Privacy Policy

Last updated: 21 February 2026

1. Introduction

This Privacy Policy explains how Fashiolytics (“we”, “us”, or “our”) collects, uses, discloses, and protects personal data when you access or use our website, applications, and APIs (the “Service”).

We are committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

2. Who We Are

  • Service name: Fashiolytics
  • Contact email: hello@fashiolytics.com

Under GDPR, we act as a Data Controller for account, billing, and operational data. We act as a Data Processor for product and competitor data processed on your behalf.

3. Personal Data We Collect

3.1 Data You Provide Directly

  • Name and email address
  • Account credentials (magic-link authentication)
  • Billing and payment metadata (handled by third-party payment providers)
  • Support communications
  • Product templates and files you upload to the Service (e.g. Excel files containing competitor URLs)

3.2 Data Processed on Your Behalf

When you use Fashiolytics to generate comparable analysis reports, we may collect and process:

  • Publicly available product information (prices, images, descriptions) from URLs you provide
  • Currency and regional pricing data
  • Any other data included in templates you submit

You are responsible for ensuring that you have a lawful basis to provide this data and that the URLs you submit reference publicly available information.

3.3 Automatically Collected Data

  • IP address
  • Device and browser information
  • Usage logs and request metadata
  • Diagnostic and performance data

4. How We Use Personal Data

  • To provide and operate the Service, including generating comparable analysis reports
  • To collect product data from the URLs you submit
  • To manage accounts, authentication, and billing
  • To deliver reports and notifications via email
  • To provide customer support
  • To maintain security, prevent abuse, and monitor performance
  • To comply with legal obligations

We do not sell personal data.

5. Legal Bases for Processing (GDPR)

  • Contractual necessity — to provide the Service you request
  • Legitimate interests — to operate, secure, and improve the Service
  • Legal obligation — to comply with applicable laws
  • Consent — where explicitly required (e.g. certain communications)

6. Data Sharing & Sub-Processors

We may share personal data with trusted third-party service providers strictly as necessary to operate the Service, including:

  • Cloud hosting and infrastructure providers
  • File storage services
  • Email delivery services
  • Error monitoring and logging tools
  • Payment processors (e.g. Stripe)

All sub-processors are subject to contractual data protection obligations.

7. International Data Transfers

Personal data may be processed outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), adequacy decisions, or equivalent lawful transfer mechanisms.

8. Data Retention

We retain personal data only for as long as necessary to provide the Service, fulfil contractual obligations, and comply with legal requirements. Uploaded templates and generated reports are retained in your account until you request deletion.

9. Security Measures

We implement appropriate technical and organisational measures to protect personal data, including access controls, encryption in transit, infrastructure security best practices, and monitoring. No system is 100% secure, but we take reasonable steps to protect your data.

10. Your GDPR Rights

If you are located in the EU/EEA, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with a supervisory authority

Requests can be sent to hello@fashiolytics.com.

11. Cookies & Tracking

We use essential cookies required for the operation and security of the Service (e.g. authentication sessions). For more details, see our Cookie Policy.

12. Children's Data

The Service is not intended for children under 16. We do not knowingly collect personal data from children.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last updated” date. Continued use of the Service constitutes acceptance of the updated Policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: hello@fashiolytics.com