Privacy Policy

Last Updated: February 23, 2026

Effective Date: January 1, 2025 Last Updated: February 23, 2026

Introduction

Welcome to Kindklos. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application.

Key Privacy Principles:

Privacy by Default: Offline mode stores all data locally on your device
You Control Your Data: Choose between offline-only or optional cloud sync
Transparency: Clear explanations of what data we collect and why
Data Minimization: We only collect what’s necessary
Your Rights: Full access, export, and deletion capabilities

1. Who We Are

Kindklos is a sustainable fashion tracking application that helps you organize your wardrobe, track clothing wear, and make conscious fashion choices.

Contact Information:

Email: [email protected]
Website: kindklos.com

2. Information We Collect

2.1 Offline Mode (Default)

When using Kindklos in offline mode, we collect no personal data. All information stays on your device:

Clothing item data (photos, descriptions, tags, purchase info)
Outfit combinations
Wear history
Calendar events
App settings and preferences

Local Storage Only:

Data stored using MMKV (local encrypted database)
Photos stored in device file system
No internet connection required
No data transmitted to our servers

2.2 Cloud Sync Mode (Optional)

When you opt in to cloud sync, we collect:

Account Information:

Email address (for authentication only)
Account creation date
Last login timestamp

Wardrobe Data:

Clothing items (names, categories, colors, sizes, brands, purchase dates, prices)
Photos of clothing items
Outfit combinations
Wear history records
Calendar events with outfit plans
Cost-per-wear calculations
Tags and custom notes

Technical Data:

Device type (iOS, Android)
App version
Operating system version
Storage mode preference (offline/sync)

Automatically Collected Data:

Sync timestamps
Database change logs (for conflict resolution)
Photo upload queue status

2.3 Crash Reporting (Sentry)

Kindklos uses Sentry for crash reporting and performance monitoring. Sentry is active whenever the app is running and collects:

App version and device information
Error messages and stack traces
Anonymous performance metrics

Crash data is used solely to identify and fix bugs. It is never used for advertising or sold to third parties. No personally identifiable wardrobe content is included in crash reports.

2.4 Data We Do NOT Collect

We never collect:

Precise location data
Contacts or address book
Social media profiles
Financial or payment information
Biometric data
Health data
Browsing history
Data from other apps

3. How We Use Your Information

3.1 Offline Mode

In offline mode, your data is never transmitted and used only on your device for:

Displaying your wardrobe
Creating outfits
Tracking wear history
Calculating cost-per-wear
Exporting data (stays on your device)

3.2 Cloud Sync Mode

When cloud sync is enabled, we use your data to:

Core Functionality:

Synchronize wardrobe data across your devices
Store backups of your data
Resolve sync conflicts
Generate signed URLs for photo access
Provide multi-device access

Service Improvement:

Monitor system performance and reliability
Identify and fix bugs
Improve app features
Ensure data integrity

Security:

Authenticate your identity
Prevent unauthorized access
Detect and prevent fraud
Comply with legal obligations

3.3 Crash Reporting

Crash reports help us:

Identify and fix crashes
Improve app stability
Prioritize bug fixes
Enhance the user experience

For users in the European Economic Area (EEA), we process your data based on:

Consent:

Cloud sync (opt-in)

Contractual Necessity:

Providing the app services
Account authentication
Data synchronization

Legitimate Interests:

Improving app performance via crash reporting
Preventing fraud and abuse
System security and reliability

Legal Obligations:

Responding to legal requests
Enforcing Terms of Service
Protecting rights and safety

5. Data Storage and Security

5.1 Offline Mode Storage

Local Storage:

Data stored using MMKV (encrypted local database)
Photos stored in device file system
Data never leaves your device
Security depends on your device security (passcode, encryption)

Backup:

You are responsible for backups
Use the Export Data feature regularly
Device backups (iCloud/Google) may include app data

5.2 Cloud Sync Storage

Cloud Infrastructure:

Hosted by Supabase (powered by AWS)
Data centers located in the United States
PostgreSQL database with Row-Level Security (RLS)
Encrypted in transit (TLS/SSL)
Encrypted at rest (AES-256)

Photo Storage:

Stored in Supabase Storage (private buckets)
Access via signed URLs (1-hour expiration)
Organized by user ID for isolation
Private access only — not publicly accessible

Authentication:

Tokens stored in device secure keychain (iOS Keychain, Android KeyStore)
Magic link authentication (passwordless)
Session tokens automatically refreshed
Sessions expire after inactivity

5.3 Security Measures

Technical Safeguards:

End-to-end encryption for data transmission
Row-Level Security (RLS) policies in database
Secure token storage (never in AsyncStorage)
Input validation and sanitization
Regular security updates

Your Responsibility:

Use strong device security (passcode/biometric)
Keep the app updated
Protect your email account (used for authentication)
Report suspicious activity to [email protected]

6. Data Retention

6.1 Offline Mode

Data retained indefinitely on your device until you delete it
You control all deletions
Uninstalling the app deletes local data (unless backed up)

6.2 Cloud Sync Mode

Active Accounts:

Wardrobe data retained as long as your account is active
Photos retained as long as linked items exist
Wear history retained indefinitely (until deleted)

Deleted Items:

Photos deleted immediately when items are deleted

Account Deletion:

All data deleted within 30 days of account deletion request
Includes: profile, clothing items, photos, outfits, wear history
After 30 days: permanently and irreversibly deleted

Legal Retention:

Minimal data retained if required by law (e.g., fraud investigation)

7.1 We Do NOT Sell Your Data

We will never:

Sell your personal data to third parties
Share your data for advertising purposes
Rent or trade your information
Use your data for marketing without consent

7.2 Third-Party Service Providers

We share limited data with trusted service providers:

Supabase (Database & Auth):

Purpose: Cloud database, authentication, photo storage
Data Shared: Email, wardrobe data, photos (only in cloud sync mode)
Location: United States (AWS)
Privacy Policy: https://supabase.com/privacy

Sentry (Crash Reporting):

Purpose: Crash reporting and performance monitoring
Data Shared: Error logs, device info, app version
Location: United States
Privacy Policy: https://sentry.io/privacy/

Apple App Store / Google Play Store:

Purpose: App distribution and updates
Data Shared: None directly from us (they have their own collection)

7.3 Legal Disclosure

We may disclose data when required by law:

Legal Requests: Court orders, subpoenas, government requests
Rights Protection: Enforce Terms of Service, investigate fraud
Safety: Protect safety of users or the public
Business Transfer: In case of merger, acquisition, or sale (users notified)

8. Your Rights and Choices

8.1 Rights for All Users

Access Your Data:

View all data in-app
Export data in multiple formats (JSON, CSV, PDF, HTML)

Modify Your Data:

Edit clothing items, outfits, wear history
Update settings and preferences

Delete Your Data:

Delete individual items, outfits, or records
Delete your entire account: Settings → Account → Delete Account

Data Portability:

Export a complete data archive in JSON format
Take your data to another service

Switch Storage Modes:

Toggle between offline and cloud sync at any time

Right to Access: Request a copy of all personal data we hold.

Right to Rectification: Correct inaccurate or incomplete data.

Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data. We will comply unless legally required to retain.

Right to Restrict Processing: Limit how we process your data.

Right to Object: Object to processing based on legitimate interests.

Right to Data Portability: Receive your data in a portable format.

Right to Withdraw Consent: Withdraw consent for cloud sync at any time.

Right to Lodge a Complaint: File a complaint with your national data protection authority.

How to Exercise Rights:

Email: [email protected]
Response time: Within 30 days

8.3 Additional Rights (CCPA — California Users)

Right to Know: Categories of data collected, sources, purposes, and third parties.

Right to Delete: Request deletion of personal data (exceptions for legal obligations, fraud prevention).

Right to Opt-Out: We do not sell data, so no opt-out is needed.

Right to Non-Discrimination: We will not discriminate against you for exercising your rights.

How to Exercise Rights: Email [email protected]

9. Children’s Privacy

Age Requirements:

United States: 13 years or older
European Economic Area: 16 years or older
Other regions: Age of digital consent in your country

We do not knowingly collect data from children under the required age.

If you are a parent/guardian: If you believe your child provided data, contact us immediately at [email protected]. We will delete the data within 30 days.

10. International Data Transfers

If you use Kindklos outside the United States:

Data may be transferred to and stored in the United States
Supabase (our cloud provider) uses AWS data centers in the United States
The U.S. may have different data protection laws than your country

We implement safeguards for international transfers:

Standard Contractual Clauses (SCCs): For EU data transfers
Adequate Security: Encryption and access controls
GDPR Compliance: For EEA users
Your Consent: By enabling cloud sync, you consent to transfers

11. Cookies and Tracking

Offline Mode: No cookies or tracking of any kind.

Cloud Sync Mode:

Authentication tokens are stored in your device’s secure keychain, not in cookies
Session management for sync
Crash reporting via Sentry (always active, see section 2.3)

We do NOT use:

Advertising cookies
Third-party advertising networks
Social media tracking pixels
Behavioral tracking

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect new features, comply with legal changes, or improve clarity. When we do:

The “Last Updated” date at the top will change
Significant changes will be communicated via in-app notification
Continued use after changes constitutes acceptance

Material Changes: 30 days’ advance notice. You may delete your account if you disagree.

13. Data Breach Notification

In the unlikely event of a data breach, we will:

Investigate immediately and contain the breach
Notify affected users within 72 hours (GDPR requirement)
Notify relevant authorities as required
Provide guidance on protective actions

By using Kindklos, you consent to this Privacy Policy and the data practices described herein.

You can withdraw consent at any time by switching to offline mode, deleting your account, or uninstalling the app.

15. Contact Us

Questions about this Privacy Policy or your data?

Email: [email protected]
Website: kindklos.com

Response Time: Within 30 days for data rights requests.

16. Supervisory Authority (EEA Users)

If you are in the European Economic Area, you have the right to lodge a complaint with your national data protection supervisory authority. Find your authority at: https://edpb.europa.eu/about-edpb/board/members_en

Summary

We respect your privacy. Here’s what you need to know:

Offline by default — your data stays on your device
Optional cloud sync — you choose when to enable it
No data selling — we will never sell your personal information
Crash reporting — always active, used only to fix bugs
Your control — access, export, and delete your data anytime
Strong security — encryption and secure storage
GDPR & CCPA compliant — respecting international privacy rights

Questions? Contact us at [email protected]

Last Updated: February 23, 2026 Effective Date: January 1, 2025