Privacy Policy

Effective Date: February 2, 2026

1. Introduction and Scope

This Privacy Policy explains how StyleRef, operated by [Company Name], collects, uses, stores, shares, and protects information when you use our web-based platform for creating and managing style reference materials. This Privacy Policy applies to all users of StyleRef, including individual users, enterprise customers, and organizational accounts.

By using StyleRef, you consent to the data practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our service. This Privacy Policy should be read in conjunction with our Terms of Service, which govern your use of StyleRef and are incorporated herein by reference.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service features. When we make material changes that affect your rights or how we handle your information, we will notify you by email to your registered account address and through prominent notice within the StyleRef platform at least thirty days before the changes take effect. Your continued use of StyleRef after the effective date of changes constitutes your acceptance of the updated Privacy Policy.

2. Information We Collect

We collect several categories of information to provide, operate, maintain, and improve StyleRef.

Account and Registration Information

When you create a StyleRef account, we collect your email address, which serves as your primary identifier and authentication method. We use magic link authentication and do not collect or store passwords. We also collect information about your chosen subscription plan, payment method information processed by our payment processors, and account preferences and settings you configure within the platform.

For organizational and enterprise accounts, we additionally collect organization name and business information, authorized user lists and account administrator designations, and billing contact information and tax identifiers where required.

User Content

We collect and store all content you submit, upload, or create through StyleRef. This includes text descriptions and written content you provide, images and visual materials you upload for style extraction or reference, URLs and web addresses you submit for analysis, style parameters and configurations you define in Style Boards, Style Board structures and organizational systems you create, and any other materials or information you provide while using the platform.

User Content is stored to enable the core functionality of StyleRef and may be processed by third-party AI service providers when you use extraction features. We treat User Content as confidential and handle it in accordance with the commitments described in this Privacy Policy and our Terms of Service.

Usage and Analytics Information

We automatically collect information about how you interact with StyleRef to understand usage patterns, improve the service, and provide support. This includes features and tools you use within the platform, Style Boards you create, modify, or delete, AI extraction requests you initiate and the parameters you specify, StyleRefs you generate and the formats you select, Style Cards you create and download, pages and sections of the platform you visit, time and duration of your sessions, search queries you enter within the platform, and errors or technical issues you encounter.

We use this information in aggregated and anonymized form to analyze trends, improve features, and enhance user experience. Individual usage patterns are treated as confidential and are not shared with other users or third parties except as described in this Privacy Policy.

Technical and Device Information

When you access StyleRef, we automatically collect certain technical information necessary for service operation and security. This includes your IP address and approximate geographic location derived from IP address, browser type, version, and language settings, device type, operating system, and screen resolution, referring URLs and websites that directed you to StyleRef, access times and time zone settings, and cookie identifiers and session tokens.

We use this information for security monitoring, fraud prevention, service optimization, and to comply with legal obligations. Technical information is retained for varying periods depending on the purpose, typically ranging from several months to two years.

Cookies and Similar Technologies

StyleRef uses cookies, local storage, and similar technologies to provide functionality and improve your experience. We use essential cookies required for platform functionality including session management cookies to maintain your authenticated session, preference cookies to remember your settings and configurations, and security cookies to prevent fraud and protect your account.

We also use analytics cookies to understand how users interact with StyleRef, performance cookies to monitor service speed and reliability, and functional cookies to enable features like anonymous sessions and content migration. You can control cookie settings through your browser preferences, though disabling certain cookies may limit platform functionality.

Third-Party Service Data

When you use AI extraction features, information about your extraction requests is logged, including the content submitted, the AI provider used, processing parameters, and results returned. This information is used to provide the service, troubleshoot issues, and improve extraction quality.

When you provide your own API keys for third-party AI services, we collect minimal information necessary to facilitate the connection, including encrypted API credentials and usage statistics for your reference. We do not monitor or log the content processed through user-provided API keys beyond what is necessary for error handling and service operation.

Information from Third Parties

We may receive information from third-party payment processors regarding transaction status and payment verification. We may receive information from third-party authentication providers if you choose to link external accounts. For enterprise customers, we may receive organizational information and user lists from designated account administrators.

We do not purchase or receive personal information from data brokers or marketing services. We do not collect information from social media platforms unless you explicitly authorize such integration.

3. How We Use Information

We use the information we collect for the following purposes, each of which is necessary for providing StyleRef or serves our legitimate business interests while respecting your privacy rights.

Service Delivery and Functionality

We process your information to provide the core features of StyleRef, including authenticating your account and managing session security, storing and organizing your User Content, processing AI extraction requests through third-party providers, generating StyleRefs in your requested formats, creating Style Cards and visual representations, synchronizing data across your devices, providing Style Board editing and management tools, and enabling data export and backup functionality.

This processing is necessary to perform our contract with you and to provide the services you request. Without this processing, we cannot provide StyleRef functionality.

Account and Subscription Management

We use your information to manage your account and subscription, including processing subscription payments and renewals, managing plan upgrades, downgrades, and cancellations, applying usage limits and feature access controls based on your plan, sending transactional communications about your account, responding to support requests and inquiries, and enforcing our Terms of Service.

This processing is necessary to perform our contract with you and to comply with legal obligations related to financial transactions and record-keeping.

Service Improvement and Development

We analyze usage information in aggregated and anonymized form to understand how StyleRef is used, identify features that are most valuable to users, discover technical issues and performance bottlenecks, develop new features and capabilities, optimize user interface and user experience, and improve AI extraction quality and accuracy.

This processing serves our legitimate interest in improving StyleRef and providing better value to our users. We do not use individual User Content to train proprietary AI models owned or controlled by StyleRef. We do not share individual usage patterns with third parties for their own purposes.

Security and Fraud Prevention

We process technical and usage information to detect and prevent fraudulent activity and account abuse, identify and respond to security incidents and vulnerabilities, protect against unauthorized access to accounts and data, enforce our Terms of Service and acceptable use policies, and maintain the security and integrity of our systems.

This processing serves our legitimate interest in protecting StyleRef, our users, and third parties from fraud, abuse, and security threats. It is also necessary to comply with legal obligations related to data security.

Legal Compliance and Protection

We process information when necessary to comply with legal obligations, respond to lawful requests from government authorities, law enforcement, or courts, enforce our Terms of Service and other agreements, protect our rights, property, and safety, protect the rights, property, and safety of our users and third parties, and prevent or investigate potential legal violations or harmful conduct.

This processing is necessary to comply with legal obligations and serves our legitimate interest in protecting legal rights and ensuring appropriate use of our services.

Communications

We use your email address to send account-related communications that are necessary for providing the service, including authentication magic links for account access, confirmations of account changes and subscription modifications, security alerts and notifications of suspicious activity, notifications of service outages or maintenance, responses to support inquiries and requests, and notifications of changes to our Terms of Service or Privacy Policy.

We may also send you optional communications if you have opted in to receive them, including product updates and new feature announcements, usage tips and educational content, and customer surveys and feedback requests. You may opt out of optional communications at any time through your account settings or using the unsubscribe link in emails.

Transactional communications are necessary to provide StyleRef and cannot be opted out while maintaining an active account. We do not send promotional marketing emails unless you have explicitly opted in, and we do not sell or share your email address with third-party marketers.

4. Information Sharing and Disclosure

We share your information only in the specific circumstances described in this section. We do not sell your personal information to third parties. We do not share your User Content with other StyleRef users. We do not use your content to benefit competitors or other customers.

Third-Party AI Service Providers

When you use AI extraction features, we transmit your submitted User Content to third-party AI service providers for processing. Current AI service providers are listed on our website and within platform settings. We select AI providers based on their security standards, data protection practices, and compliance certifications.

All AI providers we use are required by contract to process User Content only for the purpose of providing extraction services to you, not use User Content to train their own AI models or for any other purpose, implement appropriate security measures to protect User Content, comply with applicable data protection laws including GDPR and CCPA, maintain industry-standard security certifications such as SOC 2 Type II, and delete or return User Content after processing is complete according to agreed retention periods.

AI providers may be located in different countries and regions. When we transmit User Content to AI providers, we implement appropriate safeguards including data processing agreements, standard contractual clauses where required, and security requirements.

We provide at least sixty days advance notice before adding new AI providers or changing existing providers. Enterprise customers may review security documentation for AI providers and may object to provider changes that do not meet their requirements.

Infrastructure and Service Providers

We use third-party service providers to operate StyleRef infrastructure and provide supporting services. These providers have access to information only as necessary to perform their functions and are contractually obligated to protect your information and use it only for providing services to us.

Categories of service providers include cloud hosting providers for server infrastructure and data storage, authentication service providers for magic link email delivery, payment processors for subscription billing and payment handling, analytics providers for usage analysis and service monitoring, email service providers for transactional and optional communications, and security service providers for threat detection and DDoS protection.

We carefully evaluate service providers before engagement and require them to maintain appropriate security standards, comply with applicable data protection laws, and implement contractual data protection obligations. We maintain a list of subprocessors with access to personal information, which is available to enterprise customers upon request.

Business Transfers and Corporate Transactions

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring or successor entity. We will provide notice before your information is transferred and becomes subject to a different privacy policy. You will have the opportunity to delete your account and data before such transfer if you do not wish to continue under new ownership.

Any acquiring entity will be required to continue honoring the commitments made in this Privacy Policy with respect to information collected prior to the transfer, unless you consent to a new privacy policy.

Legal Requirements and Protection of Rights

We may disclose information when we believe in good faith that disclosure is necessary to comply with applicable law, regulation, legal process, or governmental request, respond to valid subpoenas, court orders, or other lawful requests for information, enforce our Terms of Service and other agreements, including investigation of potential violations, detect, prevent, or address fraud, security issues, or technical problems, or protect against harm to the rights, property, or safety of StyleRef, our users, or the public as required or permitted by law.

Before disclosing information in response to legal requests, we will assess the request to ensure it is valid and appropriately scoped. We may challenge overbroad or inappropriate requests where legally permissible. We will provide notice to affected users when legally permitted, though we may be prohibited from providing notice in certain circumstances such as valid non-disclosure orders.

Aggregated and Anonymized Information

We may share aggregated or anonymized information that cannot reasonably be used to identify you or your organization. This may include statistical information about StyleRef usage patterns, aggregate feature adoption rates, anonymized performance benchmarks, and general industry insights.

We do not attempt to re-identify anonymized information and contractually prohibit recipients from attempting re-identification.

With Your Consent

We may share information for purposes not described in this Privacy Policy when we have obtained your explicit consent to do so. We will clearly explain the purpose and recipient before requesting consent. You may withdraw consent for future sharing, though withdrawal does not affect sharing that occurred before withdrawal.

5. Data Retention and Deletion

We retain information for different periods depending on the type of information, the purpose for which it is processed, and applicable legal requirements.

User Content Retention

We retain your User Content for as long as your account remains active and for thirty days following account closure or content deletion to allow for recovery in case of accidental deletion. After this period, User Content is deleted from production systems.

User Content may persist in backup and disaster recovery systems for up to ninety days following deletion from production systems. Backup retention ensures system integrity and allows recovery from catastrophic failures. User Content is permanently destroyed from backup systems through automated processes after ninety days.

User Content subject to legal holds, litigation, government investigations, or regulatory preservation requirements may be retained beyond normal deletion periods for as long as legally required. We will notify you if your User Content is subject to extended retention for legal reasons where legally permitted.

Account and Profile Information

We retain your account information, including email address and subscription history, for as long as your account is active. If you close your account, we delete or anonymize account information within ninety days, except for information we are required to retain for legal, tax, audit, or regulatory purposes.

Financial records related to subscription payments are retained for seven years to comply with tax and financial regulations in applicable jurisdictions. Payment method information is stored by our payment processors according to their retention policies and payment card industry requirements.

Usage and Analytics Data

We retain usage logs and analytics information for varying periods based on the data type and purpose. Detailed session logs are retained for ninety days. Aggregated usage statistics are retained for two years. Security and fraud detection logs are retained for one year. Error logs and technical diagnostic information are retained for six months.

After these retention periods, usage and analytics data is deleted or aggregated and anonymized such that it can no longer identify individual users or accounts.

Cookies and Technical Data

Session cookies are deleted when you close your browser or log out. Persistent cookies are retained according to the expiration periods we set, typically ranging from thirty days to one year. You can delete cookies at any time through your browser settings.

Deleted Account Data Handling

When you close your account or request deletion of your information, we undertake the following process. Within twenty-four hours, we disable account access and cease active processing. Within thirty days, we delete User Content from production systems. Within ninety days, we delete or anonymize account information and remove data from backup systems, except for information subject to legal retention requirements.

Some residual information may remain in archived or backup systems where complete deletion is technically impractical, but this information is not actively used and is subject to the same security and confidentiality protections as active data.

Your Right to Request Deletion

You may request deletion of your information at any time by closing your account through platform settings or by contacting our privacy team. We will process deletion requests in accordance with the retention periods and legal requirements described in this section.

For enterprise accounts, organizational administrators may request deletion of User Content created by employees or contractors when employment relationships end, subject to verification of ownership rights.

6. Data Security and Protection

We implement comprehensive security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. However, no method of electronic storage or transmission over the internet is completely secure, and we cannot guarantee absolute security.

Technical Security Measures

We implement industry-standard technical safeguards including encryption of data in transit using TLS 1.2 or higher, encryption of sensitive data at rest including User Content and authentication credentials, secure authentication mechanisms including magic link generation and session management, network security controls including firewalls and intrusion detection systems, regular security patching and updates to address known vulnerabilities, and automated backup systems with encryption and access controls.

User Content stored in our systems is encrypted and access is restricted to authorized personnel who require access to perform their job functions. We do not decrypt or access User Content except as necessary to provide requested services or to respond to your support requests.

Organizational Security Measures

We implement organizational controls to protect information security, including access controls limiting employee access to personal information based on job role and need, background checks for employees with access to sensitive systems, confidentiality obligations in employment agreements requiring protection of user information, security awareness training for all employees handling user data, and incident response procedures for detecting and responding to security breaches.

Administrative access to systems containing personal information is logged and monitored. We conduct periodic access reviews to ensure access privileges remain appropriate.

Security Assessments and Certifications

We conduct regular security assessments to identify and address vulnerabilities, including annual penetration testing by qualified third parties, quarterly vulnerability scans of internet-facing systems, ongoing security monitoring and threat detection, and regular review of security controls and policies.

We maintain SOC 2 Type II certification demonstrating our commitment to security, availability, and confidentiality. Enterprise customers may request copies of our SOC 2 reports subject to confidentiality agreements.

Third-Party Security

We require third-party service providers with access to personal information to implement appropriate security measures comparable to our own. We assess provider security practices during vendor selection and conduct periodic reviews of provider security controls.

All data processing agreements with providers include security requirements, breach notification obligations, and audit rights.

Security Incident Response

In the event of a security incident that results in unauthorized access to or disclosure of personal information, we will notify affected users within seventy-two hours of confirming the incident, as required by applicable law. Notification will include a description of the incident and the information involved, steps we are taking to investigate and address the incident, measures we are implementing to prevent recurrence, and recommended actions you should take to protect yourself.

We will also notify applicable regulatory authorities as required by law. We maintain cyber liability insurance to help address consequences of security incidents.

Your Security Responsibilities

You are responsible for maintaining the security and confidentiality of your account access. You should access your account only from trusted devices and networks, not share your account access with others, log out of your account when using shared or public devices, promptly notify us of any unauthorized access or security concerns, and use strong, unique passwords for your email account used for magic link authentication.

We will never ask you for sensitive information through unsolicited emails or phone calls. If you receive suspicious communications claiming to be from StyleRef, please report them to our security team.

7. Your Privacy Rights and Choices

Depending on your location, you may have certain rights regarding your personal information under applicable data protection laws. We honor these rights as described in this section.

Access and Data Portability

You have the right to access the personal information we hold about you. Most of your information is directly accessible through your StyleRef account settings and Style Board management interface. You may request a comprehensive copy of your personal information by contacting our privacy team.

We will provide requested information in a structured, commonly used, and machine-readable format within thirty days of receiving your request. For large data sets, we may provide information in multiple installments or through secure download links.

You have the right to data portability, meaning you can receive your information in a portable format and transmit it to another service provider. We provide data export functionality within StyleRef that allows you to download your User Content, style definitions, and Style Boards at any time.

Correction and Update

You have the right to correct inaccurate or incomplete personal information. You can update most account information directly through platform settings, including your email address, subscription preferences, and account configurations. For corrections that cannot be made through the platform, contact our privacy team.

We will process correction requests within ten business days and will notify you when corrections have been completed.

Deletion and Erasure

You have the right to request deletion of your personal information, subject to certain limitations. You can delete your account at any time through platform settings, which will initiate deletion of your information according to our retention schedule described in Section 5.

You may also request deletion of specific User Content or portions of your information while maintaining your account. We will process deletion requests within thirty days, subject to legal retention requirements and technical limitations.

We may retain certain information where necessary to comply with legal obligations, resolve disputes, enforce agreements, or where retention is permitted or required by law. We will inform you if we cannot fully comply with a deletion request and will explain the reason.

Restriction of Processing

You have the right to request restriction of processing of your personal information in certain circumstances, including while we investigate a complaint about accuracy or lawfulness of processing, when processing is unlawful but you prefer restriction rather than deletion, when we no longer need the information but you need it for legal claims, or while we verify your objection to processing based on legitimate interests.

When processing is restricted, we will store the information but not actively process it except with your consent, for legal claims, to protect rights of others, or for important public interests.

Objection to Processing

You have the right to object to processing of your personal information based on our legitimate interests. Upon receiving an objection, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, or the processing is necessary for legal claims.

You have the absolute right to object to processing for direct marketing purposes. We will cease such processing immediately upon receiving your objection. You can opt out of marketing communications through your account settings or using unsubscribe links in emails.

Withdrawal of Consent

Where we process your information based on your consent rather than another legal basis, you have the right to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing before withdrawal and does not affect processing based on other legal grounds.

You can withdraw consent for optional communications, cookie usage, or other consent-based processing through your account settings or by contacting our privacy team.

Automated Decision-Making

StyleRef does not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. AI extraction is a tool that processes information you submit to provide style analysis results, but final decisions about using those results rest with you.

If we introduce automated decision-making in the future, we will update this Privacy Policy and provide appropriate information about the logic involved and the significance of such processing.

Exercising Your Rights

To exercise any of the rights described in this section, you may use the tools and settings provided within StyleRef, contact our privacy team at ..., or submit a request through our designated privacy request process described on our website.

We will respond to requests within the timeframes required by applicable law, typically within thirty days. For complex requests, we may extend the response period by an additional thirty days and will notify you of the extension and reasons.

We may need to verify your identity before processing certain requests to ensure information is disclosed only to authorized individuals. Verification may require you to provide additional information or to authenticate through your account.

We do not charge fees for processing privacy rights requests unless requests are manifestly unfounded, excessive, or repetitive, in which case we may charge a reasonable administrative fee or refuse to process the request.

Complaints and Regulatory Authority

If you believe we have not adequately addressed your privacy concerns or rights requests, you have the right to lodge a complaint with a data protection supervisory authority in your jurisdiction. For users in the European Union, European Economic Area, or United Kingdom, contact information for supervisory authorities is available through your national data protection authority.

We encourage you to contact us first so we can attempt to resolve concerns directly, but this does not limit your right to file complaints with regulatory authorities.

8. International Data Transfers

StyleRef operates globally, and your information may be processed, stored, and transferred to countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction.

Legal Basis for Transfers

When we transfer personal information from the European Union, European Economic Area, or United Kingdom to countries that have not been deemed to provide adequate data protection, we implement appropriate safeguards as required by law, including standard contractual clauses approved by the European Commission or UK Information Commissioner's Office, data processing agreements incorporating required data protection terms, organizational and technical security measures, and data subject rights mechanisms.

We maintain documentation of transfer mechanisms and safeguards, which is available to enterprise customers and data protection authorities upon request.

Data Residency Options

Standard consumer and small business accounts do not include data residency controls, and User Content may be stored and processed in any geographic region where StyleRef or our service providers operate infrastructure. Current infrastructure regions include the United States, European Union, and other locations disclosed on our website.

Enterprise customers with specific data residency requirements may purchase optional data residency controls that restrict processing to specified geographic regions. Available regions, implementation requirements, and associated fees are described in our enterprise pricing documentation. Data residency options must be configured at account creation and cannot be changed without potential data migration.

Subprocessor Locations

Our third-party AI service providers and infrastructure providers may be located in various countries. We maintain a current list of subprocessor locations, which is available on our website and provided to enterprise customers upon request. We provide notice before engaging subprocessors in new locations.

Your Consent to Transfers

By using StyleRef, you acknowledge that your information will be transferred to and processed in countries where our operations and service providers are located. We take appropriate steps to ensure transferred information receives adequate protection as described in this Privacy Policy.

9. Children's Privacy

StyleRef is not intended for use by individuals under the age of eighteen. We do not knowingly collect, use, or disclose personal information from children under eighteen.

If we become aware that we have collected personal information from a child under eighteen without verification of parental consent, we will take steps to delete that information as quickly as possible. If you believe we have collected information from a child under eighteen, please contact us immediately at ... so we can investigate and address the situation.

Parents and guardians who believe their child has provided information to StyleRef should contact us to request deletion of that information.

10. California Privacy Rights

If you are a California resident, the California Consumer Privacy Act and California Privacy Rights Act provide you with specific rights regarding your personal information.

Categories of Information

We collect the following categories of personal information as defined by California law: identifiers including email address and IP address, commercial information including subscription and payment history, internet or network activity including usage patterns and interactions, geolocation data derived from IP address, and professional or employment-related information for organizational accounts.

We do not collect sensitive personal information as defined by California law, such as social security numbers, financial account information, precise geolocation, or biometric data.

Purposes of Collection and Use

We collect and use personal information for the business and commercial purposes described in Section 3 of this Privacy Policy. We do not sell or share personal information as those terms are defined under California law. We do not use or disclose sensitive personal information for purposes other than those permitted by California law.

California Privacy Rights

California residents have the right to know what personal information we collect, use, and disclose, request deletion of personal information we have collected, correct inaccurate personal information, opt out of the sale or sharing of personal information (we do not sell or share personal information), limit use and disclosure of sensitive personal information (we do not collect sensitive personal information requiring opt-out), and not be discriminated against for exercising these rights.

Exercising California Rights

To exercise your California privacy rights, contact us at ... or through our designated privacy request process. We will verify your identity before processing requests and will respond within forty-five days, with a possible extension of up to forty-five additional days for complex requests.

We do not charge fees for processing valid California privacy rights requests. We do not discriminate against California residents who exercise their privacy rights.

Authorized Agents

California residents may designate an authorized agent to submit privacy rights requests on their behalf. Authorized agents must provide proof of authorization, and we may require the California resident to verify their identity and confirm the authorization directly with us.

11. European Privacy Rights

If you are located in the European Union, European Economic Area, or United Kingdom, the General Data Protection Regulation and UK Data Protection Act provide you with specific rights regarding your personal information.

Legal Bases for Processing

We process your personal information based on the following legal grounds. Processing is necessary to perform our contract with you when you use StyleRef, including providing account access, storing User Content, processing AI extraction requests, and managing subscriptions. Processing is necessary to comply with legal obligations, including financial record-keeping, tax compliance, and responding to lawful requests from authorities.

Processing is based on our legitimate interests where those interests are not overridden by your rights and freedoms, including improving and developing StyleRef features, ensuring security and preventing fraud, conducting analytics to understand usage patterns, and enforcing our Terms of Service.

Processing is based on your consent where we have obtained it, including optional marketing communications, certain cookie usage, and other purposes where consent is the appropriate legal basis. You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

European Privacy Rights

You have the right to access your personal information and receive information about how it is processed, rectify inaccurate or incomplete personal information, request erasure of personal information in certain circumstances, restrict processing in certain situations, object to processing based on legitimate interests or for direct marketing, receive your personal information in a portable format and transmit it to another controller, withdraw consent where processing is based on consent, and lodge a complaint with a supervisory data protection authority.

Exercising European Rights

To exercise your rights, contact our privacy team at ... or use the privacy request mechanisms described on our website. We will respond to requests within one month, with possible extensions up to two additional months for complex requests.

For users in the European Union, European Economic Area, or United Kingdom, our designated representative for GDPR inquiries can be contacted through the information provided on our website.

International Data Transfers from Europe

When we transfer personal information from the European Union, European Economic Area, or United Kingdom to other countries, we implement appropriate safeguards including standard contractual clauses and ensure adequate data protection as described in Section 8 of this Privacy Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, service features, or business operations. The effective date at the top of this Privacy Policy indicates when it was last updated.

For material changes that affect your rights or how we handle your information, we will provide at least thirty days advance notice by email to your registered account address and through prominent notice within the StyleRef platform before the changes take effect. Material changes include changes to the purposes for which we process information, changes to the types of third parties with whom we share information, reductions in retention periods or data protection safeguards, or other changes that significantly impact your privacy.

Non-material changes such as clarifications, formatting improvements, updates to contact information, or additions that provide more detail about existing practices may be made without advance notice. We will update the effective date when any changes are made.

Your continued use of StyleRef after changes become effective constitutes your acceptance of the updated Privacy Policy. If you do not agree to changes, you should discontinue use of StyleRef and close your account before the effective date.

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information.

13. Contact Information and Privacy Inquiries

If you have questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us through the following channels.

For general privacy inquiries, contact ....

For exercising privacy rights including access, deletion, or correction requests, contact ....

For security incidents or concerns, contact ....

For general support inquiries not related to privacy, contact ....

For enterprise customers with specific data protection questions, contact your designated account manager or ....

We will respond to privacy inquiries and requests within the timeframes required by applicable law and will work with you to address any concerns about your privacy and data protection.

Last Updated: February 2, 2026