Privacy Policy

Last updated: July 22, 2025

1. Introduction

Welcome to TryOn API ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our virtual try-on API service.

2. Information We Collect

2.1 Personal Information

• Account Information: Email address, name, and GitHub profile information (when using GitHub OAuth)
• Contact Details: Email address for communication and support
• Billing Information: Payment details processed securely through Stripe

2.2 Usage Data

• API Usage: Request logs, API key usage, credit consumption
• Technical Data: IP address, browser type, device information
• Performance Metrics: Processing times, error rates, service availability

2.3 User-Submitted Content

• Images: Person images and garment images uploaded for try-on processing
• Generated Results: AI-generated try-on images

3. How We Use Your Information

We use the collected information for:

• Service Delivery: Processing virtual try-on requests and delivering results
• Account Management: Managing user accounts, API keys, and authentication
• Billing and Payments: Processing payments and managing credit balances
• Communication: Sending service updates, responding to inquiries
• Service Improvement: Analyzing usage patterns to improve performance and features
• Security: Detecting and preventing fraud, abuse, and unauthorized access
• Legal Compliance: Meeting legal obligations and enforcing our terms

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

• Infrastructure: Data stored on Cloudflare's secure global network
• Encryption: All data transmitted using HTTPS/TLS encryption
• Access Control: Strict access controls and authentication mechanisms
• Data Centers: Processing occurs in secure data centers with physical security

5. Data Retention

• Account Data: Retained while your account is active
• Usage Logs: Retained for up to 90 days for performance monitoring
• Uploaded Images: Temporarily stored during processing, deleted within 24 hours
• Generated Results: Stored for 30 days unless earlier deletion requested
• Billing Records: Retained as required by law (typically 7 years)

6. Third-Party Services

We work with trusted third-party services:

• Cloudflare: Infrastructure, storage, and security services
• AI Providers: Kling AI, Google Gemini, OpenAI, Fal AI for image processing
• Stripe: Payment processing and billing
• GitHub: OAuth authentication services

Each third-party service has its own privacy policy governing data use.

7. Your Rights

You have the right to:

• Access: Request copies of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Data Portability: Receive your data in a structured format
• Withdraw Consent: Withdraw consent for data processing
• Object: Object to certain types of data processing

8. Cookies and Tracking

We use minimal cookies for:

• Authentication: Session cookies to maintain login state
• Security: CSRF tokens for request validation
• Demo Sessions: Temporary cookies for demo functionality

We do not use tracking cookies or third-party analytics that compromise privacy.

9. International Data Transfers

Your data may be processed in multiple regions as part of Cloudflare's global network. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable laws.

10. Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy or your personal data, please contact us:

• Email: privacy@tryon-api.com
• Website: https://tryon-api.com

13. Legal Basis for Processing

We process your personal data based on:

• Contract: To provide our services as agreed in our Terms of Service
• Legitimate Interests: To improve our services and ensure security
• Consent: Where explicitly provided for optional features
• Legal Obligations: To comply with applicable laws and regulations