Legal
Privacy Policy
Effective Date: 18.08.2025
Last Updated: 05.02.2026
1. Introduction
Welcome to Drober Wardrobe! This Privacy Policy explains how Recherche Ventures e.U. ("we," "us," or "our") collects, uses, shares, and protects your personal data when you use our wardrobe management services via drober.app. We are committed to protecting your privacy and handling your data in an open and transparent manner.
This policy is written in accordance with the General Data Protection Regulation (GDPR) of the European Union.
2. Data Controller
The data controller responsible for your personal data is:
Recherche Ventures e.U.
Represented by Marc Fenz
Alfred-Coßmann-Gasse 14/2
8054 Graz, Austria
Email: contact@drober.app
Legal Details
- Business Focus: Information Technology
- Company Registry Number: FN 659947k
- Registry Court: Landesgericht für Zivilrechtssachen Graz
3. What Personal Data We Collect and Why
A. Account and Identity Information
- Data Points: A unique user ID, username, email address, and a securely hashed password.
- Purpose: To create your account, authenticate logins, provide support, and send security alerts.
- Legal Basis (GDPR): Performance of a contract. Provision of this data is mandatory to use the service.
B. Wardrobe and Style Data
- Data Points: Images of clothing and accessories, item metadata (brand, size, color, material, category, purchase price), "last worn" logs, and custom wardrobe collections.
- Purpose: To provide core features like digital closet organization, outfit planning, and automated item tagging using artificial intelligence.
- Legal Basis (GDPR): Performance of a contract.
Important Note on Images
Our service is designed to catalog garments. While you may upload photos containing your likeness (e.g., "Outfit of the Day"), we do not use these images for biometric identification. Users are advised to avoid uploading images that reveal sensitive personal data (e.g., health status, political affiliations, or religious symbols).
C. Technical and Usage Data
- Data Points: IP address, application/browser version, and operating system. We log interactions, such as which wardrobe categories are accessed.
- Purpose: Security (fraud prevention), technical diagnostics, and service improvement.
- Legal Basis (GDPR): Legitimate interest and performance of a contract.
D. Collaboration and Sharing Information
- Data Points: User IDs of people you invite to view your closet or "Shared Wardrobes," and the permissions granted to them.
- Purpose: To enable collaborative styling and sharing features.
- Legal Basis (GDPR): Performance of a contract.
4. Data Security
We implement robust technical and organizational measures to protect your data. This includes:
- Encryption: All data is encrypted in transit and at rest.
- Storage Security: Wardrobe images and database records are stored in secure environments managed by Supabase.
- Access Control: Strict internal protocols to ensure only authorized personnel can access system backends.
5. Data Retention and Deletion
A. Active Account
We retain your data as long as your account is active to provide the Drober service.
B. Account Deletion
You may delete your account at any time. We will permanently delete or fully anonymize your personal data within 90 days, including your closet images and metadata.
C. Shared Resources Exception
If you have contributed an image or outfit to a Shared Wardrobe, that specific image may remain visible to the other members of that group to maintain the integrity of their history. However, your personal identity (username/email) will be stripped from the record (anonymization).
D. Mandatory Retention
Where required by Austrian commercial or tax law (e.g., for premium subscriptions), we may retain specific transactional data for up to 7 years.
6. Your Rights Under GDPR
As an EU user, you have the right to:
- Access & Portability: Request a copy of your wardrobe data in a machine-readable format.
- Rectification: Correct inaccurate garment details.
- Erasure: Request total deletion of your data.
- Object: Object to data processing based on legitimate interests.
To exercise these rights, contact us at contact@drober.app.
7. Data Sharing and Third Parties
We do not sell your data. We share data only with the following essential processors:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Primary Database, Authentication, and Image Storage | EU (Frankfurt/AWS) |
| Netcup GmbH | Hosting of the web-app and main website (drober.app) | Germany |
| OpenRouter | AI-driven image tagging and garment categorization | USA (via SCCs) |
| Google Firebase | App stability (Crashlytics) and anonymized analytics | USA (via SCCs) |
| Amazon SES | Sending service-related emails (password resets) | EU (Frankfurt) |
8. International Data Transfers
While our primary storage (Supabase/Netcup) is within the EU, some processing (AI tagging via OpenRouter) may occur in the United States. We ensure these transfers are protected by Standard Contractual Clauses (SCCs). Image data is only sent to AI processors with your implicit action (e.g., clicking "Auto-tag").
9. Changes to This Policy
Significant changes will be notified via the app or through email to your registered address.
10. Contact Us
Recherche Ventures e.U.
Email: contact@drober.app
You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde).