Back to home

Privacy Policy

Last updated July 09, 2026

This Privacy Policy explains how Blaufluss AI Ltda. ("Blaufluss", "we", "us") processes your personal data when you use the Fitcheck AI app and the website fitcheckai.blaufluss.ai (together, the "Services"). It is written to meet the transparency requirements of the EU General Data Protection Regulation (GDPR) and the Brazilian Lei Geral de Proteção de Dados (LGPD).

In short: your outfit photos are analyzed by OpenAI on our behalf and stored in your account on servers in Switzerland until you delete them. We never sell your data and use no facial recognition. Payments run through Apple and Google, so we never see your card details. You can access, correct, or delete your data at any time; the fastest way is the app's settings or an email to mark.d.leupold@gmail.com.

Contents

1. Who is responsible

The controller responsible for your personal data is:

Blaufluss AI Ltda.
R. Otto Boehm, 152
Joinville, SC, 89201-700, Brazil
Email: mark.d.leupold@gmail.com

Our representative in the European Union under Art. 27 GDPR, whom you and supervisory authorities can contact in addition to us:

Mark-Daniel Leupold
Am Schwefelbad 9a
38442 Wolfsburg, Germany
Email: mark.d.leupold@gmail.com

2. What data we collect

  • Account data: email address and login credentials, or the identifier provided by a sign-in service you choose (such as Apple or Google). Sign-in is handled by our authentication provider Clerk; we never see or store your password. You can add optional profile details.
  • Outfit photos and results: the photos you submit, the occasion you select, and the AI-generated ratings, feedback, and tips linked to them.
  • Personalization details you provide during onboarding: the answers you choose to give when setting up the app — such as your age range, gender, country, style goals, fashion-experience level, what you feel holds your style back, and how you heard about us — together with your in-app preferences (such as AI feedback mode, theme, and language). We use these only to tailor your feedback and the app experience; providing them is voluntary.
  • Subscription data: your subscription status, product identifiers, and transaction identifiers passed to us by Apple or Google. We never receive your payment card details.
  • Referral data: your referral code, codes you redeem (including partner and influencer codes), the link between referring and referred accounts, and reward status.
  • Usage and diagnostics: app events (such as features used and screens viewed), device type, operating system version, app version, language, and crash reports, collected through our own in-app analytics and the product-analytics service PostHog.
  • Device permissions: with your permission, the app accesses your camera or photo library to let you submit photos, and may send push notifications. You can change both at any time in your device settings.
  • Security data (app): when the app communicates with our servers, we temporarily process your device's IP address to enforce rate limits and to detect and prevent abuse. Rate-limiting records are deleted automatically within a few hours, and our security logs store IP addresses only in truncated (shortened) form.
  • Website data: if you consent, Google Analytics cookies on fitcheckai.blaufluss.ai (see section 10); basic server logs (IP address, request time) for security.
  • Correspondence: what you send us when you contact support.

3. Why we process it and on what legal basis

  • Providing the Services (analyzing your photos, storing your history, managing your account, activating subscriptions, granting referral rewards): performance of a contract, Art. 6(1)(b) GDPR.
  • Security and abuse prevention (protecting accounts, rate limiting requests to our servers, preventing referral fraud, repeated free-trial abuse, fake accounts, and misuse): our legitimate interests, Art. 6(1)(f) GDPR.
  • Personalizing the Services (tailoring feedback and the app experience to the onboarding details and preferences you choose to provide): performance of a contract, Art. 6(1)(b) GDPR.
  • Product analytics and crash reporting (understanding which features are used and fixing errors): our legitimate interest in improving a stable product, Art. 6(1)(f) GDPR; where the law requires consent for such tools, we rely on your consent, Art. 6(1)(a) GDPR.
  • Push notifications and website analytics: your consent, Art. 6(1)(a) GDPR, which you can withdraw at any time.
  • Legal obligations (such as tax and accounting records): Art. 6(1)(c) GDPR.

We do not intentionally process special categories of personal data (such as health, religion, or ethnicity), and we do not analyze your photos to infer such characteristics. We do not sell personal data, and we do not use your data for third-party advertising.

4. Photos and AI processing

When you submit a photo for analysis, it is uploaded to our storage (hosted by Supabase in Switzerland) and passed to our AI provider, OpenAI, through its API to generate your rating, feedback, and styling tips. Your photos and results are then stored in your account so you can revisit them, and remain stored until you delete the photo or your account.

OpenAI acts as a processor under our instructions: it may use your photos only to provide the analysis, and, consistent with its API terms and our instructions, your photos are not used to train its models.

No biometric identification. Fitcheck AI evaluates clothing, styling, and color coordination. We do not use facial recognition, and we do not collect, generate, or store biometric identifiers or biometric information (such as faceprints or scans of face or body geometry) within the meaning of biometric privacy laws such as the Illinois Biometric Information Privacy Act. Photos are never used to identify you or anyone else.

The ratings and tips are automated, but they have no legal or similarly significant effect on you within the meaning of Art. 22 GDPR; they are style suggestions you are free to ignore.

5. Who we share data with

We share personal data only with service providers who process it on our behalf under data processing agreements, and only to the extent needed:

  • Supabase (database and storage for your account, photos, and results, hosted in Switzerland);
  • Clerk (sign-in and account authentication);
  • OpenAI (photo analysis through its API, as described in section 4);
  • RevenueCat (subscription and entitlement management; receives transaction identifiers from Apple and Google, never your card details);
  • PostHog and our own analytics (usage and diagnostics data);
  • Expo (app build, update, and push notification infrastructure);
  • Google Analytics (website only, and only with your consent, see section 10);
  • Apple and Google (app distribution and billing, acting under their own terms);
  • authorities, where we are legally required to disclose data.

If Blaufluss is involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction; this policy would continue to apply to it.

6. International transfers

Your account data, photos, and results are stored in Switzerland, a country the European Commission recognizes as providing an adequate level of data protection. We are based in Brazil, and some of our providers (such as OpenAI, Clerk, RevenueCat, and PostHog) process data in the United States or other countries.

Where personal data of EU/EEA or Swiss users is transferred to countries without an adequacy decision, we rely on appropriate safeguards: the EU-U.S. Data Privacy Framework where the provider is certified, and the European Commission's Standard Contractual Clauses otherwise, alongside technical measures such as encryption in transit.

7. How long we keep data

  • Photos and results: until you delete them or your account. When you delete a rating (or a rating fails), the photo is removed from our storage within about one day; when you delete your account, all your photos are removed the same way. An anonymized record that a rating took place (a timestamp and score, with no photo and no link to you) may be kept for statistics.
  • Activity history: to power streaks and your progress view, we keep a simple ledger of how many ratings you completed on each day. Deleting an individual rating removes the photo and its result but does not reduce this ledger, so it may still show that you rated an outfit on a given day. The ledger contains no photos, results, or scores, and it is deleted together with your account.
  • Account data: for the life of your account; after you delete your account we delete or anonymize your personal data within 30 days, except where the law requires longer retention or as otherwise stated in this section.
  • Transaction records: as long as tax and accounting laws require.
  • Subscription events: the subscription event notifications we receive from RevenueCat (containing transaction and product identifiers, never payment card details) are kept for up to 90 days for troubleshooting and fraud prevention. In addition, to keep free trials and introductory offers from being claimed repeatedly through deleted and re-created accounts, we retain a record of the subscriptions and free trials used (limited to transaction, product, and subscriber identifiers) after you delete your account, for as long as needed for this purpose. Independent records of your purchases are also retained by RevenueCat, Apple, and Google under their own terms.
  • Usage and crash data: kept only as long as needed for analysis and then deleted or aggregated.
  • Referral records: as long as needed to grant rewards and prevent abuse of the referral program. To keep referral rewards from being claimed repeatedly through deleted and re-created accounts, a record that a referral code was redeemed may be kept after you delete your account, in a form no longer linked to you (the link to your deleted account is removed).
  • Security data: rate-limiting records are deleted automatically within a few hours; security logs, which contain IP addresses only in truncated form, are kept only as long as needed to investigate and prevent abuse.

8. How we protect data

We use technical and organizational measures appropriate to the risk, including encryption in transit, hashed passwords, access controls, and the principle of least privilege for our service providers. No transmission or storage system is 100% secure; if a breach affecting your rights occurs, we will notify you and the competent authority as required by law.

9. Your rights

Under the GDPR (and the LGPD, which grants similar rights), you can:

  • access the personal data we hold about you and receive a copy;
  • correct inaccurate data;
  • have your data deleted ("right to be forgotten");
  • restrict or object to processing based on legitimate interests;
  • receive your data in a portable format;
  • withdraw consent at any time, without affecting processing before the withdrawal;
  • lodge a complaint with a data protection authority, for example the supervisory authority of your EU country of residence or the Brazilian ANPD.

To exercise any of these rights, email us at mark.d.leupold@gmail.com. You can also delete your account and its data directly in the app's settings. We respond to requests within one month as required by the GDPR.

United States residents

If you live in California or another US state with a comprehensive privacy law, you have similar rights: to know and access the personal information we collect, to correct or delete it, to opt out of the sale or sharing of personal information, and not to be discriminated against for exercising your rights. We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We do not use or disclose sensitive personal information for purposes that would require a right to limit under California law. You can exercise these rights, or authorize an agent to do so for you, by emailing mark.d.leupold@gmail.com; we will verify your request and respond within the timeframes required by your state's law.

10. Cookies and website analytics

The fitcheckai.blaufluss.ai website uses Google Analytics to understand how the site is used. It runs only if you allow it in the consent banner; until then, analytics storage is disabled. Your choice is stored on your device, and you can change it at any time via "Cookie settings" in the footer. The website sets no other non-essential cookies. The app itself does not use advertising cookies or cross-app tracking.

Because non-essential cookies stay off unless you opt in, the website behaves the same whether or not your browser sends "Do Not Track" or Global Privacy Control signals.

11. Children

The Services are not directed to children under 13, and we do not knowingly collect personal data from them. Users below the age of digital consent in their country may use the Services only with the consent of a parent or guardian. If you believe a child has provided us personal data without such consent, contact us and we will delete it.

12. Changes to this policy

We will update this policy when our data practices or the law change; the "Last updated" date above shows the current version. For material changes we will notify you in the app or by email before they take effect.

13. Contact

For any privacy question or request:

Blaufluss AI Ltda.
R. Otto Boehm, 152, Joinville, SC, 89201-700, Brazil
European contact address: Am Schwefelbad 9a, 38442 Wolfsburg, Germany
Email: mark.d.leupold@gmail.com