Last updated: 2026-05-22
This is the privacy policy for Luqora — a private personal-style collection app. We've tried to write it in plain language. If something here is unclear, contact support@luqora.app.
| Data | When | Where it's stored |
|---|---|---|
| Items you save (name, brand, note, optional details) | When you save an item while signed in | Supabase (Postgres, Frankfurt EU) |
| Photos you attach to items | When you save a photo while signed in | Supabase Storage (private bucket, Frankfurt EU) |
| Email address + display name | When you sign in via Apple or Google | Supabase Auth |
| Authentication identity | Persisted from Apple/Google sign-in | Supabase Auth |
| Subscription status | When you subscribe to Luqora Pro | RevenueCat + our database |
| Crash and error reports — only if you opt in | When the app crashes | Sentry (anonymous, no PII) |
| Usage statistics — only if you opt in | When you grant analytics consent | PostHog (anonymous app-level events) |
| Device biometric (Face ID / Touch ID) | If you enable App Lock in Settings | Stays on your device — Apple's Secure Enclave |
| Push notification token | If you enable any notification category | Supabase (Frankfurt EU) — revocable by disabling notifications anytime |
| Push notification preferences (opt-in flags, quiet hours, timezone) | When you change a notification setting | Supabase (Frankfurt EU) |
We don't collect:
We do not use your data for advertising, profiling for advertising, or training AI models.
These services receive specific data on our behalf to provide a feature you've asked for. They cannot use it for their own purposes.
| Processor | What we send | Why |
|---|---|---|
| Supabase (database, auth, storage) — Frankfurt, EU | Your account, items, photos | Cross-device sync |
| Apple, Google — United States | Your sign-in token | OAuth sign-in only — we never receive your password |
| Anthropic (Claude API) — United States | Photos you tap "Auto-fill" on, plus item photos you ask the AI to use when composing or refining an outfit | AI-suggested item details and outfit recommendations. Anthropic's API does not use these images to train their models; they retain them for up to 30 days for trust-and-safety review then delete them. |
| RevenueCat — United States | Your account ID + subscription state | Manages App Store subscriptions across devices |
| Sentry — Germany | Stack traces, device model, OS version, anonymous device ID | Crash diagnostics. No user content. Only sent when you've opted in. |
| PostHog — United States | Anonymous app-level events tied to your account ID | Product analytics, only when you've opted in |
Style Check lets you share an outfit with someone (a friend, a partner) so they can vote on it, suggest changes, or pick a look for you. When you create a Style Check:
If you don't use Style Check, nothing about your items is shared with anyone.
EU/UK users have additional rights under GDPR: access, rectification, erasure, restriction, portability, and the right to object. The "Export" and "Delete" controls satisfy access, erasure, and portability. For any other request, email support@luqora.app.
California users have additional rights under CCPA: to know, to delete, to opt-out. We do not sell personal information.
For users in the EU/UK: data sent to processors outside the EU (United States) is covered by Standard Contractual Clauses (SCCs) under each processor's data-processing agreement.
Luqora is not directed at children under 13 (or 16 in jurisdictions where that's the minimum). We do not knowingly collect data from children. If you believe a child has provided us with information, contact support@luqora.app and we'll delete it.
If we change this policy, we'll update the "Last updated" date and, for any material change, prompt you in the app on next launch.
For any questions about this policy or general support: support@luqora.app
Luqora is built and maintained by Hasan Rabba (Signarm).