Privacy Policy

Last Updated: December 3, 2025

Voventech ("Company," "we," "us," or "our") operates the Endam mobile application (the "App" or "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

1. Information We Collect

We collect information in several ways when you use our Service. The types of information we may collect include:

1.1 Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personal Data may include, but is not limited to:

• Email Address: Collected when you create an account or sign in using Apple or Google authentication.
• Display Name: Your name as provided through your authentication provider.
• Profile Photo: Your profile picture from your authentication provider (Apple or Google).
• Device Identifiers: Unique identifiers associated with your mobile device.

1.2 Usage Data

We automatically collect certain information when you access and use the Service ("Usage Data"). This Usage Data may include:

• Device Information: The type of mobile device you use, your mobile device's unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, and unique device identifiers.
• Diagnostic Data: Information about app performance, crash reports, and other diagnostic data.
• Usage Patterns: Information about how you interact with the Service, including features used, time spent on the app, and navigation patterns.
• Analysis History: Records of outfit analyses you have requested, including scores, feedback, and context selections.

1.3 Image Data

Our Service allows you to upload images of your outfits for AI-powered analysis. Regarding image data:

• Image Processing: Images are uploaded to our secure servers and processed by our AI algorithms (powered by Amazon Bedrock) to provide you with style feedback, scores, and improvement suggestions.
• Temporary Storage: Images are stored temporarily to provide the Service and generate analysis results.
• Premium Users: For premium subscribers, images may be stored for a shorter duration and are not used for any purpose other than providing the immediate analysis.
• No Third-Party Sharing: We do not share, sell, or distribute your images to third parties for marketing or advertising purposes.
• Content Moderation: Images are automatically screened to ensure they comply with our content guidelines. Images that violate our policies may be rejected.

1.4 Authentication Data

When you sign in using Apple or Google authentication:

• We receive basic profile information from your authentication provider.
• We do not have access to your authentication provider passwords.
• Authentication tokens are securely stored on your device using encrypted storage.

2. How We Use Your Information

Voventech uses the collected data for various purposes:

2.1 Service Provision and Improvement

• To provide, operate, and maintain our Service
• To process and analyze your outfit images using AI technology
• To provide personalized style feedback, scores, and improvement suggestions
• To save your analysis history (for authenticated users)
• To improve, personalize, and expand our Service
• To understand and analyze how you use our Service
• To develop new products, services, features, and functionality

2.2 Communication

• To notify you about changes to our Service
• To send you technical notices, updates, security alerts, and support messages
• To respond to your comments, questions, and customer service requests
• To provide you with news, special offers, and general information about other goods, services, and events (only with your consent)

2.3 Analytics and Research

• To monitor the usage of the Service
• To detect, prevent, and address technical issues
• To gather analysis or valuable information so that we can improve the Service
• To conduct research and analysis to improve our AI algorithms

2.4 Legal and Security

• To comply with legal obligations
• To protect and defend our rights and property
• To prevent or investigate possible wrongdoing in connection with the Service
• To protect the personal safety of users of the Service or the public

3. Data Retention

We retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy:

• Account Data: Retained for as long as your account is active or as needed to provide you services.
• Image Data: Temporarily stored for processing and then deleted. Premium users benefit from shorter retention periods.
• Analysis History: Retained for authenticated users to allow access to past analyses. You may request deletion at any time.
• Usage Data: Retained for analytics purposes in an anonymized or aggregated form.

When you request account deletion, we will delete or anonymize your Personal Data within 30 days, except where we are required to retain certain information for legal or legitimate business purposes.

4. Data Transfer

Your information, including Personal Data, is stored and processed on servers located in the European Union (EU) regions of Amazon Web Services (AWS). We have chosen EU-based data centers to ensure compliance with European data protection standards.

If you are located outside the European Union, please note that your data will be transferred to and processed in the EU. The European Union maintains strong data protection laws, including the General Data Protection Regulation (GDPR), which provides robust safeguards for your Personal Data.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. By storing data in EU regions, we benefit from the comprehensive data protection framework established by European regulations.

5. Data Security

The security of your data is important to us. We implement appropriate technical and organizational security measures to protect your Personal Data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption: Data is encrypted in transit using TLS/SSL protocols.
• Secure Storage: Data at rest is encrypted using industry-standard encryption.
• Access Controls: Access to Personal Data is restricted to authorized personnel only.
• Regular Audits: We conduct regular security assessments and audits.
• Secure Authentication: We use secure token-based authentication for API access.

However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

6. Third-Party Service Providers

We may employ third-party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services, or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

6.1 Cloud Infrastructure

• Amazon Web Services (AWS): We use AWS for backend infrastructure, data storage, and AI processing through Amazon Bedrock. All data is stored in EU regions of AWS, ensuring compliance with European data protection standards. AWS maintains industry-leading security certifications including ISO 27001, SOC 2, and GDPR compliance.

6.2 Payment and Subscription Services

• RevenueCat: We use RevenueCat to manage subscriptions and in-app purchases. RevenueCat processes subscription data to enable premium features. For more information, see RevenueCat's Privacy Policy.

6.3 Authentication Services

• Apple Sign-In: When you authenticate using Apple, Apple's privacy practices apply to the data they collect. See Apple's Privacy Policy.
• Google Sign-In: When you authenticate using Google, Google's privacy practices apply. See Google's Privacy Policy.

6.4 Advertising

• Google AdMob: For non-premium users, we display advertisements through Google AdMob. AdMob may collect and use data for personalized advertising. You can opt out of personalized ads in your device settings. See Google's Advertising Privacy Policy.

6.5 Analytics

We may use third-party analytics services to help us understand how users interact with our Service. These services may collect information about your use of the Service.

7. Your Data Protection Rights

Depending on your location, you may have certain rights regarding your Personal Data:

7.1 Access and Portability

You have the right to request copies of your Personal Data. We may charge a small fee for this service in certain circumstances.

7.2 Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

7.3 Erasure

You have the right to request that we erase your Personal Data, under certain conditions. You can request account deletion through the app settings or by contacting us.

7.4 Restriction of Processing

You have the right to request that we restrict the processing of your Personal Data, under certain conditions.

7.5 Object to Processing

You have the right to object to our processing of your Personal Data, under certain conditions.

7.6 Withdraw Consent

Where we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at support@voventech.com. We will respond to your request within 30 days.

8. Children's Privacy

Our Service is not intended for use by children under the age of 13 ("Children"). We do not knowingly collect personally identifiable information from Children.

If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.

9. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights regarding your Personal Data under the California Consumer Privacy Act (CCPA):

• Right to Know: You have the right to request information about the categories and specific pieces of Personal Data we have collected about you.
• Right to Delete: You have the right to request deletion of your Personal Data.
• Right to Opt-Out: You have the right to opt out of the sale of your Personal Data. Note: We do not sell Personal Data.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your California privacy rights, please contact us at support@voventech.com.

10. European Privacy Rights (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR):

• The right to access, update, or delete your Personal Data
• The right of rectification
• The right to object to processing
• The right of restriction
• The right to data portability
• The right to withdraw consent

The legal basis for processing your Personal Data includes:

• Consent: Where you have given us consent to process your data
• Contract: Where processing is necessary for the performance of a contract with you
• Legitimate Interests: Where processing is necessary for our legitimate interests

For GDPR-related inquiries, please contact us at support@voventech.com.

11. Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

For material changes, we will provide notice through the Service or by other means, such as email.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: support@voventech.com
• Company: Voventech
• Website: https://voventech.com

This Privacy Policy is effective as of December 3, 2025.