Privacy Policy for ThreadTrack

Last Updated: January 2025

Introduction

ThreadTrack ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ThreadTrack (the "App").

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the App.

Information We Collect

Personal Information You Provide

When you create an account and use ThreadTrack, we collect the following information:

• Account Information: Email address and password (stored securely with encryption)
• Clothing Inventory Data: Information about your clothing items including:
  • Item names, brands, types, sizes, colors/patterns
  • Purchase dates and notes
  • Storage locations (e.g., home closet, dry cleaner, travel, custom locations)
  • Wear history (dates when items were worn)
  • Location history (dates when items were moved between locations)

Information Collected Automatically

• Device Information: We collect device type, operating system version, and unique device identifiers for authentication and sync purposes
• Usage Data: We collect information about how you interact with the App, including features used and actions taken
• Session Data: Authentication tokens and session identifiers to maintain your logged-in state
• Analytics Data: Aggregated and anonymized data about app usage patterns, feature adoption, and performance metrics

NFC Tag Data

• NFC Tag IDs: When you scan NFC tags attached to clothing items, we process the tag identifier locally on your device to link it to the corresponding clothing item
• No Personal Data on Tags: NFC tags only contain links to your clothing items within the App; they do not store any personal information

How We Use Your Information

We use the information we collect to:

• Provide Core Functionality: Enable you to create, view, edit, and manage your clothing inventory
• Sync Across Devices: Synchronize your wardrobe data across multiple devices using your account
• Track Wear History: Record and display when items were worn and location changes
• NFC Features: Enable scanning and writing of NFC tags for quick item access
• Account Management: Authenticate your identity and maintain your session
• Improve the App: Analyze usage patterns to enhance features and user experience
• Customer Support: Respond to your inquiries and provide technical assistance
• Product Development: Develop new features and services based on user behavior and preferences
• Business Analytics: Generate insights about fashion trends, wardrobe utilization, and user preferences (in aggregated, anonymized form)

Data Storage and Security

Local-First Architecture

• Local Storage: All your clothing inventory data is stored locally on your device using encrypted SQLite databases (SwiftData)
• Cloud Sync: Your data is synchronized with our secure servers (hosted on Cloudflare infrastructure) to enable multi-device access
• Encryption: Data transmitted between your device and our servers is encrypted using industry-standard HTTPS/TLS protocols
• Password Security: Passwords are hashed and never stored in plain text

Data Retention

• Active Accounts: We retain your data for as long as your account is active
• Account Deletion: If you delete your account, we will delete your personal data within 30 days, except where required by law or as described in the "Aggregated Data" section below
• Backup Data: Backup copies may be retained for up to 90 days for disaster recovery purposes
• Aggregated Data: Anonymized and aggregated data that cannot identify you personally may be retained indefinitely for analytics and research purposes

How We Share Your Information

Current Practices

We do not currently sell your personal information. However, we may share your information in the following ways:

• Service Providers: We use third-party service providers (such as Cloudflare) to help us operate the App, including data storage, synchronization, and analytics services
• Legal Requirements: We may disclose your information if required by law, court order, or governmental regulation
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred (you will be notified via email and given the option to delete your account)
• Aggregated/Anonymized Data: We may share aggregated, de-identified data that cannot reasonably identify you with third parties for research, analytics, or business purposes
• With Your Consent: We may share information for any other purpose with your explicit consent

Future Data Sharing Programs (Opt-In Only)

We may develop optional programs that allow you to share your wardrobe data for benefits such as:

• Fashion Insights: Participate in trend analysis and receive personalized style recommendations
• Brand Partnerships: Share anonymized purchase and wear data with fashion brands in exchange for discounts or exclusive offers
• Research Programs: Contribute to sustainability research about clothing usage and lifecycle
• Premium Features: Access enhanced features powered by aggregate data insights

Important: Participation in any such programs will always be:

• Completely Optional: Default setting will always be opt-out
• Clearly Disclosed: We will explain exactly what data is shared and with whom
• User-Controlled: You can opt-in or opt-out at any time through App settings
• Transparent: You will receive clear information about any benefits or compensation

Your Data Rights

You have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you
• Correction: Update or correct inaccurate information through the App
• Deletion: Delete your account and associated data at any time
• Data Portability: Request an export of your data in a machine-readable format
• Opt-Out: Disable optional features like background sync or data sharing programs in the App settings
• Withdraw Consent: Revoke consent for data sharing programs at any time

To exercise these rights:

• Request Your Data Export
• Delete Your Account
• Or contact us at privacy@threadtrack.io

Children's Privacy

ThreadTrack is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Third-Party Services

Cloudflare

We use Cloudflare Workers and Cloudflare D1 database for backend services. Cloudflare's privacy policy can be found at https://www.cloudflare.com/privacypolicy/

Analytics Services

We may use third-party analytics services to help us understand how the App is used. These services may collect information about your device and usage patterns in accordance with their own privacy policies.

NFC Technology

NFC tag reading and writing is performed locally on your device. No NFC data is transmitted to third parties.

International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using the App, you consent to such transfers.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Updating the "Last Updated" date at the top of this policy
• Posting the new Privacy Policy in the App
• Sending you an email notification for material changes (if you have provided an email address)
• Requiring explicit consent for changes that materially expand data sharing practices

Your continued use of the App after changes are posted constitutes acceptance of the updated policy, except where explicit consent is required.

California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected
• Right to Delete: Request deletion of your personal information (subject to certain exceptions)
• Right to Opt-Out: Opt-out of the "sale" of personal information
  • We do not currently sell personal information
  • If we implement opt-in data sharing programs in the future, California residents can opt-out at any time
• Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights
• Right to Limit Use of Sensitive Information: Request limitations on use of sensitive personal information

To exercise these rights, contact us at privacy@threadtrack.io.

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Legal Basis for Processing: We process your data based on:
  • Contract performance (to provide the App services)
  • Legitimate interests (to improve the App)
  • Consent (for optional data sharing programs)
• Data Protection Officer: Contact our DPO at privacy@threadtrack.io
• Right to Lodge Complaint: You may file a complaint with your local data protection authority
• Cross-Border Data Transfers: We use appropriate safeguards (such as standard contractual clauses) for international data transfers

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: privacy@threadtrack.io
• Website: https://threadtrack.io

Acknowledgment

By using ThreadTrack, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.