Privacy Policy

Last updated: 8 May 2026

This Privacy Policy explains how Atlas Commerce (“we”, “us”, “Amaaya”) collects, uses and protects information when you use the Amaaya app or website (the “Service”). By using the Service you agree to the practices described here.

1. Who we are

Amaaya is an AI-powered personal styling app operated by Atlas Commerce, a sole-proprietorship based in India. For any privacy question or request, contact us at [email protected].

2. Information we collect

2.1 Information you provide

• Account information — when you sign in with Google we receive your Google account ID, email address, name and profile picture URL. Phone number is optional.
• Style profile — body shape, height, skin tone, size, fit preferences, free-form profile narrative, items you save to styleboards, garments you add to your wardrobe.
• Photos — if you upload a photo for body classification, we process it to estimate body shape and store the derived attributes; the original image is retained only as long as necessary for that processing.
• Pinterest content — if you connect Pinterest, we read board metadata and pin images you choose to share, used solely to personalise recommendations. You can disconnect at any time.
• Conversations — messages you send to the in-app stylist (StyleChat) and the resulting recommendations.

2.2 Information collected automatically

• Search queries, click events, items viewed, scroll depth and other usage signals tied to an anonymous session identifier.
• Device type, operating system, app version, IP address (for abuse prevention and approximate region), and crash diagnostics.

3. How we use information

• Authenticate you and keep your session secure.
• Personalise outfit, look and product recommendations.
• Generate AI-written style commentary, edits and explanations.
• Improve the underlying models using aggregated, de-identified signals.
• Detect abuse, fraud, scraping and other policy violations.
• Communicate service-related updates (we do not send marketing email).

4. Sharing with third parties

We do not sell or rent personal data. We share limited data with the following processors strictly to operate the Service:

• Google — identity verification (Sign in with Google) and Gemini language models for style understanding. Data sent to Gemini is restricted to the prompt context required for the feature; Google does not use it to train its public models.
• Hetzner Online GmbH — hosting (servers in Germany).
• Cloudflare — edge proxy, TLS and DDoS protection.
• Pinterest — only when you choose to connect a Pinterest account, governed by Pinterest’s own policies.

We may disclose information when required by law or to protect the rights, property or safety of users or the public.

5. Where data is stored

Account and usage data are stored on servers in Germany (EU). If you are located outside the EU your data may be transferred and processed there.

6. How long we keep it

• Account, profile and saved-content data: kept while your account is active.
• Anonymous usage logs (no account identifier): up to 24 months for analytics and model improvement.
• On account deletion: removed within 30 days, except where retention is legally required.

7. Your rights

You can:

• Access & export — request a copy of the personal data we hold about you.
• Correct — update profile fields directly in the app, or email us.
• Delete — permanently delete your account and associated data via the in-app option or our data-deletion page.
• Withdraw consent — disconnect Pinterest, sign out of Google, or delete your account at any time.

To exercise any of these rights, write to [email protected]. We respond within 30 days.

8. Children

The Service is intended for users aged 18 and over. We do not knowingly collect personal information from anyone under 18. If you believe a child has provided us with personal information, contact us and we will delete it.

9. Security

We use TLS in transit, hashed and salted credentials where applicable, short-lived JWT access tokens, server-side revocable refresh tokens, and least-privilege access on our infrastructure. No system is perfectly secure, however, and we cannot guarantee absolute security.

10. Cookies and similar technologies

The web app uses only essential storage (authentication tokens and preferences). We do not use third-party advertising cookies or cross-site tracking.

11. Changes to this policy

If we make material changes we will update the “Last updated” date and, where appropriate, notify you in the app. Continued use of the Service after a change constitutes acceptance of the revised policy.

12. Governing law

This policy is governed by the laws of India. Disputes are subject to the exclusive jurisdiction of the courts at Bengaluru, India.

13. Contact

Atlas Commerce
Email: [email protected]
Website: https://amaaya.ai