Build-a-Dress

Menu

Back to Home

Privacy Policy

Last updated: 11/30/2025

1. Introduction

Build-a-Dress ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered dress design platform. By using our service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information

We collect the following personal information to provide our services:

  • Account Information: Email address, full name, phone number
  • Address Information: Street address, apartment/unit, city, state, zip code, country
  • Body Measurements: Bust, waist, hips, shoulder width, arm length, height, and other measurements for dress fitting
  • Design Preferences: Style descriptions, fabric choices, color preferences, and other design specifications
  • Payment Information: Processed securely through Stripe (we do not store credit card details)

2.2 AI-Generated Content

Our platform uses artificial intelligence to generate dress designs based on your input:

  • Design Prompts: Text descriptions you provide for dress designs
  • Generated Images: AI-created dress designs based on your specifications
  • Style Preferences: Your selections for dress length, sleeve style, neckline, etc.

2.3 Usage Data

We automatically collect certain information about your use of our platform:

  • Transaction History: Credit purchases, dress orders, and payment records
  • Communication Data: Messages between you and manufacturers, support communications
  • Platform Activity: Design submissions, gallery views, and feature usage
  • Technical Data: IP address, browser type, device information, and usage patterns

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To create and deliver your custom dress designs
  • AI Training: To improve our AI design generation capabilities (anonymized data only)
  • Manufacturer Matching: To connect you with appropriate seamstresses
  • Payment Processing: To handle transactions and manage your account
  • Customer Support: To respond to inquiries and provide assistance
  • Quality Improvement: To enhance our platform and services
  • Legal Compliance: To meet regulatory requirements and protect our rights

4. AI and Machine Learning

🤖 AI Design Generation

Our platform uses advanced AI to generate dress designs based on your descriptions and preferences. Here's how we handle AI-related data:

  • • Input Processing: Your design descriptions are processed by our AI to generate visual designs
  • • Model Training: Anonymized data may be used to improve our AI models (no personal information included)
  • • Design Storage: Generated designs are stored securely and associated with your account
  • • Quality Control: We monitor AI outputs to ensure quality and appropriateness
  • • Content Usage: All images and designs generated on our platform are intellectual property owned by Build-a-Dress and may be used by us for any purpose, including marketing, advertising, and platform improvement. See our Service Agreement for complete details on intellectual property rights.
  • • Automated Decision-Making: Our AI system makes automated decisions when generating dress designs based on your input. You have the right to request human review of any automated decision, contest the decision, and express your point of view. The automated processing is necessary for contract performance (providing the service you requested).
  • • AI Processing Logic: Our AI analyzes your design descriptions, style preferences, and measurements to generate visual designs. The system uses machine learning algorithms trained on design patterns, fabric characteristics, and style elements. You can request information about the logic involved in automated processing and the significance and consequences of such processing.

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in the following circumstances:

  • Manufacturers: Selected dress measurements and design specifications are shared with approved seamstresses to create your dress
  • Service Providers: Trusted third parties who assist in payment processing (Stripe), hosting, and analytics
  • Legal Requirements: When required by law or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Consent: With your explicit consent for specific purposes

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

  • Encryption: All data is encrypted in transit and at rest
  • Access Controls: Strict access controls and authentication measures
  • Secure Infrastructure: Hosted on secure cloud infrastructure with regular security updates
  • Payment Security: Payment processing through PCI-compliant Stripe
  • Regular Audits: Regular security assessments and vulnerability testing

7. Data Breach Notification

In the event of a data breach that compromises your personal information, we are committed to:

  • Timely Notification: Notifying affected users and relevant authorities as required by applicable law, without unreasonable delay after becoming aware of the breach
  • Notification Methods: Providing notice via email to the address associated with your account, or through prominent notice on our platform if email is not available
  • Breach Information: Disclosing the nature of the breach, the types of information that may have been compromised, and the steps we are taking to address the breach
  • Remediation Steps: Taking immediate steps to secure your information, including investigating the breach, containing the incident, and implementing additional security measures to prevent future breaches
  • Recommendations: Providing guidance on steps you can take to protect yourself, such as changing passwords or monitoring your accounts

Our Commitment: We maintain incident response procedures and will act promptly to investigate, contain, and remediate any security incident. We will comply with all applicable data breach notification laws, including but not limited to state breach notification laws and GDPR requirements where applicable.

8. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Account Data: Retained while your account is active and for a reasonable period after deactivation
  • Design Data: Stored for the duration of your account and for a period after deactivation to support potential reorders
  • Transaction Records: Retained as required for tax and legal compliance purposes
  • Communication Data: Stored for a reasonable period to maintain service quality and support
  • AI Training Data: Anonymized data may be retained for model improvement and service enhancement

Specific retention periods may vary based on legal requirements, business needs, and the type of information. We will delete or anonymize your personal information when it is no longer needed for the purposes outlined in this policy.

9. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Portability: Request a copy of your data in a portable format
  • Opt-out: Unsubscribe from marketing communications
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing of your personal information based on legitimate interests
  • Withdraw Consent: Withdraw consent for processing where consent is the legal basis

9.1 GDPR-Specific Rights (EU Residents)

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Obtain confirmation of whether we process your personal data and access to that data, including information about processing purposes, categories of data, and data retention periods
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data when it is no longer necessary, you withdraw consent, or processing is unlawful
  • Right to Restrict Processing: Request limitation of processing in certain circumstances, such as when you contest data accuracy
  • Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
  • Rights Related to Automated Decision-Making: Not be subject to decisions based solely on automated processing that significantly affects you, with the right to human intervention

Legal Basis for Processing: We process your personal data based on the following legal bases: (1) Contract performance (to provide our services), (2) Legitimate interests (platform improvement, security, fraud prevention), (3) Consent (marketing communications, certain AI training), and (4) Legal obligations (tax records, compliance).

Exercising Your Rights: To exercise any of these rights, please contact us at support@build-a-dress.com with the subject line "GDPR Rights Request." We will respond within one month (or as required by law).

Right to Lodge a Complaint: If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority. For UK residents, this is the Information Commissioner's Office (ICO). For EU residents, you can find your supervisory authority at https://edpb.europa.eu.

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell (if applicable). You may request information about the categories of personal information collected, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share information.
  • Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions (e.g., information necessary to complete a transaction, comply with legal obligations, or maintain security).
  • Right to Opt-Out of Sale/Sharing: We do not sell your personal information. However, if we engage in activities that constitute "sharing" under California law, you have the right to opt-out of such sharing.
  • Right to Correction: You have the right to request correction of inaccurate personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights, including by denying service, charging different prices, or providing a different quality of service.
  • Right to Limit Use of Sensitive Information: You have the right to limit our use of sensitive personal information to that which is necessary to provide our services.

Exercising Your Rights: To exercise any of these rights, please contact us at support@build-a-dress.com with the subject line "California Privacy Rights Request." We will verify your identity before processing your request and respond within 45 days (or as required by law).

Authorized Agents: You may designate an authorized agent to make requests on your behalf. We will require proof of authorization and verification of your identity.

Categories of Personal Information: In the past 12 months, we have collected the following categories of personal information: identifiers (name, email, phone), commercial information (purchase history), biometric information (body measurements), internet activity (usage data), and geolocation data (address information). We collect this information for business purposes including service delivery, payment processing, and platform improvement.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for platform functionality and security
  • Analytics Cookies: Help us understand how users interact with our platform
  • Preference Cookies: Remember your settings and preferences
  • Session Management: Maintain your login session and security

You can control cookie settings through your browser preferences, though disabling certain cookies may affect platform functionality.

12. Third-Party Services

Our platform integrates with trusted third-party services to provide various functionalities:

  • Payment Processors: Secure payment processing and transaction management
  • Cloud Services: Data storage, hosting, and infrastructure services
  • AI Services: Artificial intelligence and machine learning capabilities
  • Communication Services: Email, messaging, and notification systems

These services are carefully selected for their security, reliability, and privacy standards. Each third-party service has its own privacy policy, and we encourage you to review them. We only share information with these services as necessary to provide our platform functionality.

13. Children's Privacy

Our platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

14. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this privacy policy and applicable laws.

15. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on our platform and updating the "Last updated" date. Your continued use of our service after such changes constitutes acceptance of the updated policy.

16. Contact Information

If you have questions about this privacy policy or our data practices, please contact us:

Email: support@build-a-dress.com

Subject: Privacy Policy Inquiry