Privacy Policy

Last updated: March 13, 2026

Draped ("we," "us," or "our") operates the Draped mobile application (the "App"). This Privacy Policy explains how we collect, use, and protect your information when you use our App.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Your name and email address (provided via Apple Sign-In or Google Sign-In)
  • Profile image URL (from your sign-in provider)

Personalization Data

During onboarding, we ask for:

  • Gender (male, female, or other)
  • Age (you must be at least 13 years old to use Draped)

We use this information solely to provide you with relevant clothing recommendations.

Payment Information

If you subscribe to Draped, payments are processed by Stripe. We store a Stripe customer identifier linked to your account but do not store your credit card number, bank account details, or other financial information directly. Please refer to Stripe's Privacy Policy for how they handle your payment data.

Session & Technical Data

When you use the App, we automatically collect:

  • IP address
  • Device user agent string
  • Session tokens and expiration times

This data is used to maintain your login session and protect your account.

2. Information We Do Not Collect

  • We do not collect your location
  • We do not access your camera or photos
  • We do not use analytics or advertising trackers
  • We do not collect device identifiers beyond user agent

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account
  • Authenticate you securely via Apple or Google
  • Personalize outfit recommendations based on your age and gender
  • Process subscription payments
  • Maintain session security

4. How We Store & Protect Your Information

  • Authentication tokens are stored on your device using encrypted secure storage
  • Account data is stored in a secured PostgreSQL database
  • Sessions are managed server-side with expiration controls
  • We use HTTPS for all data transmission

5. Third-Party Services

We use the following third-party services that may process your data:

  • Apple Sign-In — Authentication
  • Google OAuth — Authentication
  • Stripe — Payment processing

Each third-party service is governed by its own privacy policy. We encourage you to review them.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data from our systems, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention).

7. Children's Privacy

Draped requires users to be at least 13 years old. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will promptly delete it.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion of your data
  • Object to or restrict processing of your data
  • Request a copy of your data in a portable format

To exercise any of these rights, contact us at the email below.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at info@drapedai.app.