Privacy & Cookie Policy

Information on Personal Data Processing

MiModa App ©
Last updated November 2025

1. Data Controller

Independent controller: Sara Capodiferro (VAT 11733240011), Italy
Contact: info@mimoda.app

2. Types of Data Processed

  • Technical data: device information, operating system, app version, IP address, error logs.
  • Approximate location data: used only to display real-time weather; the location is shared with an external weather provider solely to retrieve weather information and is not retained by MiModa.
  • User-uploaded images: photos of garments/outfits briefly sent to AI services for background removal, classification (color, category, tag), and embedding; these are not retained by MiModa beyond the technical processing time and are not used for model training.
  • Anonymous/aggregated usage data: app usage events via Firebase Analytics and Crashlytics for stability and improvement purposes.
  • The app does not require account creation and does not use external logins (Google, Apple, Facebook, etc.).

3. Purposes and Legal Bases for Processing

  • Providing app features (local weather, image analysis for cataloging): Art. 6(1)(b) GDPR – execution of (pre-)contractual measures at the user’s request.
  • Statistical analysis and improvement (Firebase/Crashlytics in anonymous/aggregated form): Art. 6(1)(f) GDPR – legitimate interest, with minimization and balancing measures.
  • Legal/compliance requirements (abuse prevention, authority requests): Art. 6(1)(c) GDPR – legal obligation.

Minors: The app is not specifically designed for children (it does not adhere to Designed for Families). We do not knowingly collect data from minors under 13; if such data collection is discovered, it will be deleted.

4. AI Services and Image Processing

Image processing is performed through EdenAI (routing to multiple providers). Providers may include: OpenAI (USA), Google Cloud Vision/Object Detection (USA), Sentisight (EU), Api4AI (EU). Images are processed solely for the requested function, are not reused for training, and are protected by DPAs and SCCs for any extra-EU transfers.

5. Weather Provider (OpenWeather)

Weather data is provided by OpenWeather. Your approximate location is sent exclusively to this service to retrieve the requested weather information.

6. Data Transfers Outside the EEA

Any transfers to non-EEA countries are carried out in compliance with the GDPR, through Standard Contractual Clauses and additional measures (such as pseudonymization).

7. Retention Periods

  • Technical/log data: maximum 12 months.
  • Images sent to AI services: retained only as strictly necessary for processing, then deleted; providers process data per their own DPA and do not reuse images for training.
  • Anonymous/aggregated analytics data: stored without a defined limit for statistical purposes.

8. Cookies and Similar Technologies

The app does not use cookies in the native code. Technical/analytics cookies may only appear on external web pages (e.g., mimoda.app or support forms). No profiling cookies without consent.

9. Push Notifications

We may send non-personalized push notifications (via Firebase Cloud Messaging). Users can disable them in their device settings.

10. Security

Data protection includes TLS in transit, access controls, application-level security measures, and restricted data access for staff/providers.

11. Data Subject Rights

Right to access, rectify, erase, restrict, object, data portability, and complain to the Data Protection Authority.
Contact: info@mimoda.app

12. Third Parties and Partners

13. Changes

This policy may be updated for regulatory or technical reasons. Users will be informed via in-app updates or website notices.