Mirrorsize (“we”, “us”, “our”) is a proprietary technology which aims to compute a user’s body measurements with the help of a smartphone, tablet, laptopor any other device having monocular camera chosen or used by the user. We are incorporated in the United State of America by the name “Mirrorsize US Inc.” (“Mirrorsize”) and its global subsidiaries and companies are under the same management. We respect our user’s privacy and describe our data collection ethos and practises through this Privacy Policy.
This Privacy Policy describes how we collect, store, uses and disclose information or data of the users when they use our services. Unless stated otherwise or linked to a different policy, this Privacy Policy applies to users when they visit our website located at www.mirrorsize.com (“the website”) and/or when they use the mobile application version currently available on Google Play Store (Android) and Apple App Store (“ our mobile application”) or other similar or related applications.
This Privacy Policy is part of our Terms and conditions of services, and in cases some subjects or aspects are not stated herein, they are mentioned in the Terms and conditions of our service. Upon using our services, the users agree to the terms stated in this Privacy Policy and in the event the users do not agree with our Privacy Policy, they are requested to refrain from using our services. The effective date of this Privacy Policy is 1st October 2022.
We collect the following data from the users:
- Personal/User Information: We collect and store data, content and other information that a user voluntarily provides to us when they use our services through our website and/or through our mobile application and/or when a user communicates through use via social media and/or when a user calls or sends us an email directly or any other means. Users are solely and exclusively responsible for the personal information they provide us. In order to use our services, a user provides an image or video of their body taken using the camera of a smartphone, tablet or laptop or any device having monocular camera used by the user for the purpose of procuring their body measurements and to use a user’s preference to style or drape certain apparels on their body. For the purpose of this Privacy Policy, an image refers to either a static image or a video, or a combination which has been generated by the user. The user enters details relating to their binary image, age, height, weight and gender. Further, we do not process any images above the mid-neck of the users, i.e. we do not process any measurements of the user’s face. Further, after we capture the image for measurement and display the results, the images are retained in our data base for a period of 10 (ten) years after which they are automatically deleted.
- Contact Information: We also collect the user’s name, email address, phone number, gender, height, address, zip code, credit card number, purchase and order conformation and personal preferences when they use our services.
- Billing Information: Upon subscribing to our services, users may be required to provide certain additional information when they purchase our services. These include the user’s credit card number, account number, pay pal account details or other banking or payment information along with user’s contact details etc.
- Usage Information: Upon using our services, we collect the user’s browser types, language, access times and location, Internet Protocol Address (“IP address”).
The manner in which we collect user’s information and data
We collect the aforementioned information from users in the following manner:- We collect only the aforementioned information when a user voluntarily uses our services, either through our website or through our mobile application. Upon using our services, the user consents and permits us to collect the aforementioned information.
- We collect certain aforementioned data and information through cookies, web beacons, analytical services and advertising. This is further clarified in our cookie policy.
Use of the information and data collected
At the outset, it is pertinent to note that we do not distribute the information that we collect to any unauthorized third-party sources save as otherwise stated in this Privacy Policy.
We use information collected from the users when they use our website and/or mobile Application, register or sign up for the Application, sign up for our newsletter, respond to a survey or to our marketing communication, browse our Application, or use Our Website or its features in the following ways: We use the information collected in the following manner:
- We use the information voluntarily provided by the users when they use our services via our website and/or mobile application. We collect and use users’ personal information to maintain and improve our services and deliver the services requested by the users. We also collect personal information to inform users about our products or services. The personal information we collect allows us to customise our services according to the individual interests of the users and to enhance their experience while using our services. We also use a user’s personal information to track those users who use our services repeatedly and in order to estimate and stratify the audience and usage patterns of these users. Immediately after the image has been processed and the measurements are made available to the users and users are permitted to access the information stored “on our cloud servers”. Further, the image can be accessed by us or our employees to enhance the services we provide to the users and for research and development purposes.
- We use users’ contact information to send product and company updates, surveys to conduct research to understand the user’s opinion about our services, information about new offers and new services that are being offered by us. A user is at the liberty to rescind their consent to receive the aforementioned information by intimating us about the same by sending us an email at the email address stated in this Privacy Policy.
- We may use user’s non-personal data to personalise a user’s experience, improve our services and enhance the user’s experience when they use our services. We may also use non-personal data such as language, time zone, location, zip code to that we can gauge customer behaviour and improve our services. Further, we may use automatically generated information and store it in log files such as IP address, browser type, language, operating system in order to understand and learn user behaviour and trends, improve our website and mobile application. We may use this information in our marketing and advertising services. If the law or any regulation treats all or part of this pointed information as personal, we would also treat it the same way.
- We may use information a user submits in a public forum such as a blog, chat room, or social network to personalize their experience. Users are solely and exclusively responsible for the information they choose to submit in public forums.
- We also use “aggregated information” to help us provide useful information to the users, to improve our services, help us understand the dynamic relationship between body shapes, sizes and style preferences amongst other uses of this aggregate information. Aggregate information or de-identified information is that information which cannot reasonably identify a specific user and therefore is considered to be non-personal data for the purpose of this Privacy Policy. This aggregate information includes anonymous measurements, size and shape information of users. We may also share this aggregated non-personal data with third party partners and by using our services, users consent to the collection and use of such non-personal aggregate information or data.
- We may use the manner in which a user uses our application include their search queries in order to improve the services provided by us. If we do combine Non-Personal Data with Personal Data, the combined information will be treated as Personal Data for as long as it remains combined.
- In some of our email messages, we use a “click-through URL” linked to content on Our Website or Application. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on Our Website or Application. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our customer communications. If a user prefers not to be tracked in this way, a user should not click text or graphic links in the email messages.
- We may disclose user’s personal information, without prior notice, if we are required to do so by law or in good faith and belief that such action is necessary to (a) conform to the edicts of the law or comply with legal process served on us or our Services, including respond to any government or regulatory request; (b) protect and defend our rights and/or property, including enforcing or applying our terms of use and other agreements, including for billing purposes; and (c) if we believe disclosure is necessary or appropriate to protect the rights, property, or safety or those of our customers. We may share information about users in connection with, or during negotiations of, any reorganization, dissolution, restructuring, merger, sale of company assets, financing or acquisition of all or a portion of our business to a buyer or other successor, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us about the users of our Services is among the assets transferred.
- All the data that a user shares with us, we share with our approved and authorised merchant partner/s, who is currently Amazon Web Services ( “AWS”). For the purpose of this privacy policy, and unless stated otherwise, our merchant partners are the servers on which we store user’s personal data and images. Upon using our services, a user consents to the fact that their personal data including images will be shared with our approved and authorised merchant partners and continuous use of our services is deemed to be consent on part of the users. In the event that a user does not want to us to share their personal information and images with our merchant partners, then they should refrain from using our services. Further, a user cannot hold our merchant partners legally liable. In order to understand more about our limited liability and none of the merchant partner, a user should peruse through our Terms and Conditions of Service.
User’s Access and Control over their Personal Data
- We store user’s Personal Data for 10 (ten) years and delete it thereafter. If a user continues to use our services after a period of 10 years, then new and fresh personal data will be collected by us and which we will store for another 10 (ten) years. Further, we have no obligations to notify a user when deleting their Personal Data and can do it at our sole discretion. By using our services, users consent to their personal information being retained with us for a period of 10 (ten) years. If the user does not wish for us to retain their personal data for a period of 10 (ten) years, they should refrain from using our services.
- Further, if permitted, a user may update, correct or change relevant Personal Data in their personal account. Further, if a user merely deletes their account, it does not mean that the personal data and images stored with us will also be deleted automatically. This personal data will be retained by us for a period of 10 (ten) years.
- If a user wishes for their personal data to be deleted before the expiry of a period of 10 (ten) years, then they may contact us and request for us to delete their personal data. We will attempt to revert with the request within a period of 60 days from receiving the request.
- If it comes to the user’s knowledge that someone illegally provided us with their Personal Data, it will be user’s sole responsibility to immediately inform us about this via our contact email pointed in this Privacy Policy and upon a user’s request, we will delete their Personal Data without undue delay and only retain such copies of the information as are necessary for us to comply with law and Regulation for such cases.
- In order to exercise their rights pointed in this Privacy Policy, users should identify themselves in a manner that we can be sure that the person who asks for their Personal Data is the one who it appears to be. We are at the liberty to ask for additional verification in order to ascertain the veracity of the user.
Storage of the data and information that we collect
We store and secure the data and information as we collect from our users in the following manner:
- We currently process all information and data on Amazon Web Services- Cloud Computing Services (“AWS Cloud”). However, we are at the liberty to change our cloud computing service providers and upon using our services, users consent to their personal data being stored on whichever cloud we may be using at that point of time. AWS Cloud is a highly protected cloud computing service with multi-layer security built into it. When a user provides us with their personal data this data is encrypted and it is thereafter transferred to AWS Cloud. Once the data is received on the AWS Cloud, it is then decrypted. Presently, the servers of the AWS Cloud are located in Virginia, United States of America and the information is stored there. However, in the event that we change our cloud computing services, the information may be stored in servers located elsewhere. In the event that AWS Cloud changes the location of their servers, the user data stored will be shifted to that server, AWS Cloud or us, may, though not necessarily, inform the users about the shift in servers. In order to use our services, a user consents to such changes. In the event that a user does not agree to thus, they are to refrain from using our services.
- Our employees are trained in adequately addressing and handling any breach that occurs. In the event of a breach, the AWS Cloud services are disabled and all the services we provide to all are halted. In order to re-start the services, the admin will have to change the multi-layer access keys.
- We secure a user’s personal information from unauthorized access, use or disclosure. Personal information of users uploaded through their account is protected by a password. We protect personal information we collect against accidental, unlawful or unauthorized destruction, loss, alternation, access, disclosure or use through the use of firewall and encryption such as Secure Sockets Layer encryption (“SSL encryption”), amongst others. Further, when a user provides us with their credit card information for billing purposes, this information is encrypted.
- After we capture the image of a user and display the measurement results, the user permit us to retain the video and/or image in our secure database for a period of 10 (ten) years.
- The users have complete access to their data that is stored in the AWS Cloud.
- We wish to mention that despite the fact that we meet and exceed the standards applicable with regard to privacy and protection of user’s information, no transmission or method of electronic storage is 100% secure. We do not guarantee that the information stored during the use of our website and/or mobile application is protected from and invulnerable to hacking and will not be subjected to a security breach or to security threats, attack from viruses or other vulnerabilities. Upon using our services, users agree that we do not guarantee that the information stored is protected from hacking and will not be subjected to security breach as no transmission of electronic storage is 100% secure and upon using. In the event that a user does not consent to this, they are to refrain from using our services.
Data Protection Rights of Users
Users have certain rights around the data. We would like to ensure that users are fully aware of all data protection rights available to them. We would like to inform users about the following data protection rights that are available to them. Further, users can avail their rights by sending us a request on the email address mentioned in this Privacy Policy and we will ensure that the request is processed at the earliest, with a minimum window of 30 days.
- The right to Access, Update and Correct Users’ Personal Data:
- Users are permitted to access their personal information that is stored on the AWS cloud, which is their profile information that is stored in their account.
- Further, users can request access to their personal data that is collected by us by sending us an email in the email address mentioned in this Privacy Policy.
- The right to rectification:
- Users have the right to rectify their personal information collected by us that they believe is inaccurate or incorrect. Users also have the right to ask us to complete certain information about them that they believe is incomplete. Users can make this request by sending us an email in the email address mentioned in this Privacy Policy.
- The right to erasure of Users’ Personal Data:
- Users have the right to have their personal data so collected by us deleted permanently along with the account created by them. Before a period of 10 years, after which we automatically delete the information, a user can put in a request to have all their personal data deleted by us by contacting us in the email address mentioned in this privacy policy. We will make best efforts to respond h to the request of deletion within a period of 60 days.
- Further, we shall communicate any erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort and we shall also inform the user about those recipients if the user so requests it.
- The right to object:
- The user shall have the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them. We shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the user or for the establishment, exercise or defence of legal claims.
- Where personal data are processed for direct marketing purposes, the user shall have the right to object at any time to processing of personal data concerning them for such marketing, which includes profiling to the extent that it is related to such direct marketing.
- Where the user objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
- Users have the right to receive the personal data concerning them, which they provide to us, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller without hindrance from us. Users have the right to have the personal data transmitted directly from us to another controller, where technically feasible. This shall not adversely affect the rights and freedoms of others.
- The right to Access, Update and Correct Users’ Personal Data:
Cookie Policy
- What are cookies: Cookies are small pieces of text used to store information on various web browsers. They are used to store and receive identifiers and other information on computers, phones and other devices. For the purpose of this Privacy Policy, other technologies such as the data we store on the website or mobile application, identifiers associated with users’ device, and other software, are also referred to as "cookies". It is pertinent to note that the information so collected by these cookies is treated as non-personal data.
- Why do we use cookies: We use cookies and similar technologies like web beacons, pixel tags, or local shared objects to deliver, measure, protect and improve our services by tracking a user’s visit. We use cookies for authentication and security purposes such as verifying a user’s account and to determine when they’ve logged in to our website and in order to ensure that a user’s account and personal data are safe and secure. We use cookies for preferences in order to make it easier for users to access our services, to create an experience that is personal and beneficial to the users, to provide users with content that is relevant to them, to gather data of those users who may be interested in our products and services. We also use cookies for analytic and research purposes in order to understand how users use our services and to improve them. We also use cookies to combat activity that violates our policies or otherwise hinders our ability to provide our services adequately.
- How do we use cookies: When a user visits our website or uses our mobile application, we may collect information from the user automatically through cookies such as users’ passwords, measurement data, images, preferences and other relevant data. We use cookies if a user has an account with us or our subsidiaries while using our services through our website or the mobile application, regardless of whether the user has registered or “logged in”. (whether or not a user is registered or logged in), or when a user visits any other website and/or mobile application that uses our services. Further, while we cookies to track a user’s visit to our website or when they use our mobile application by automatically logging their IP Address, we do not use this information to personally identify a user. However, if a user provides us with consent to “remember” the unique identifies that they select when they register with us, this unique identifies will be stored on a cookie in their device, linked to their registration information and their navigation path around our website and/or mobile application will be tracked.
- How to manage cookies: Users have a number of options to control or limit how we and our partners use cookies. Most web browsers are set in a manner to automatically accept cookies but a user can change their browser settings to declines cookies by consulting their browser’s support articles. If a user decides to decline cookies, they may not be able to sign in, customize, or use some interactive features of our services. Flash cookies operate differently than browser cookies, so a user’s browser’s cookie-management tools may not remove them.
- Changes to our cookie policy: From time to time, we may update this Cookie Policy and any changes made are updated immediately. We reserve the right to modify or amend the terms of the Privacy Policy without giving prior notice to the users and we have no obligation in sending users an email or notification regarding such changes and the same is voluntarily agreed to by users when using our services. We recommend users to regularly check our policy for updates and continuous use of our services is deemed to mean that the user has agreed to the changes made in our cookie policy.
Links to third-party websites/collaborations
- Our website, mobile application and/or emails may contain links to other websites. Users are to be aware that these websites are subject to different privacy policies and we are not responsible for the content or privacy practices of these websites. This Privacy Policy will not apply to other websites, applications or accompanying services and users are encouraged to be aware of the privacy practices of these third-party websites.
- Further, a user who wishes to access a third-party website directly from our website does so at their own cost, risk and peril and we do not take any liability or risk associated with such actions.
Sign in through social media
- If a user wishes to use our services through social media portals such as “Facebook”, “Twitter” or “Gmail”, then the user’s login is routed through a third party ‘plug in’ called “Social Login”.
- The user does not share any information with the plug in as the plug in functions solely as a routing system. We are not privy to the information a user shares with social media portals when they use these portals to log into our website.
Jurisdiction Specific Rules
- California Privacy Rights and Compliance: We have attempted to comply with the guidelines set out in the California Online Privacy Protection Act 2003 (“CalOPPA”) to the extent possible. However, in the event that a user requires more information about our compliances with CalOPPA, they can send us an email in the email address mentioned in this Privacy Policy and we shall respond to them at the earliest. However, we do not currently respond to or recognise browser initiated Do Not track Signals.
- General Data Protection Regulation: Our privacy policy has been drafted with the aim to make it compliant with all the regulations and guidelines stated in the General Data Protection regulation (“GDPR”) to the extent possible. However, if users have any queries, they can send us an email in the email address mentioned in this Privacy Policy and we shall revert to their queries and requests.
Children
- We do not intend for our services, either on our website or on through the mobile application, to be used by people under the age of 18 years old, or equivalent minimum age in the relevant jurisdiction (“minor children”) unless they use our services under the supervision of their parent and/or guardian who provide us with verifiable consent.
- Minor children are not to provide us with any personal or non-personal information and we do not intentionally collect personal information of minor children. If we learn that we have collected personal information of minor children, save by the information provided by their guardian and/or parent, we will take steps to delete the information as soon as possible, unless we are obligated to retain such information in order to comply with the law. Further, if a parent and/or guardian believes that we have collected information of minor children and want to access, correct or delete the information collected, they can contact us through the email stated in this Privacy Policy.
Opt out system
- Users always have the option to opt-out from receiving announcements of certain information, promotional and commercial emails from us by deleting the application.
- We provide the users with an opportunity to opt-out from receiving any or all communications from us by contacting and intimating us at our email address specifically for the purpose of opting-out, i.e. info@mirrorsize.com.
- Further, it may be noted that a request to not receive unsolicited commercial emails will not apply to messages that the user requests or that are not commercial in nature. We may still contact users regarding purchases made even if they opt out of receiving unsolicited commercial messages.
Changes to the Privacy Policy
- Since our services and consequentially website and/or mobile application is constantly developing, we may add new services and features. In the event that these developments or additions affect the Privacy Policy, it will be updated immediately accordingly. However, we reserve the right to modify or amend the terms of the Privacy Policy without giving prior notice to the users and we have no obligation in sending users an email or notification regarding such changes and the same is voluntarily agreed to by users when using our services.
- If we make a material change in the Privacy Policy or privacy practices, we may or may not provide a prominent notice of the change on our website. We recommend users to regularly check our policy for updates. Further, continuous use of our services by a user, after we make the requisite change to the Privacy Policy is deemed to be acceptance of the changes to the privacy policy by the users. c)By using our services, the users are accepting the practices described and enumerated in the Privacy Policy. If a user does not agree to the terms of the Privacy Policy, then the user should refrain from using our website or purchasing any products on our website. All changes to the privacy policy become effective after 24 hours of us posting the changes on our website and mobile application.
How to contact us:
If a user has any questions regarding the Privacy Policy, the data we collect or would like to exercise their data protection rights, they may contact the Data Officer through the following channels:- Email address: info@mirrorsize.com
- Phone Number:
- India: +91-8383069918
- United States of America: +1-732-369-6885
- Physical Address:
- Corporate Office: 14 Mackenzie Lane, Plainsboro, NJ 08536, USA
- Research and Development Office: Plot no. A-40, i-Thum Tower-C, Floor-4th, Unit no. 409, Sector-62, Noida-201301, Uttar Pradesh, India