No
Education information	No
Inferences drawn from the above	No
Sensitive personal information (photos depicting your face)	Yes — processed only for purposes in Section 5

Other U.S. state privacy laws

If you are a resident of Colorado (CPA), Connecticut (CTDPA), Virginia (VCDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana, Tennessee, Iowa, Indiana, or any other state with a comprehensive consumer privacy law in effect, you have rights substantially similar to the California rights described above. To exercise them, contact privacy@evofaceflow.com.

11. Security

We protect your information with industry-standard safeguards including: bcrypt password hashing (cost factor ≥ 12); short-lived JWT access tokens and rotating refresh tokens; HTTPS-only transport (TLS 1.2+); private S3 buckets with Block Public Access enabled and short-lived presigned URL access; rate limiting and intrusion-detection (fail2ban) on the API; encryption at rest for backups; and least-privilege IAM policies for backup uploaders.

Despite these efforts, no system is fully secure. If a breach affecting your personal data occurs, we will notify you and the relevant supervisory authorities in accordance with applicable law (including GDPR Art. 33–34 and applicable U.S. state breach-notification statutes), generally within 72 hours of becoming aware.

12. Children

The Service is not directed to and is not intended for use by children under the age of 13 (or under 16 in the European Economic Area / United Kingdom). We do not knowingly collect personal information from children under these ages. If you are a parent or guardian and believe a child has provided us with personal information, contact privacy@evofaceflow.com and we will delete it as required by the Children's Online Privacy Protection Act (COPPA) and applicable law.

13. International Transfers

We operate the Service from infrastructure located in the United States. If you access the Service from outside the United States, your information will be transferred to, stored in, and processed in the United States. Where required by law — in particular for personal data originating in the European Economic Area, the United Kingdom, or Switzerland — we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, and (where applicable) the EU–U.S. Data Privacy Framework and its UK/Swiss extensions, to lawfully transfer your data. A copy of the relevant safeguards is available on request from privacy@evofaceflow.com.

14. Content Moderation, Reporting, and Account Deletion

Consistent with App Store Review Guidelines 1.2 (User-Generated Content) and 5.1.1(v) (Account Deletion):

In-app reporting and blocking are available from the three-dot menu on any try-on result, comment, or user profile. Reports are reviewed by us within 24 hours, and we may remove content, suspend accounts, or take other action.
Account deletion is available in-app from Settings → Privacy & Data → Delete Account. Deletion is permanent and removes all body photos, try-on results, personal data, comments, likes, follows, and Apple purchase records (subject to Section 9 retention exceptions). You do not need to email us to delete your account.
AI-generated content labeling. Every AI-generated try-on result image is visibly labeled with an "AI-generated" badge whenever it is displayed in the Service.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be communicated by in-app notice or email. If a change expands the categories of data we collect, the uses we make of it, or the third parties with whom we share it, we will obtain renewed consent where required by law before applying the change to data we have already collected from you.

16. SMS / Text Messaging Program

If you opt in, evoFaceFlow sends transactional SMS text messages — account notifications, security and login alerts, and one-time passcodes (OTP) — to the U.S. mobile number you provide. This is not a marketing program; we do not send promotional texts.

Opt-in / consent. You consent to receive these messages by submitting your mobile number and checking the consent box on our SMS sign-up page at evofaceflow.com/sms.html (or by providing your number and agreeing within the app). Consent is not a condition of any purchase.
Message frequency. Message frequency varies based on your account activity.
Cost. Message and data rates may apply, depending on your mobile carrier and plan.
Opt-out. You can cancel at any time by replying STOP to any message. We will send one confirmation message and then stop sending SMS to that number. For help, reply HELP or contact support@evofaceflow.com.
No sharing of mobile information. We do not sell, rent, or share your mobile phone number or your SMS consent / opt-in information with any third parties or affiliates for their own marketing or promotional purposes. Mobile opt-in data is used solely to deliver the messages described above; it is shared only with the messaging carriers and aggregators strictly necessary to transmit those messages to you.
Data we store for this program. The mobile number you provide, your consent and its timestamp, and message-delivery metadata. You can request deletion of your number by replying STOP or contacting privacy@evofaceflow.com.
Carrier disclaimer. Mobile carriers are not liable for delayed or undelivered messages.

17. Contact

For privacy questions, requests to exercise your rights, or to report a concern, contact us at:

evoFaceFlow (a sole proprietorship of Bruhn Freeman)
2767 Route 44/55
Gardiner, NY 12525, United States
Privacy inquiries: privacy@evofaceflow.com
General support: support@evofaceflow.com

If you are in the European Economic Area or the United Kingdom and we have not satisfactorily resolved your concern, you may lodge a complaint with your local data-protection supervisory authority.

← Back to home