FITCHECK
← Home

Privacy Policy

Last updated: 2026-06-02

FitCheck is operated by Axion AI, an individual (sole proprietor) based in Québec, Canada. This policy explains what personal information we handle, why, who helps us process it, and the rights you have. We aim to align with Canada's PIPEDA and Québec's Law 25, and, for users in the United States, with the CCPA/CPRA (California).

1. Information we collect

  • Email — for authentication and account-related messages.
  • First / last name — optional, if you provide it.
  • Outfit photos — the images you upload to get a rating.
  • Scores & history — your ratings and their dates, for progress tracking.
  • Style profile — gender, body shape, styles and brands you choose to enter (optional).
  • Payment data — handled directly by our payment processor; we do not see or store your full card details.
  • Technical data — basic data needed to run and secure the Service, plus product analytics only if enabled.

2. Why we use it (purposes)

  • Provide the Service — analyze your outfit, return a score, store your history.
  • Manage your account, subscription and billing.
  • Keep the Service secure and improve it.
  • Send you service-related (transactional) emails.
  • Send marketing emails only if you opt in (see "Marketing" below).

3. How your photos are processed

When you request a rating, your photo is sent to the Google Gemini API for AI analysis. Your photos are private by default: they are stored in your account and visible only to you, enforced by row-level security (RLS). A result card is shared only if you choose to share it. We do not sell your photos and do not use them for advertising.

4. Service providers (processors)

To run FitCheck, we rely on a small number of trusted providers:

  • Supabase — authentication, database, and photo storage.
  • Stripe — payment processing and subscription management.
  • Google Gemini — AI analysis of outfit images.
  • Resend — sending transactional emails.
  • Vercel — hosting of the web application.
  • PostHog — product analytics (only active if configured; otherwise no analytics cookie or request is sent).

5. International processing

Some providers may process data outside Québec/Canada, including in the United States. Where information is transferred, we rely on the providers' contractual and technical safeguards. If you are in the EU/UK, your data may be transferred internationally under appropriate safeguards.

6. Retention

  • Account & profile — kept while your account is active; deleted on request or after prolonged inactivity.
  • Photos, scores & history — kept while your account is active so you can see your progress; removed when you delete them or your account.
  • Billing records — kept as long as required by applicable tax and accounting law.

7. Your rights

Depending on where you live, you can access, correct, and request deletion of your personal information, and ask about how it is processed. These rights are provided under PIPEDA and Law 25 (Québec) in Canada, and under the CCPA/CPRA in California (including the right not to be discriminated against for exercising them). We do not sell your personal information. To exercise any right, email support@axion-ai.fr. You may also contact your local privacy regulator (for example, the Commission d'accès à l'information du Québec).

If you reside in the EU/UK, you may also have GDPR/UK GDPR rights (access, rectification, erasure, portability, objection, restriction); contact us at the same address to exercise them.

8. Cookies & analytics

We use cookies strictly necessary to run the Service (session, authentication). Product analytics (PostHog) is only enabled if configured; when disabled, no analytics cookie is set and no analytics request is made. We do not use third-party advertising cookies.

9. Marketing communications

We only send marketing emails if you opt in, and you can unsubscribe at any time via the link in each email. This is consistent with Canada's anti-spam law (CASL) and the U.S. CAN-SPAM Act. Service-related (transactional) emails are not marketing and may still be sent.

10. Children

The Service is not intended for anyone under 16. We do not knowingly collect data from children under 16.

11. Contact

For privacy questions or to exercise your rights: support@axion-ai.fr (general: contact@axion-ai.fr). A postal address is available on request.

* Template only. This page is a model and must be reviewed by a qualified privacy professional before any commercial launch. Placeholders to complete: operator name, "last updated" date, and the contact email you keep.