Drip Max, Inc. – Privacy Policy

Last Updated: February 4, 2025

Your privacy is important to us. This Privacy Policy explains what information Drip Max, Inc. ("Drip Max," "we," or "us") collects from users of the Drip Max App ("App"), how we use and share that information, and your rights regarding your data. This Policy is designed to comply with applicable U.S. laws, including the California Consumer Privacy Act (CCPA) and the Children's Online Privacy Protection Act (COPPA).

By using the App, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the App or provide personal information.

1. Information We Collect

We collect several types of information from and about our users in order to provide and improve the Drip Max service:

  • Images and Outfit Photos: When you take or upload a photo of your outfit through the App, we collect that image. This is the core input for the AI rating feature.
  • Account Information: If you create an account via Google, Facebook, or Apple login, we receive certain information from those providers, such as your name, email address, and profile photo (if available). We also store any profile details you add within the App.
  • Usage Data: We may collect information about how you use the App, such as the dates/times you access the service, the features you use, and app performance data. This can include device information (device type, operating system, unique device IDs) and log information (IP address, crash reports).
  • Subscription and Payment Info: If you subscribe to premium features or make purchases, we will collect information about the subscription or purchase. Note: Drip Max itself does not collect or store your full credit card number or payment method details – those are handled securely by the app store (Google Play or Apple) during the transaction. We do receive and keep records of your subscription status, purchase receipts, and transaction history (e.g., which subscription plan you purchased, and when).
  • Communications: If you contact us for support or feedback (via email or in-app support), we may collect your name, email, and the content of your correspondence to assist you and improve our services.

We do not intentionally collect any sensitive personal information such as social security numbers, biometric data, or health information through this App. The information we collect is limited to what is relevant for the App's functioning (outfit images and basic account details).

2. How We Use Your Information

Drip Max uses the collected information for the following purposes:

  • To Provide the Service: We use your outfit photos to generate AI-based ratings and suggestions. Your images are processed through our AI algorithms and third-party AI services (see Section 3) to produce the feedback you see in the App. Your account info allows you to log in and ensures the service is personalized (e.g. storing your past outfits and ratings under your account).
  • To Improve and Develop the App: Internally, we may analyze user images and usage patterns to improve our AI models and features. For example, we might use a collection of uploaded outfit images to train better AI algorithms or to fine-tune our rating system. We may also use aggregated usage data (not linked to your identity) to understand which features are popular or to diagnose technical issues and improve user experience.
  • To Communicate with You: We may send you service-related notifications or announcements. For instance, we might email you to verify your account or to inform you about changes to the App, new features, or updates to the Terms or Privacy Policy. If you contact us, we'll use your information to respond. We will not send you marketing emails unrelated to Drip Max without your consent.
  • To Process Payments: If you are a subscriber or make in-app purchases, we use the purchase information to manage your subscription (e.g., to know when your subscription expires or to restore your purchase on a new device). We might also send purchase receipts or billing reminders through the app store mechanisms.
  • To Ensure Safety and Legal Compliance: We may monitor activities on the App for fraud prevention, security, and to enforce our Terms of Service. If we detect prohibited content (like an image that violates our terms or someone else's rights), we might review and remove it. We also use data as needed to comply with legal obligations, resolve disputes, or respond to lawful requests by authorities.

We will not sell or share your personal information with third parties for their own advertising or marketing purposes. Any sharing of data with third parties is only done to provide or improve the Drip Max service, as described next.

3. Third-Party Services and Data Processors

Drip Max relies on several third-party services and APIs to function. We only share your data with these third parties to the extent necessary to provide and enhance our App's features. The main third-party partners we use are:

  • OpenAI: We use OpenAI's AI API services to help analyze outfit images and generate text-based fashion feedback. When you submit an image, a representation of that image or derived data (and possibly some descriptive text) is sent to OpenAI's servers, which return the outfit rating or suggestion.
  • Anthropic: We may use Anthropic's AI models (e.g., Claude) as part of our feedback generation system (for instance, to generate natural language suggestions on improving your outfit). Similar to OpenAI, your data is sent securely to Anthropic's API and a response is returned.
  • xAI: We may use services or models from xAI (a third-party AI provider) for image processing or future features. For example, xAI's vision algorithms might be used to identify clothing items or styles in your photo. Any data sent to xAI is limited to what's needed for the analysis.
  • Supabase: Supabase is our application backend and database. We use Supabase to store user account information, your uploaded images, and other app data in the cloud. Supabase provides authentication, database, and storage services that enable the App to save and retrieve your information securely. Essentially, whenever you log in or save a photo, that data is stored in our Supabase database.

These third-party processors are bound by contracts to only use your data to provide services to us – they are not allowed to use your information for their own purposes. We share the minimal data necessary with them. For example, we send your photo to the AI model to get a rating; we store your data in Supabase to retrieve it for you; etc. All communications with these providers are encrypted (see Security section below).

Importantly, our AI providers (OpenAI, Anthropic, xAI) have policies in place to protect privacy. By default, OpenAI and Anthropic do not use data submitted via their API to train or improve their models. This means the content of your photos or the AI's output is not retained by them for any purpose other than providing us the service (unless explicitly stated otherwise). We do not knowingly allow our AI partners to store or use your images beyond the immediate analysis needed to generate your outfit feedback.

Aside from the above, Drip Max may also use standard third-party tools for analytics (e.g., Firebase Analytics or similar) to gather anonymous statistics about app usage, or crash reporting services to log errors. These would collect information like device type, usage frequency, or error logs, but not your photos or personal outfit data.

Third-Party Login Providers: If you choose to log in via Google, Facebook, or Apple, those platforms may collect information about your login on their side (subject to their privacy policies). We receive information from them (like your name/email as noted) to create your Drip Max account. We do not provide those login providers any data about your outfit photos or App usage, except the fact that you are using Drip Max with their authentication.

4. Data Retention

How long do we keep your data? We retain your personal data for as long as needed to fulfill the purposes for which it was collected, or as required by law or legitimate business purposes.

  • Outfit Images: Images you upload are stored indefinitely on our servers by default. This allows you to access past outfits and enables us to improve our service over time. We will keep these photos until you actively request deletion (or until your account is deleted and any retention period lapses).
  • Account Information: Your account data (name, email, etc.) is kept as long as your account exists. If you delete your account or request deletion, we will remove your personal details from active databases. Backup copies might persist for a limited time (typically up to 30 days) before they are overwritten.
  • Subscription/Purchase Records: We may retain purchase and subscription records as long as needed for accounting and compliance (for example, we might keep a record of transactions for a certain number of years as required by tax laws). However, this data will be minimized and kept secure.
  • Usage Data: Analytics data may be retained and aggregated to help us understand trends over time. Such data generally does not identify you personally and may be kept indefinitely for statistical purposes.
  • Communications: If you contacted support, we may retain that correspondence for a period (to refer back to it if you contact us again). Typically, support emails are kept for a few years at most, unless needed longer for legal reasons.
  • Deletion Upon Request: If you request that we delete your data (see "Your Rights" below), we will do so. When you request deletion of your account or specific content, we will remove or anonymize your personal data from our active systems. Some information might remain in routine backups or logs for a short period, but we will permanently erase or anonymize those as well within 30 days of the deletion request (barring any legal requirement to retain the data). In short, if you ask us to delete your outfit photos or your entire account, we will remove that data from our servers and cease using it in any way within 30 days of confirmation of your request.

5. Your Rights and Choices

You have certain rights regarding your personal information. We strive to provide you with access to and control over your data:

  • Access and Portability: You have the right to request a copy of the personal data we hold about you. We can provide you with a summary of your account information and potentially the outfit data linked to your account (e.g., a list of your uploaded photos or ratings), subject to identity verification.
  • Correction: If any of your information is inaccurate or incomplete, you have the right to ask us to correct it. For example, if your name or email in our records is wrong, let us know and we will update it.
  • Deletion: You have the right to request deletion of your personal information. This is sometimes called the "Right to Erasure" or "Right to be Forgotten." California residents, for instance, have the right to request deletion of personal info collected about them. You may request that we delete your account and/or remove specific images you have uploaded. Upon a verified deletion request, we will remove your data from our systems (as described in Data Retention above). To initiate deletion, you can use any available in-app deletion feature or contact us at privacy@dripmax.app.
  • California Privacy Rights (CCPA): If you are a California resident, you have additional rights under the CCPA:
    • The right to know what personal information we collect, how we use it, and with whom we share or disclose it. (This Privacy Policy is intended to provide those details.)
    • The right to request deletion of your personal information we have collected (subject to certain exceptions).
    • The right to opt-out of the sale of personal information. However, as noted, Drip Max does not and will not "sell" personal information of users (as defined under CCPA).
    • The right not to receive discriminatory treatment for exercising your privacy rights. We will not deny you our services or provide a lesser experience because you exercised any of these rights.
    California residents can exercise their rights by contacting us (see Contact section). We may need to verify your identity (to a reasonable degree of certainty) when you make such requests. If you use an authorized agent to submit a request, we will require proof of the agent's authorization and your identity.
  • Opt-Out of Communications: You can opt out of non-essential communications. For example, if we ever send marketing emails or newsletters (currently we do not without consent), you can unsubscribe via the link in those emails. Service-related communications (like account verification or legal notices) may be necessary for us to send, and you might not be able to opt out of those except by deleting your account.
  • COPPA – Parental Rights: If you are a parent or guardian of a user under 13 and have provided consent for them to use Drip Max, you have the right to review the personal information we have collected from your child, request deletion of your child's information, and revoke consent at any time. (See "Children's Privacy" below for more.)

To exercise any of your rights or make any requests regarding your data, please contact us at privacy@dripmax.app. We will respond to your request as soon as possible, and in any event within the timeframe required by law (for example, CCPA requires us to respond to verified requests within 45 days in most cases). Deletion requests will be handled within 30 days whenever feasible. If we need an extension or cannot comply with a request due to a legal exception, we will inform you and explain the reason.

6. Security Measures

Drip Max takes reasonable and appropriate security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: All communications between the App and our servers (and with third-party AI services) are encrypted using HTTPS/TLS. This means when your photos and data are uploaded or downloaded, they are protected in transit. We also encrypt sensitive data at rest on our servers whenever feasible.
  • Access Controls: Our databases and storage (e.g., Supabase) are secured and accessible only by authorized personnel or processes. We restrict access to personal data only to employees and contractors who need it to operate or improve the service, and they are bound by confidentiality obligations.
  • Security Practices: We maintain industry-standard practices such as regularly updating our software, monitoring for vulnerabilities, and using firewalls and authentication protections. We may also run periodic security audits or employ third-party security services to test and enhance our protections.
  • Payment Security: Although we do not process payments directly, we rely on Apple and Google's secure payment systems for in-app purchases. Any payment information you provide is handled by those platforms and protected by their security measures.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security of your data. For example, despite our efforts, no one can completely guard against sophisticated cyber attacks or unforeseen bugs. You should also take steps to secure your account, such as using a strong unique password for your login (if applicable) and protecting access to your mobile device.

If we ever experience a data breach that affects your personal information, we will notify you and the appropriate authorities as required by law.

7. Children's Privacy (COPPA Compliance)

We are committed to protecting the privacy of children. The App's content is rated 4+ (suitable for general audiences) and is not specifically directed to children under 13. However, children under 13 may only use the App with parental consent and supervision.

No Knowing Collection from Children Under 13: In accordance with the U.S. Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under the age of 13 without verifiable parental consent. This means:

  • If you are under 13, please do not create an account or submit any photos or personal details in the App without your parent or guardian's permission.
  • If we become aware that we have unknowingly collected personal information from a child under 13 without proper consent, we will delete that information as soon as possible.

Parental Consent: For a child under 13 to use Drip Max, a parent or legal guardian should assist with the account creation (for example, using the parent's login or a family-sharing account) and agree to this Privacy Policy and our Terms on the child's behalf. Parents should supervise the child's use of the App. We do not require a child to provide more information than is reasonably necessary to use the App – typically just a login credential and the photos for analysis.

Parental Rights: If you are a parent or guardian and believe your child under 13 has used the App without your consent, or if you granted consent and want to revoke it, please contact us at privacy@dripmax.app. You can request to review the information we have collected about your child, have it deleted, and refuse further collection or use of your child's information. We will take steps to verify your identity as the parent/guardian before fulfilling such requests.

Users aged 13 to 17: If you are between 13 and 17, we assume you are using the App with the consent of your parent or guardian. We encourage parents of teenagers to discuss online privacy and monitor app usage as appropriate.

8. Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this Policy. If changes are significant, we will provide a more prominent notice (such as an in-app alert or email notification).

Notice and Consent for Changes: If we plan to use your personal information in a manner materially different from what is stated in our Policy at the time of collection, we will notify you and, if required by law, obtain your consent for the new uses. Minor changes that do not substantially affect your rights will be posted with the updated Policy online. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Your continued use of the App after any changes to this Policy signifies your acceptance of the updated terms, to the extent permitted by law. If you do not agree with the changes, you should stop using the App and may request deletion of your data.

9. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: privacy@dripmax.app

We will do our best to address and resolve any privacy-related issues you may have. Your privacy and trust are important to Drip Max, and we are committed to safeguarding your personal information. Thank you for using Drip Max!

Back to Home