Genvoris
Sign inStart Free
GenvorisDashboard →

Privacy Policy

Last updated: May 1, 2025

1. Who We Are

Genvoris ("we", "us", "our") operates the virtual try-on platform available at genvoris.org. We are the data controller for personal data collected through this platform. Contact us at privacy@genvoris.org.

2. Data We Collect

We collect the following categories of personal data:

  • Account data: name, email address, and password (managed by Clerk).
  • Billing data: payment method details and transaction history (processed and stored by Paddle as Merchant of Record — we never store raw card data).
  • Usage data: number of try-ons performed, API key usage, domain names registered with us, and timestamps.
  • Technical data: IP address, browser type, and server logs for security and debugging.
  • Customer photos: photos uploaded for virtual try-on are processed entirely in memory and are never persisted to disk or any database.

3. How We Use Your Data

  • To provide, maintain, and improve the virtual try-on service.
  • To manage your account, billing, and credit balance.
  • To send transactional emails (receipts, low-credit warnings, refund confirmations).
  • To detect and prevent fraud, abuse, and security incidents.
  • To comply with legal obligations.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal Basis (GDPR)

  • Contract performance — processing necessary to deliver the service you signed up for.
  • Legitimate interests — security, fraud prevention, and service improvement.
  • Legal obligation — compliance with applicable laws.
  • Consent — where explicitly obtained (e.g., marketing communications).

5. Data Retention

We retain account and billing data for as long as your account is active plus 7 years for tax and legal compliance. Server logs are retained for 90 days. Customer photos are discarded immediately after the try-on response is returned.

6. Third-Party Services

  • Clerk — authentication and user management.
  • Paddle — payment processing (Merchant of Record).
  • Resend — transactional email delivery.
  • Supabase / PostgreSQL — database hosting.
  • Google Cloud (Vertex AI) — AI model inference for virtual try-on.

Each third party operates under its own privacy policy and appropriate data processing agreements.

7. Your Rights

Under GDPR and similar laws you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict processing.
  • Data portability.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, email privacy@genvoris.org.

8. Cookies

We use strictly necessary cookies for session management and authentication. See our Cookie Policy for full details.

9. Changes to This Policy

We may update this policy from time to time. We will notify registered users by email of any material changes at least 14 days before they take effect.

10. Contact

Questions about this policy? Email privacy@genvoris.org.