Privacy Statement

Last updated: January 2025

1. Introduction

Online Lookbook ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Statement explains how we collect, use, store, and protect your information when you use our service.

We process personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Online Lookbook is the data controller responsible for your personal data. If you have any questions about this Privacy Statement or our data practices, please contact us at privacy@onlinelookbook.com.

3. Personal Data We Collect

We collect the following types of personal data:

  • Account Information: Email address, name, and company name when you create an account
  • Authentication Data: Information from Google OAuth or magic link authentication
  • Usage Data: Information about how you use our service, including lookbook views and interactions
  • Payment Information: Billing details processed securely through Stripe (we do not store full payment card details)
  • Content Data: Media files and content you upload to create lookbooks
  • Technical Data: IP address, browser type, device information, and cookies

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contract Performance: Processing necessary to provide our services to you
  • Legitimate Interests: Improving our services, security, and fraud prevention
  • Legal Obligation: Compliance with applicable laws and regulations
  • Consent: Where you have given explicit consent for specific processing activities

5. How We Use Your Data

We use your personal data to:

  • Provide, maintain, and improve our services
  • Process your transactions and manage your account
  • Send service-related communications
  • Provide customer support
  • Analyze usage patterns to improve user experience
  • Detect and prevent fraud or security issues
  • Comply with legal obligations

6. Data Sharing and Third Parties

We may share your personal data with:

  • Supabase: Database and authentication services (EU-based processing)
  • Cloudflare: Content delivery and media storage
  • Stripe: Payment processing (PCI-DSS compliant)
  • Vercel: Hosting and deployment services

All third-party processors are contractually bound to protect your data and process it only according to our instructions. We do not sell your personal data to third parties.

7. International Data Transfers

Some of our service providers may process data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, to protect your data in accordance with GDPR requirements.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When you delete your account, we will delete or anonymize your personal data within 30 days, unless we are required by law to retain it longer.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of processing in certain circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at privacy@onlinelookbook.com. We will respond to your request within 30 days.

10. Cookies

We use essential cookies to ensure our service functions properly. These include:

  • Authentication cookies: To keep you logged in securely
  • Session cookies: To maintain your session state
  • Security cookies: To protect against fraud and unauthorized access

We do not use tracking cookies or third-party advertising cookies.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption in transit (TLS) and at rest, regular security assessments, and access controls.

12. Children's Privacy

Our service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Privacy Statement

We may update this Privacy Statement from time to time. We will notify you of any material changes by posting the updated statement on our website and updating the "Last updated" date. We encourage you to review this statement periodically.

14. Complaints

If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with your local data protection supervisory authority.

15. Contact Us

For any questions about this Privacy Statement or our data practices, please contact us at: privacy@onlinelookbook.com