Back to Home

Privacy Policy

Last updated: January 22, 2025

1. INTRODUCTION

LaunchX GmbH ("we", "us", or "our") operates the Brutal Coach application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. DATA CONTROLLER

The data controller responsible for your personal data is:

LaunchX GmbH

Lärchenstraße 12
84032 Landshut
Germany

Email: info@launch-x.de

3. INFORMATION WE COLLECT

We collect information that you provide directly to us:

Account Information

When you create an account, we collect your email address and name (if provided). Authentication is handled by Clerk, our third-party authentication provider.

Outfit Images

When you use our Service, you upload images of your outfits for AI analysis. These images are processed to provide styling feedback and are stored temporarily for Service functionality.

Usage Data

We automatically collect certain information about your device and how you interact with our Service, including device type, operating system, and app usage patterns.

Subscription Information

If you subscribe to our premium features, payment processing is handled by Apple (App Store) or Google (Play Store) through RevenueCat. We receive subscription status but not payment details.

4. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our Service
  • To process your outfit images and generate AI-powered styling feedback
  • To manage your account and provide customer support
  • To send you technical notices and security alerts
  • To comply with legal obligations
  • To protect against fraudulent or illegal activity

5. LEGAL BASIS FOR PROCESSING (GDPR)

Under the GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our Service to you
  • Consent: Where you have given explicit consent for processing (e.g., uploading images)
  • Legitimate Interests: For improving our Service and ensuring security
  • Legal Obligation: When required to comply with applicable laws

6. DATA SHARING AND THIRD-PARTY SERVICES

We share your information with the following third-party service providers:

OpenAI

Your outfit images are processed using OpenAI's API for AI analysis. OpenAI processes data according to their privacy policy and does not use your images for training purposes.

Amazon Web Services (AWS)

We use AWS S3 for secure, encrypted image storage. AWS is a GDPR-compliant service provider with servers in the EU.

Clerk

Handles user authentication and account management. Clerk is GDPR-compliant and processes data according to their privacy policy.

RevenueCat

Manages subscription status and in-app purchases. RevenueCat does not receive or process your outfit images.

7. DATA RETENTION

We retain your personal data only for as long as necessary:

  • Account data: Retained until you delete your account
  • Outfit images: Retained for service functionality; you can delete individual analyses at any time
  • Usage data: Retained in anonymized form for analytics purposes
  • After account deletion, your data is permanently removed within 30 days

8. YOUR RIGHTS (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restriction: Request limitation of processing
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, please contact us at info@launch-x.de. We will respond to your request within 30 days.

9. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication through Clerk
  • Regular security assessments and updates
  • Access controls limiting who can access your data
  • Secure cloud infrastructure through AWS

10. INTERNATIONAL DATA TRANSFERS

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), specifically the United States, where some of our service providers operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs), to protect your data in accordance with GDPR requirements.

11. CHILDREN'S PRIVACY

Our Service is not intended for users under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. SUPERVISORY AUTHORITY

If you are in the EU and believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

14. CONTACT US

If you have any questions about this Privacy Policy or our data practices, please contact us:

LaunchX GmbH

Lärchenstraße 12
84032 Landshut
Germany

Email: info@launch-x.de