Privacy Policy

1. Introduction

Savaitr Corporation ("we," "us," or "our") operates SareeXchange (the "Platform"). This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our Platform at sareeexchange.store.

2. Information We Collect

2.1 Account Information

• Name and email address
• Phone number (if using phone sign-in or SMS notifications)
• Password (securely hashed — we never store or see your password in plain text)

2.2 Profile & Shipping Information

• Shipping address (street, city, state, zip code, country)
• Communication preferences (email or SMS)
• Marketing consent status and date

2.3 Listing & Transaction Data

• Saree photographs and descriptions you upload
• Pricing information (sale and rental prices)
• Transaction records (purchase/rental history, amounts, dates)
• Shipment and return status tracking

2.4 Payment Information

• We do not store credit card numbers, bank account numbers, or full payment credentials
• Payment processing is handled entirely by Stripe (PCI DSS Level 1 compliant)
• We store only Stripe customer IDs and subscription IDs for reference
• Bank account linking is handled by Plaid — we receive only tokenized references

2.5 AI-Processed Data

• Saree images are analyzed by AI for color, material, and content verification
• Chat conversations with VaBhu (our AI Style Agent) are processed to provide recommendations
• Search queries are used to generate relevant results
• AI processing is performed by Google Gemini and Google Vertex AI — data is not retained by Google after processing

2.6 Virtual Try-On & My Gallery

When you use our AI virtual try-on feature, we handle the following content:

• Your uploaded selfie (input): Used to generate the try-on result. By default, it is not saved. It is saved only if you explicitly consent via the "Save Photo" prompt. You can delete your saved selfie anytime from Profile settings.
• AI-generated try-on images (output): Saved to your personal My Gallery for 7 days. You can delete any item anytime.
• AI-generated try-on videos: Created only when you explicitly tap "Generate Video." Stored in your My Gallery for 7 days.
• Watermarking: Shared/downloaded images include a "© SareeXchange" watermark.
• Privacy: Try-on content in your gallery is accessible only to you. Never shared with sellers, other users, or third parties unless you explicitly tap Share or Download.
• Automatic expiry: After 7 days, expired content is automatically deleted from our storage.

2.6.1 Automated ("Proactive") Try-On Previews

With your explicit consent, we can automatically generate try-on images of you wearing newly listed sarees that match your style preferences, and place them in your private My Gallery for you to review. The same privacy rules that apply to your manual try-ons also apply here.

• Opt-in only: This feature is off by default. You turn it on via a Settings toggle, a launch email, or an in-app prompt. You can turn it off at any time with immediate effect.
• Requires a saved selfie: We can only generate proactive previews when you have explicitly saved a selfie to your account. Without one, the feature has nothing to work with and remains inactive.
• Rate-limited: We cap the number of proactive previews we will generate per user per week. You will never be flooded.
• Same privacy as manual try-ons: Generated images are visible only to you, stored for 7 days, watermarked when shared, and never shown to sellers, other users, advertisers, or third parties.
• Revoking consent: Turning the feature off halts any future generations immediately. Previously-generated images remain in your gallery until you delete them or they auto-expire after 7 days.
• Processing: Generation is performed on Google Vertex AI. Your saved selfie and the selected saree image are sent to the model at generation time and are not retained by Google after the API call.
• Audit trail: We record each time you turn the feature on or off (timestamp + where you toggled it from) so we can honor your preference accurately.

2.7 Automatically Collected

• Firebase App Check verification tokens (for bot protection)
• Firebase Analytics usage data (app opens, screen views, feature usage) — includes the Android Advertising ID, used strictly for analytics purposes only, never for advertising or targeting
• Firebase Crashlytics diagnostic information (crash reports, device type, OS version)
• We do not use cookies for tracking or advertising
• We do not sell your data to advertising networks or data brokers

3. How We Use Your Information

• Provide Services: Process transactions, manage listings, facilitate rentals and purchases
• Communication: Send order updates, shipment notifications, and account alerts
• AI Features: Power style recommendations, visual search, and content verification
• Security: Verify identity, prevent fraud, and protect the Platform
• Marketing: Send promotional communications (only with your explicit consent)
• Support: Respond to your inquiries and resolve issues

4. Third-Party Services

We share data with the following service providers, strictly for the purposes described:

We do not sell, rent, or trade your personal information to third parties for advertising or marketing purposes.

5. SMS & Communication Consent

If you opt in to SMS notifications:

• You may receive messages about buyer/seller interest, order updates, and new arrivals
• Message frequency varies based on your activity
• Message and data rates may apply
• Reply STOP to any message to unsubscribe
• You can update preferences at any time in your Profile settings

Your consent status and date are recorded for compliance purposes.

6. Data Security

• All data transmitted via HTTPS/TLS encryption
• Firebase Authentication handles secure credential storage
• API keys and secrets are stored in Firebase Secret Manager (not in code)
• Firebase App Check with reCAPTCHA protects against automated abuse
• Firestore security rules restrict data access to authorized users
• Cloud Functions validate authentication on all sensitive operations

7. Data Retention

• Account data: Retained as long as your account is active
• Transaction records: Retained for tax and legal compliance (minimum 7 years)
• Communication logs: Retained for audit and compliance purposes
• Saree images: Removed upon listing deletion or account closure
• Try-on gallery content: Retained for 7 days, then automatically deleted. Can be deleted earlier by the user at any time.
• Saved selfie: Retained only if the user explicitly consented. Can be deleted anytime from Profile settings.
• AI chat history: Stored in browser session only — cleared on logout

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access: Request a copy of your personal data
• Correction: Update inaccurate information via your Profile
• Deletion: Request account and data deletion at our account deletion page
• Opt-out: Withdraw marketing consent at any time in Profile settings
• Portability: Request your data in a portable format

To exercise any of these rights, contact us at support@sareeexchange.ai.

9. Children's Privacy

SareeXchange is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover we have collected data from a minor, we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notification. Your continued use of the Platform after changes constitutes acceptance.

11. Contact Us

For privacy questions or data requests, contact: