GDPR Compliance

GDPR Compliance

TryPoint is fully compliant with the General Data Protection Regulation (GDPR). This page explains how we protect shopper data and provides links to all relevant legal documents.

How TryPoint protects shopper data

Photos are not biometric data. TryPoint's AI processes photos solely to overlay garments — not to identify, authenticate, or categorize individuals. Under GDPR Recital 51 and the EU AI Act, virtual try-on is explicitly exempt from biometric data classification. Shopper photos are regular personal data under Article 6.

Consent before processing. Before uploading a photo, shoppers see a clear notice explaining what happens to their data. The upload action constitutes informed consent — no pre-ticked checkboxes. Email capture and image usage rights each require separate, independent consent.

Minimal data, short retention. Original uploaded photos are automatically deleted within 24 hours. Generated try-on images are deleted after 90 days. EXIF metadata (GPS, device info) is stripped from photos before processing. Only the photo and product image are sent to Google's AI — no names, emails, or identifiers.

Google does not train on your shoppers' photos. Uploaded photos are processed via Google's AI API and are not used to train AI models, as confirmed by Google's Data Processing Agreement.

Encryption everywhere. All data is encrypted in transit (TLS 1.2+) and at rest. Merchant data is logically isolated — one merchant cannot access another's shopper data.

AI transparency. Try-on results are labeled as AI-generated. Shoppers are informed they are interacting with an AI system, in compliance with EU AI Act transparency requirements.

Shopper rights

Shoppers can exercise their GDPR rights (access, deletion, rectification, portability, objection, consent withdrawal) by contacting you, the Merchant. As the Data Controller, you are the shopper's primary point of contact. See Handling Shopper Data Requests for the full workflow.

Your responsibilities as a Merchant

  • You are the Data Controller. You decide to enable try-on on your store, making you responsible for shopper data under GDPR.
  • TryPoint is your Data Processor. We process shopper data on your behalf, governed by our Data Processing Agreement.
  • Update your privacy policy. Your store's privacy policy should mention TryPoint as a data processor and describe the virtual try-on feature.
  • Handle shopper data requests. When a shopper contacts you about their data, verify their identity and forward the request to us at [email protected]. We fulfill it within 15 business days.

Legal documents

Document What it covers
Privacy Policy How TryPoint collects, uses, stores, and shares personal data
Data Processing Agreement (DPA) The legal agreement between you (Controller) and TryPoint (Processor) per GDPR Art. 28
Cookie Policy Cookies and tracking technologies used by TryPoint
Terms of Use General terms governing use of the TryPoint service

Sub-processors

TryPoint uses the following sub-processors to deliver the service:

Sub-processor Purpose Location
Google Cloud (Google LLC) AI virtual try-on image generation US
DigitalOcean LLC Database (structured data) Frankfurt, Germany (EU)
DigitalOcean LLC Image storage (photos, try-on results) New York City, US
Shopify Inc E-commerce platform integration Canada/US

Merchants are notified at least 14 days in advance of any changes to sub-processors.

Data retention summary

Data Retention
Original uploaded photo Deleted within 24 hours
Generated try-on image 90 days, or until Merchant deletes
UGC-consented images Until consent is withdrawn
Consent records Duration of processing + 5 years

Breach notification

In the event of a data breach, TryPoint notifies the affected Merchant within 48 hours. The Merchant notifies the relevant supervisory authority within 72 hours where required by GDPR Art. 33.

Contact

For privacy inquiries or data requests: [email protected]

For complaints: Lithuanian State Data Protection Inspectorate (VDAI) at https://vdai.lrv.lt or your local supervisory authority.

Updated April 17 2026
Frequently Asked Questions
Privacy Policy

Related articles

Privacy Policy How Shopper Data Is Handled Understanding Try-On Metrics

Was this page helpful?

Welcome to TryPoint

Welcome to TryPoint
What TryPoint Does
Who TryPoint Is For

Getting Started

Installing TryPoint
Setting Up the Try-On Button
Customizing the Button

How the AI Works

AI Technology Behind TryPoint
Supported Garment Types
Photo Requirements for Shoppers
Try-On Accuracy and Quality

Features

Email Capture
Sharing and Downloading Try-Ons
Usage Rights and AI UGC
Feedback Collection
Discount Provision
Shoppable Try-On Videos

Analytics

Analytics Overview
Understanding Try-On Metrics

Pricing and Billing

Plans and Pricing
Understanding Try-On Costs
Upgrading, Downgrading, and Cancelling

FAQ

Frequently Asked Questions

GDPR and Privacy

GDPR Compliance
Privacy Policy
How Shopper Data Is Handled